Since version 1.1.0 Gretty supports single sign-on (SSO) on Jetty and Tomcat realms.

Single sign-on is enabled when:

  • You set farm.singleSignOn property to true.

  • You configure all webapps to use the same realm and realmConfigFile.

Jetty-specific single sign-on configuration

farm {
  servletContainer = 'jetty9'
  singleSignOn = true
  realm = 'myRealm' // required
  realmConfigFile = 'jetty-realm.properties' // optional
  webapp ':ProjectA'
  webapp ':ProjectB'
}

In this example we configure two web-apps - ProjectA and ProjectB - to use single sign-on to the same realm "myRealm" defined in realm configuration file "jetty-realm.properties".

Jetty-specific realmConfigFile resolution rules are described in Jetty security realms.

Tomcat-specific single sign-on configuration

farm {
  servletContainer = 'tomcat8'
  singleSignOn = true
  realm = 'myRealm' // required
  realmConfigFile = 'tomcat-users.xml' // optional
  webapp ':ProjectA'
  webapp ':ProjectB'
}

In this example we configure two web-apps - ProjectA and ProjectB - to use single sign-on to the same realm "myRealm" defined in realm configuration file "tomcat-users.xml".

Tomcat-specific realmConfigFile resolution rules are described in Tomcat security realms.

Single sign-on and product generation

Gretty fully supports single sign-on with product generation. Gretty sources contain the following examples of multiple web-apps with single sign-on:

All you have to do is to run gradle buildProduct and try running the generated products in "buildDir/output" subdirectory.