| org.apache.catalina.authenticator.SingleSignOn
 org.apache.catalina.ha.authenticator.ClusterSingleSignOn
| ClusterSingleSignOn | | public class ClusterSingleSignOn extends SingleSignOn (Code) | | A Valve that supports a "single sign on" user experience on
each nodes of a cluster, where the security identity of a user who successfully
authenticates to one web application is propogated to other web applications and
to other nodes cluster in the same security domain. For successful use, the following
requirements must be met:
- This Valve must be configured on the Container that represents a
virtual host (typically an implementation of
Host).
- The
Realm that contains the shared user and role
information must be configured on the same Container (or a higher
one), and not overridden at the web application level.
- The web applications themselves must use one of the standard
Authenticators found in the
org.apache.catalina.authenticator package.
author:
Fabien Carrion |
| Field Summary | |
| protected static String | info
Descriptive information about this Valve implementation. | | protected int | messageNumber
|
| Method Summary | |
| protected void | associate(String ssoId, Session session)
Notify the cluster of the addition of a Session to
an SSO session and associate the specified single
sign on identifier with the specified Session on the
local node. | | protected void | associateLocal(String ssoId, Session session)
| | protected void | deregister(String ssoId, Session session)
Notify the cluster of the removal of a Session from an
SSO session and deregister the specified session. | | protected void | deregister(String ssoId)
Notifies the cluster that a single sign on session
has been terminated due to a user logout, deregister
the specified single sign on identifier, and invalidate
any associated sessions on the local node. | | protected void | deregisterLocal(String ssoId, Session session)
| | protected void | deregisterLocal(String ssoId)
| | public CatalinaCluster | getCluster()
| | public String | getInfo()
Return descriptive information about this Valve implementation. | | protected void | register(String ssoId, Principal principal, String authType, String username, String password)
Notifies the cluster of the creation of a new SSO entry
and register the specified Principal as being associated
with the specified value for the single sign on identifier. | | protected void | registerLocal(String ssoId, Principal principal, String authType, String username, String password)
| | protected void | removeSession(String ssoId, Session session)
Remove a single Session from a SingleSignOn and notify the cluster
of the removal. | | protected void | removeSessionLocal(String ssoId, Session session)
| | public void | setCluster(CatalinaCluster cluster)
| | public void | start()
Prepare for the beginning of active use of the public methods of this
component. | | public void | stop()
Gracefully terminate the active use of the public methods of this
component. | | public String | toString()
Return a String rendering of this object. | | protected void | update(String ssoId, Principal principal, String authType, String username, String password)
Notifies the cluster of an update of the security credentials
associated with an SSO session. | | protected void | updateLocal(String ssoId, Principal principal, String authType, String username, String password)
|
| info | | protected static String info(Code) | | Descriptive information about this Valve implementation.
|
| messageNumber | | protected int messageNumber(Code) | | |
| associate | | protected void associate(String ssoId, Session session)(Code) | | Notify the cluster of the addition of a Session to
an SSO session and associate the specified single
sign on identifier with the specified Session on the
local node.
Parameters:
ssoId - Single sign on identifier
Parameters:
session - Session to be associated |
| deregister | | protected void deregister(String ssoId, Session session)(Code) | | Notify the cluster of the removal of a Session from an
SSO session and deregister the specified session. If it is the last
session, then also get rid of the single sign on identifier on the
local node.
Parameters:
ssoId - Single sign on identifier
Parameters:
session - Session to be deregistered |
| deregister | | protected void deregister(String ssoId)(Code) | | Notifies the cluster that a single sign on session
has been terminated due to a user logout, deregister
the specified single sign on identifier, and invalidate
any associated sessions on the local node.
Parameters:
ssoId - Single sign on identifier to deregister |
| deregisterLocal | | protected void deregisterLocal(String ssoId)(Code) | | |
| getInfo | | public String getInfo()(Code) | | Return descriptive information about this Valve implementation.
|
| register | | protected void register(String ssoId, Principal principal, String authType, String username, String password)(Code) | | Notifies the cluster of the creation of a new SSO entry
and register the specified Principal as being associated
with the specified value for the single sign on identifier.
