Single Login for several applications.

Hi,
We have an Application for credit approvals in our bank, and initially it had 3 basic sections as,
1.Credit Facility Papers
2.Housing Loans Papers
3.Covering Approvals papers.

Unfortunately, a lot of programmers have involved and have ruined everything with malicious coding, due to poor documentations. Of course we don't have a single technical document today for further developments or fixing bugs. Many programmers have written their own methods, hence the same operation is executed in several places with several methods. After I undertake this application I added two modules more for Imports & exports, but because of the interdependency of the above mentioned 3 sections and the home page of the application, it was very hard to plug these two modules without any conflict.

So now we are thinking to develop a new version of this product with EJB 3.0 + JSF, so that it would help future developments with a few new and essential requirements. In this case I want to suggest our team to minimize (or rather get rid of) the interdependency between and among each module; even though we need to provide a common login for these five applications.

Is there any better technique to develop these 5 section as 5 separate applications and implement a single login for all of these applications? Just like we use several applications on facebook even if we log in only for once. If you have time, please recommend me the best or a better technique to do this as better as I can do. Or else I shall be so much thankful if you can provide some links for the sources.

There are several possibilities that could help you out. Most application servers have single signon capabilities. For example, Tomcat has the SingleSignOn valve. Most other app servers have the same type of thing. This would allow you to have shared credentials across all of the applications.

Additionally, you may be able to take advantage of something like OpenID. You can host your own server and then many applications within your environment can authenticate against the same place. This can be Java or web or other applications.

But overall it sounds like you need to create a single authentication library for all of the different applications to use. This library would take advantage of a particular method that could change in the future if needed without needing to change the application code. All of the applications would use this library so that it would centralize the maintenance of the library.

And as a follow on, in any large application like you're describing it is often very useful to have a "tools" team (even a team of one) to create and maintain the building blocks of the system. These are common tools that all applications are expected to use. Authentication is a great one for this. Logging, database access, maybe configuration management, and so on are all part of this tools team. Perhaps the tools are all based on a framework such as Spring but at least they are not recreated for each vertical application.

This message was edited 1 time. Last update was at 04/06/2010 20:48:06

Thank you very much 'stdunbar',
I really appreciate your helps since the day I joined this forum!!!

I really want to use a single login screen and a home page for all of these 5 applications (Just like a portlet). When the user logged in, he would be provided 5 links to access these 5 applications without logging in again. But the same session should be maintained, just like facebook & google does. It's maintaining same user authentication & login details for all of these applications, until the user logs out.

Physically, these 5 application EAR files and the common portlet EAR should be hosted separately in the application server.

Thanks!!!