Reputation: 1542
Cross domain authentication with grails and spring security
I am working on grails app that will run under two domain names, two separate web servers using the same database server so all the data is shared and is the same for both domains. The app is identical on both domains with only serverURL setting being different in Config.groovy and a css file. I am using spring-security plugin for authentication.
In short what I need is when a user logs in to see domain1.com/account, user should be able to go to domain2.com/account and still be logged in to see the same information.
All logins are not through twitter/facebook sign in nor OpenID functionality, rather accounts are created within my app using spring-security.
I do not think its possible to make this work with cookies since they are domain specific and there is no way to access cross domain cookies via web app, correct me if I am wrong.
One of the solutions I was thinking of trying is to make sure there is session replication between the two web servers using tomcat clustering for example and forcing URL re-writing on domain switch so the session is located by the other server. This solution, however, is my last option since the session information will be lost if visitor decides to type in domain2.com after being authenticated at domain1.com, instead of clicking on a URL re-written link.
Any ideas, suggestions? Thanks
Upvotes: 2
Views: 1260
Answers (1)
Related Questions
- Accesing LoggedIn User Info outside Grails Application Using Spring Security Core PlugIn
- Authentication using Grails Spring Security REST Plugin
- Grails spring security core allow authentication from url
- Grails Spring-Security Confustion
- Adding REST authentication to Grails + SpringSecurity browser app
- grails login verification
- grails spring security core
- Domain classes in grails
- Authenticate user using external webservice in grails
- External user domain in grails