Single Sign On allows web applications to share the same authentication state.

GlassFish v2 supports virtual server level Single Sign On (SSO). Web applications with the same authentication realm in a given virtual server can share the authentication state in GlassFish v2.

GlassFish 3.1 supports SSO failover at cluster level. So one has high availability for Single Sign On in a virtual server of a cluster in GlassFish 3.1.

One can set up the SSO failover in a cluster easily as follows:

  1. Create and start a cluster.
         For instance, one can create a cluster with two instances having ports 18080 and 28080 respectively as follows:
                  asadmin create-cluster ${CLUSTER_NAME}
         asadmin create-local-instance --cluster ${CLUSTER_NAME} --systemproperties HTTP_LISTENER_PORT=18080 instance1
         asadmin create-local-instance --cluster ${CLUSTER_NAME} --systemproperties HTTP_LISTENER_PORT=28080 instance2
         asadmin start-cluster ${CLUSTER_NAME}    
  3. Enable SSO in a virtual server of the given cluster.
         asadmin set ${CLUSTER_NAME}.http-service.virtual-server.${VIRTUAL_SERVER}.sso-enabled=true
  5. Enable SSO failover for the given cluster.
         asadmin set ${CLUSTER_NAME}.availability-service.web-container-availability.sso-failover-enabled=true
  7. Use a cluster level realm for web applications.
         For instance, one can create a cluster level file realm user as follows:
                      echo AS_ADMIN_USERPASSWORD=${A_PASSWORD} > pwdfile
         asadmin create-file-user --target ${CLUSTER_NAME} --authrealmname file --passwordfile pwdfile --groups ${A_GROUP} ${A_USER}        
  9. Specify <security-constraints>     and <login-config> in web.xml and     <security-role-mapping> in glassfish-web.xml as         in any security web application. Note that all web applications participating in         a SSO session must use the same realm. In addition, one has to specify         <distributable/> in web.xml of web applications.        
  11. Deploy web applications with --availabilityenabled=true.
                      asadmin deploy --target ${CLUSTER_NAME} --availabilityenabled=true ${A_WAR}

Download GlassFish 3.1 and try it today!