I've implemented my Application like shown in this Example
http://spring.io/blog/2015/01/20/the-resource-server-angular-js-and-spring-security-part-iii
There is a UiApplication
(Port 8080) and two ResourceApplication
s (Port 8090 and 9000)
The authentication works like shown in the Example with Spring Session and Redis.
My szenario is:
User is logged into UiApplication
User send request to ResourceApplication
A
ResourceApplication
A recieves request and want to consume ResourceApplication
B
My Problem: ResourceApplication
A gets 401 Unauthorized from ResourceApplication
B
Is it possible to use the session of the user who sent the request to ResourceApplication
A?
Don't really seem like it is the session you want to reuse. But the token for the authentication system. Either way it is something you'd inject in the headers you send to ResourceApplication B.
If you are using RESTTemplate's I suppose you could use a ClientHttpRequestInterceptor so you don't have to do it for each call.