Show Table of Contents
17.3. Choose the Right SSO Implementation
JBoss EAP 6 runs Java Enterprise Edition (EE) applications, which may be web applications, EJB applications, web services, or other types. Single Sign On (SSO) allows you to propagate security context and identity information between these applications. Depending on your organization's needs, a few different SSO solutions are available. The solution you use depends on whether you use web applications, EJB applications, or web services; whether your applications run on the same server, multiple non-clustered servers, or multiple clustered servers; and whether you need to integrate into a desktop-based authentication system or you only need authentication between your applications themselves.
Kerberos-Based Desktop SSO
If your organization already uses a Kerberos-based authentication and authorization system, such as Microsoft Active Directory, you can use the same systems to transparently authenticate to your enterprise applications running in JBoss EAP 6.
Non-Clustered and Web Application SSO
If you need to propagate security information among applications which run within the same server group or instance, you can use non-clustered SSO. This only involves configuring the valve in your application's jboss-web.xml descriptor.
Clustered Web Application SSO
If you need to propagate security information among applications running in a clustered environment across multiple JBoss EAP 6 instances, you can use the clustered SSO valve. This is configured in your application's jboss-web.xml.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.