Parameters:
ssoId - Single sign on identifier to register
Parameters:
principal - Associated user principal that is identified
Parameters:
authType - Authentication type used to authenticate thisuser principal
Parameters:
username - Username used to authenticate this user
Parameters:
password - Password used to authenticate this user |
| removeSession | | protected void removeSession(String ssoId, Session session)(Code) | | Remove a single Session from a SingleSignOn and notify the cluster
of the removal. Called when a session is timed out and no longer active.
Parameters:
ssoId - Single sign on identifier from which to remove the session.
Parameters:
session - the session to be removed. |
| start | | public void start() throws LifecycleException(Code) | | Prepare for the beginning of active use of the public methods of this
component. This method should be called after configure(),
and before any of the public methods of the component are utilized.
exception:
LifecycleException - if this component detects a fatal errorthat prevents this component from being used |
| stop | | public void stop() throws LifecycleException(Code) | | Gracefully terminate the active use of the public methods of this
component. This method should be the last one called on a given
instance of this component.
exception:
LifecycleException - if this component detects a fatal errorthat needs to be reported |
| toString | | public String toString()(Code) | | Return a String rendering of this object.
|
| update | | protected void update(String ssoId, Principal principal, String authType, String username, String password)(Code) | | Notifies the cluster of an update of the security credentials
associated with an SSO session. Updates any SingleSignOnEntry
found under key ssoId with the given authentication data.
The purpose of this method is to allow an SSO entry that was
established without a username/password combination (i.e. established
following DIGEST or CLIENT-CERT authentication) to be updated with
a username and password if one becomes available through a subsequent
BASIC or FORM authentication. The SSO entry will then be usable for
reauthentication.
NOTE: Only updates the SSO entry if a call to
SingleSignOnEntry.getCanReauthenticate() returns
false; otherwise, it is assumed that the SSO entry already
has sufficient information to allow reauthentication and that no update
is needed.
Parameters:
ssoId - identifier of Single sign to be updated
Parameters:
principal - the Principal returned by the latestcall to Realm.authenticate.
Parameters:
authType - the type of authenticator used (BASIC, CLIENT-CERT,DIGEST or FORM)
Parameters:
username - the username (if any) used for the authentication
Parameters:
password - the password (if any) used for the authentication |
| Methods inherited from org.apache.catalina.authenticator.SingleSignOn | public void addLifecycleListener(LifecycleListener listener)(Code)(Java Doc)
protected void associate(String ssoId, Session session)(Code)(Java Doc)
protected void deregister(String ssoId, Session session)(Code)(Java Doc)
protected void deregister(String ssoId)(Code)(Java Doc)
public LifecycleListener[] findLifecycleListeners()(Code)(Java Doc)
public String getCookieDomain()(Code)(Java Doc)
public String getInfo()(Code)(Java Doc)
public boolean getRequireReauthentication()(Code)(Java Doc)
public void invoke(Request request, Response response) throws IOException, ServletException(Code)(Java Doc)
protected SingleSignOnEntry lookup(String ssoId)(Code)(Java Doc)
protected boolean reauthenticate(String ssoId, Realm realm, Request request)(Code)(Java Doc)
protected void register(String ssoId, Principal principal, String authType, String username, String password)(Code)(Java Doc)
public void removeLifecycleListener(LifecycleListener listener)(Code)(Java Doc)
protected void removeSession(String ssoId, Session session)(Code)(Java Doc)
public void sessionEvent(SessionEvent event)(Code)(Java Doc)
public void setCookieDomain(String cookieDomain)(Code)(Java Doc)
public void setRequireReauthentication(boolean required)(Code)(Java Doc)
public void start() throws LifecycleException(Code)(Java Doc)
public void stop() throws LifecycleException(Code)(Java Doc)
public String toString()(Code)(Java Doc)
protected void update(String ssoId, Principal principal, String authType, String username, String password)(Code)(Java Doc)
|
|
|