We are having a web application ( App1 ) deployed in Weblogic.
On which we will be exposing a URL, which will redirect the user from App1 to another application deployed in WebSphere ( App2 ).
We would like to implement the single sign on here.
So when we redirect we are passing user id and session id appended in the URL to App2.
The same user id and session id is also stored in the database of App1 at the time of user log in.
The App2 makes a return Web service call to verify whether the user id and session is valid in App1.
A web service is exposed in another deployment ( App3 ) within weblogic. That will connect to App1 database and validate the session.
Once App1 redirects the request to App2. App2 start its on HttpSession in websphere.
However we need to keep the session alive in App1 as long as he is accessing App2 so that once the user comes back from App2 to App1,
He does not get session timeout issue.
We have thought of two options:
1) App2 makes a HTTP call in the background so that App1 can refresh the session.
2) App2 makes a web service call to App3 along with user id and session id.
Using the session id App3 refreshes the session. ( Not sure how to get session using session id of another deployment)
Please advice what is the best possible solution to keep the session alive?