tags:

views:

157

answers:

4
Q: 

J2EE integration with .NET for authentication

I have a Java Enterprise Edition web application, a standard WAR. I want to integrate this with an existing .NET infrastructure running IIS. To be specific, I need to be able to share user sessions between the two applications in some secure manner.

Is there a "standard" way of doing this?

Edit: I do not need full session sharing, sorry for not pointing that out. What I need to be able to do is to check if a user is authenticated with the .NET application when she connects to the J2EE application.

A: 

Very doubtful.

You'd have to persist session state to a third component, such as a database. I doubt that the built-in providers for either infrastructure are at all similar (as far as schemas, etc); so you'd like have to create your own.

This does not sound like it would be a fun thing to do.

matt b  2009-05-07 13:33:32
Ok, my answer is probably no longer applicable now that you've clarified you are just interested in single-signon.
matt b  2009-05-07 13:42:56
delete it or change it?
01  2009-05-07 13:49:19
+1  A: 

Create a .NET web service (using WCF, of course) to return whether a user is authenticated. Then call that web service from the J2EE application.

John Saunders  2009-05-07 13:42:04
Is there a way to do this without the user having to write in any credentials? I was thinking about some form of cookie stealing, but the same origin policy applies to ports as well as domains if I'm not mistaken..
Jacob Hansson  2009-05-07 13:44:47
I don't know enough about J2EE to answer this. I presume you'd somehow have to communicate the .NET session id to Java so it could supply that in the web service call.
John Saunders  2009-05-07 13:48:35
A: 

If they will run on the same server, you will need an isapi redirect filter, like the isapi_redirect.dll that comes with Tomcat.

R Ubben  2009-05-07 14:11:43
A: 

This open source library, http://spnego.sourceforge.net, will enable your java app to do transparent/integrated windows authentication.

It's installed as a servlet filter so you will not have to write any code.

Pat Gonzalez  2009-11-16 09:19:51

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?