I've had a look at openSSO, but it seems as if we can't use our existing user/role database.
So we are thinking about an own single sign on solution.
Does anybody know, how I can override the points, where the glassfish checks if the current session is authenticated (we try to keep the glassfish security layer)?
So we have to check a cookie set by the web application the user authenticates at.
[Message sent by forum member 'dh2k7' (dh2k7)]
http://forums.java.net/jive/thread.jspa?messageID=283337