Class ClusterSingleSignOn
java.lang.Object
org.apache.catalina.util.LifecycleBase
org.apache.catalina.util.LifecycleMBeanBase
org.apache.catalina.valves.ValveBase
org.apache.catalina.authenticator.SingleSignOn
org.apache.catalina.ha.authenticator.ClusterSingleSignOn
- All Implemented Interfaces:
- MBeanRegistration,- Contained,- ClusterValve,- JmxEnabled,- Lifecycle,- AbstractReplicatedMap.MapOwner,- Valve
public class ClusterSingleSignOn
extends SingleSignOn
implements ClusterValve, AbstractReplicatedMap.MapOwner
A Valve that supports a "single sign on" user experience on each nodes of a cluster, where the
 security identity of a user who successfully authenticates to one web application is propagated to other web
 applications and to other nodes cluster in the same security domain. For successful use, the following requirements
 must be met:
 
- This Valve must be configured on the Container that represents a virtual host (typically an implementation of
 Host).
- The Realmthat contains the shared user and role information must be configured on the same Container (or a higher one), and not overridden at the web application level.
- The web applications themselves must use one of the standard Authenticators found in the
 org.apache.catalina.authenticatorpackage.
- Author:
- Fabien Carrion
- 
Nested Class SummaryNested classes/interfaces inherited from interface org.apache.catalina.LifecycleLifecycle.SingleUse
- 
Field SummaryFields inherited from class org.apache.catalina.authenticator.SingleSignOncacheFields inherited from class org.apache.catalina.valves.ValveBaseasyncSupported, container, containerLog, nextFields inherited from interface org.apache.catalina.LifecycleAFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionprotected booleanAssociate the specified single sign on identifier with the specified Session.longReturns the cluster the cluster deployer is associated withintlongprotected SessionListenergetSessionListener(String ssoId) booleanvoidobjectMadePrimary(Object key, Object value) voidsetAccessTimeout(long accessTimeout) voidsetCluster(CatalinaCluster cluster) Associates the cluster deployer with a clustervoidsetMapSendOptions(int mapSendOptions) voidsetRpcTimeout(long rpcTimeout) voidsetTerminateOnStartFailure(boolean terminateOnStartFailure) protected voidStart this component and implement the requirements ofLifecycleBase.startInternal().protected voidStop this component and implement the requirements ofLifecycleBase.stopInternal().protected booleanUpdates anySingleSignOnEntryfound under keyssoIdwith the given authentication data.Methods inherited from class org.apache.catalina.authenticator.SingleSignOnderegister, getCookieDomain, getCookieName, getRequireReauthentication, invoke, reauthenticate, register, removeSession, sessionDestroyed, setCookieDomain, setCookieName, setRequireReauthenticationMethods inherited from class org.apache.catalina.valves.ValveBasebackgroundProcess, getContainer, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setContainer, setNext, toStringMethods inherited from class org.apache.catalina.util.LifecycleMBeanBasedestroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregisterMethods inherited from class org.apache.catalina.util.LifecycleBaseaddLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stopMethods inherited from class java.lang.Objectclone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface org.apache.catalina.ValvebackgroundProcess, getNext, invoke, isAsyncSupported, setNext
- 
Constructor Details- 
ClusterSingleSignOnpublic ClusterSingleSignOn()
 
- 
- 
Method Details- 
getClusterDescription copied from interface:ClusterValveReturns the cluster the cluster deployer is associated with- Specified by:
- getClusterin interface- ClusterValve
- Returns:
- CatalinaCluster
 
- 
setClusterDescription copied from interface:ClusterValveAssociates the cluster deployer with a cluster- Specified by:
- setClusterin interface- ClusterValve
- Parameters:
- cluster- CatalinaCluster
 
- 
getRpcTimeoutpublic long getRpcTimeout()
- 
setRpcTimeoutpublic void setRpcTimeout(long rpcTimeout) 
- 
getMapSendOptionspublic int getMapSendOptions()
- 
setMapSendOptionspublic void setMapSendOptions(int mapSendOptions) 
- 
getTerminateOnStartFailurepublic boolean getTerminateOnStartFailure()
- 
setTerminateOnStartFailurepublic void setTerminateOnStartFailure(boolean terminateOnStartFailure) 
- 
getAccessTimeoutpublic long getAccessTimeout()
- 
setAccessTimeoutpublic void setAccessTimeout(long accessTimeout) 
- 
associateDescription copied from class:SingleSignOnAssociate the specified single sign on identifier with the specified Session.- Overrides:
- associatein class- SingleSignOn
- Parameters:
- ssoId- Single sign on identifier
- session- Session to be associated
- Returns:
- trueif the session was associated to the given SSO session, otherwise- false
 
- 
updateprotected boolean update(String ssoId, Principal principal, String authType, String username, String password) Description copied from class:SingleSignOnUpdates anySingleSignOnEntryfound under keyssoIdwith the given authentication data.The purpose of this method is to allow an SSO entry that was established without a username/password combination (i.e. established following DIGEST or CLIENT_CERT authentication) to be updated with a username and password if one becomes available through a subsequent BASIC or FORM authentication. The SSO entry will then be usable for reauthentication. NOTE: Only updates the SSO entry if a call to SingleSignOnEntry.getCanReauthenticate()returnsfalse; otherwise, it is assumed that the SSO entry already has sufficient information to allow reauthentication and that no update is needed.- Overrides:
- updatein class- SingleSignOn
- Parameters:
- ssoId- identifier of Single sign to be updated
- principal- the- Principalreturned by the latest call to- Realm.authenticate.
- authType- the type of authenticator used (BASIC, CLIENT_CERT, DIGEST or FORM)
- username- the username (if any) used for the authentication
- password- the password (if any) used for the authentication
- Returns:
- trueif the credentials were updated, otherwise- false
 
- 
getSessionListener- Overrides:
- getSessionListenerin class- SingleSignOn
 
- 
objectMadePrimary- Specified by:
- objectMadePrimaryin interface- AbstractReplicatedMap.MapOwner
 
- 
startInternalStart this component and implement the requirements ofLifecycleBase.startInternal().- Overrides:
- startInternalin class- SingleSignOn
- Throws:
- LifecycleException- if this component detects a fatal error that prevents this component from being used
 
- 
stopInternalStop this component and implement the requirements ofLifecycleBase.stopInternal().- Overrides:
- stopInternalin class- SingleSignOn
- Throws:
- LifecycleException- if this component detects a fatal error that prevents this component from being used
 
 
-