How to Implement SSO on existing tomcat web application

Question

I have a tomcat 7 setup with oldApp.war and newApp.war deployed on it. Both the applications share the same login credentials for users on the database.

I can acces

Answer 1

You can implement SSO in many different ways:

1. Oauth 2 - http://oauth.net/2/
2. SAML 2 - https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security

SAML 2.0 has many implementations for Identity/Service provider roles.

For an IDP implementations list I can point you to this stackoverflow post: https://stackoverflow.com/a/761774/126414

If you are planning to implement a service provider there is a nice spring extension: http://static.springsource.org/spring-security/site/extensions/saml/index.html