Re: Design for single database, multiple applications
Re: Design for single database, multiple applications
- Subject: Re: Design for single database, multiple applications
- From: Simon <email@hidden>
- Date: Tue, 10 Aug 2010 09:04:37 +0100
> Is there a WebObjects-way of passing sessions between applications or
> is it simply a case if using a manually created cookie with an
> encrypted username and somehow safely providing a time-limited
> credential?
I once broke up an application into two for the same reason you are considering. I have regretted it ever since. It uses more memory on the server (more app instances) and you have the problem of different sessions on different applications.
If you really want single sign on, look at something like Cosign, or WebAuth or Shibboleth.
we have taken the several apps approach. internally we have 8 WO apps and we use OpenID for single-sign-on, authenticating against our google apps domain.
remember that single-sign-on just means you don't have to sign in to each app over and over again - it doesn't mean you have an app-wide WO session. it's really just a convenience, but an absolute must in my opinion if you are going down the multiple app route.
we have been toying with the idea of putting in our own cross-app session type thing - i.e. a database-persisted dictionary of key-value pairs accessible via a some kind of session key / app name key. not got beyond the thinking stage yet though...
simon
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden