21.2. Using an Apache Tomcat Valve

JBoss Application Server embeds Apache Tomcat as the default servlet container. Tomcat provides a builtin SSO support using a valve. The Single Sign On Valve caches credentials on the server side, and then invisibly authenticate users when they reach different web applications. Credentials are stored in a host-wide session which means that SSO will be effective throughout the session.

21.2.1. Enabling the Apache Tomcat SSO Valve

To enable SSO valve in Apache Tomcat you should uncomment the following line
<Valve className=’org.apache.catalina.authenticator.SingleSignOn’/>
in the $JBOSS_HOME/server/default/deploy/jboss-web.deployer/server.xml file. More information can be found here.