Red Hat Training

A Red Hat training course is available for Red Hat JBoss Enterprise Application Platform

12.2. About Clustered Single Sign On (SSO) for Web Applications

Single Sign On (SSO) is the ability for users to authenticate to a single web application, and by means of a successful authentication, will successfully authenticate to multiple other applications without needing to be prompted at each one. Clustered SSO stores the authentication information in a clustered cache. This allows for applications on multiple different servers to share the information, and also makes the information resilient to a failure of one of the hosts.
Some of the supported SSO mechanisms (for example, Kerberos, PicketLink SAML) need valves to work correctly. Valves have a similar function as the servlet filters, but they are processed before the container managed authentication. Valves for web applications can be defined in the jboss-web.xml deployment descriptor.