Class ClusterSingleSignOn
- java.lang.Object
- 
- org.apache.catalina.util.LifecycleBase
- 
- org.apache.catalina.util.LifecycleMBeanBase
- 
- org.apache.catalina.valves.ValveBase
- 
- org.apache.catalina.authenticator.SingleSignOn
- 
- org.apache.catalina.ha.authenticator.ClusterSingleSignOn
 
 
 
 
 
- 
- All Implemented Interfaces:
- MBeanRegistration,- Contained,- ClusterValve,- JmxEnabled,- Lifecycle,- AbstractReplicatedMap.MapOwner,- Valve
 
 public class ClusterSingleSignOn extends SingleSignOn implements ClusterValve, AbstractReplicatedMap.MapOwner A Valve that supports a "single sign on" user experience on each nodes of a cluster, where the security identity of a user who successfully authenticates to one web application is propagated to other web applications and to other nodes cluster in the same security domain. For successful use, the following requirements must be met:- This Valve must be configured on the Container that represents a virtual host (typically an implementation of
 Host).
- The Realmthat contains the shared user and role information must be configured on the same Container (or a higher one), and not overridden at the web application level.
- The web applications themselves must use one of the standard Authenticators found in the
 org.apache.catalina.authenticatorpackage.
 - Author:
- Fabien Carrion
 
- 
- 
Nested Class Summary- 
Nested classes/interfaces inherited from interface org.apache.catalina.LifecycleLifecycle.SingleUse
 
- 
 - 
Field Summary- 
Fields inherited from class org.apache.catalina.authenticator.SingleSignOncache
 - 
Fields inherited from class org.apache.catalina.valves.ValveBaseasyncSupported, container, containerLog, next
 - 
Fields inherited from interface org.apache.catalina.LifecycleAFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
 
- 
 - 
Constructor SummaryConstructors Constructor Description ClusterSingleSignOn()
 - 
Method SummaryAll Methods Instance Methods Concrete Methods Modifier and Type Method Description protected booleanassociate(String ssoId, Session session)Associate the specified single sign on identifier with the specified Session.longgetAccessTimeout()CatalinaClustergetCluster()Returns the cluster the cluster deployer is associated withintgetMapSendOptions()longgetRpcTimeout()protected SessionListenergetSessionListener(String ssoId)booleangetTerminateOnStartFailure()voidobjectMadePrimary(Object key, Object value)voidsetAccessTimeout(long accessTimeout)voidsetCluster(CatalinaCluster cluster)Associates the cluster deployer with a clustervoidsetMapSendOptions(int mapSendOptions)voidsetRpcTimeout(long rpcTimeout)voidsetTerminateOnStartFailure(boolean terminateOnStartFailure)protected voidstartInternal()Start this component and implement the requirements ofLifecycleBase.startInternal().protected voidstopInternal()Stop this component and implement the requirements ofLifecycleBase.stopInternal().protected booleanupdate(String ssoId, Principal principal, String authType, String username, String password)Updates anySingleSignOnEntryfound under keyssoIdwith the given authentication data.- 
Methods inherited from class org.apache.catalina.authenticator.SingleSignOnderegister, getCookieDomain, getCookieName, getRequireReauthentication, invoke, reauthenticate, register, removeSession, sessionDestroyed, setCookieDomain, setCookieName, setRequireReauthentication
 - 
Methods inherited from class org.apache.catalina.valves.ValveBasebackgroundProcess, getContainer, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setContainer, setNext, toString
 - 
Methods inherited from class org.apache.catalina.util.LifecycleMBeanBasedestroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregister
 - 
Methods inherited from class org.apache.catalina.util.LifecycleBaseaddLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
 - 
Methods inherited from class java.lang.Objectclone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 - 
Methods inherited from interface org.apache.catalina.ValvebackgroundProcess, getNext, invoke, isAsyncSupported, setNext
 
- 
 
- 
- 
- 
Method Detail- 
getClusterpublic CatalinaCluster getCluster() Description copied from interface:ClusterValveReturns the cluster the cluster deployer is associated with- Specified by:
- getClusterin interface- ClusterValve
- Returns:
- CatalinaCluster
 
 - 
setClusterpublic void setCluster(CatalinaCluster cluster) Description copied from interface:ClusterValveAssociates the cluster deployer with a cluster- Specified by:
- setClusterin interface- ClusterValve
- Parameters:
- cluster- CatalinaCluster
 
 - 
getRpcTimeoutpublic long getRpcTimeout() 
 - 
setRpcTimeoutpublic void setRpcTimeout(long rpcTimeout) 
 - 
getMapSendOptionspublic int getMapSendOptions() 
 - 
setMapSendOptionspublic void setMapSendOptions(int mapSendOptions) 
 - 
getTerminateOnStartFailurepublic boolean getTerminateOnStartFailure() 
 - 
setTerminateOnStartFailurepublic void setTerminateOnStartFailure(boolean terminateOnStartFailure) 
 - 
getAccessTimeoutpublic long getAccessTimeout() 
 - 
setAccessTimeoutpublic void setAccessTimeout(long accessTimeout) 
 - 
associateprotected boolean associate(String ssoId, Session session) Description copied from class:SingleSignOnAssociate the specified single sign on identifier with the specified Session.- Overrides:
- associatein class- SingleSignOn
- Parameters:
- ssoId- Single sign on identifier
- session- Session to be associated
- Returns:
- trueif the session was associated to the given SSO session, otherwise- false
 
 - 
updateprotected boolean update(String ssoId, Principal principal, String authType, String username, String password) Description copied from class:SingleSignOnUpdates anySingleSignOnEntryfound under keyssoIdwith the given authentication data.The purpose of this method is to allow an SSO entry that was established without a username/password combination (i.e. established following DIGEST or CLIENT_CERT authentication) to be updated with a username and password if one becomes available through a subsequent BASIC or FORM authentication. The SSO entry will then be usable for reauthentication. NOTE: Only updates the SSO entry if a call to SingleSignOnEntry.getCanReauthenticate()returnsfalse; otherwise, it is assumed that the SSO entry already has sufficient information to allow reauthentication and that no update is needed.- Overrides:
- updatein class- SingleSignOn
- Parameters:
- ssoId- identifier of Single sign to be updated
- principal- the- Principalreturned by the latest call to- Realm.authenticate.
- authType- the type of authenticator used (BASIC, CLIENT_CERT, DIGEST or FORM)
- username- the username (if any) used for the authentication
- password- the password (if any) used for the authentication
- Returns:
- trueif the credentials were updated, otherwise- false
 
 - 
getSessionListenerprotected SessionListener getSessionListener(String ssoId) - Overrides:
- getSessionListenerin class- SingleSignOn
 
 - 
objectMadePrimarypublic void objectMadePrimary(Object key, Object value) - Specified by:
- objectMadePrimaryin interface- AbstractReplicatedMap.MapOwner
 
 - 
startInternalprotected void startInternal() throws LifecycleExceptionStart this component and implement the requirements ofLifecycleBase.startInternal().- Overrides:
- startInternalin class- SingleSignOn
- Throws:
- LifecycleException- if this component detects a fatal error that prevents this component from being used
 
 - 
stopInternalprotected void stopInternal() throws LifecycleExceptionStop this component and implement the requirements ofLifecycleBase.stopInternal().- Overrides:
- stopInternalin class- SingleSignOn
- Throws:
- LifecycleException- if this component detects a fatal error that prevents this component from being used
 
 
- 
 
-