We are currently implemention Single Sign On for our application. This implementation is using approach of 2 Sun AIM setup, 1st to authenticate intranet, and 2nd to authenticate internet access.
We are facing issue while implementing multiple SSO with JBOSS. Here is the details to scenario;
1. In the 1st setup of SSO, we have used Apache Tomcat to HOST SSO, and JBOSS is integrated with this SSO using tomcat authetication volve. This is working fine.
2. In the 2nd setup SSO, we have Apache HTTP server with Sun Policy Web Agent protecting resource hosted on JBOSS by authenticating web users. In this scenario, once the users are authenticated, the request is forwarded to Portal. But portal is not able to identify SSOKTokenID in session.
Ideally Portal needs to be configured in such a way that if request are directly hit to portal then it needs to authenticate users from 1st SSO setup. And for web users, requests are forwarded to portal from apache post authication from 2nd SSO setup, then Portal shall identify token to mark the same as valid user sessions.
Any help in this regard is appreciated.