I am trying to create a single sign-on application (on server #3, let's call this S3) with automated sign-ons to the following servers (S1 and S2) from S3:

1. IIS server with login.asp page, upon automated sign-on, to redirect to main.asp page. This is S1.

2. Tomcat server with login.class applet that accepts a signature filepath, userid, password, and upon automated sign-on, to redirect to another html page. The applet first accepts the signature filepath, then shows another screen to accept userid and password. This is S2.

Anyone has any idea how I can go about doing this? Is this possible in the first place? S1 and S2 are on https, does this matter?

Some constraints I have:
- S1 and S2 is as-is, and cannot be modified
- there are no APIs exposed on S1 and S2

Any advice is much appreciated, thanx!