Single Sign On

DIF1.x Integration Module provides SSO between both DIFs.

Either DIF is prepared to pass on to the other a bean object through the HTTPSession with SSO Info.

This will enable the other DIF when no user has yet authenticated on it to bypass the normal authentication process and use this info to automatically authenticate. This process has a few requisites in order for it to work:

  • Both DIF applications (in DIF1 and DIF2) must share the same context root (packaged in a single WAR file), since they share the same HTTPSession
  • Both DIF frameworks must be configured to use the sabe LDAP directory or a commonly supported Identity Manager, since the SSO will only work if the same username/password exists in both DIFs.