Class SingleSignOn
- java.lang.Object
-
- org.apache.catalina.valves.ValveBase
-
- org.apache.catalina.authenticator.SingleSignOn
-
- All Implemented Interfaces:
Contained
,Lifecycle
,SessionListener
,Valve
,GlassFishValve
- Direct Known Subclasses:
GlassFishSingleSignOn
public class SingleSignOn extends ValveBase implements SessionListener
A Valve that supports a "single sign on" user experience, where the security identity of a user who successfully authenticates to one web application is propagated to other web applications in the same security domain. For successful use, the following requirements must be met:- This Valve must be configured on the Container that represents a virtual host (typically an implementation of
Host
). - The
Realm
that contains the shared user and role information must be configured on the same Container (or a higher one), and not overridden at the web application level. - The web applications themselves must use one of the standard Authenticators found in the
org.apache.catalina.authenticator
package.
- Version:
- $Revision: 1.7 $ $Date: 2007/05/05 05:31:53 $
- Author:
- Craig R. McClanahan
-
-
Field Summary
Fields Modifier and Type Field Description protected ConcurrentMap<String,SingleSignOnEntry>
cache
The cache of SingleSignOnEntry instances for authenticated Principals, keyed by the cookie value that is used to select them.protected static String
info
Descriptive information about this Valve implementation.-
Fields inherited from class org.apache.catalina.valves.ValveBase
container, controller, debug, domain, lifecycle, log, next, oname, rb, started
-
Fields inherited from interface org.glassfish.web.valve.GlassFishValve
END_PIPELINE, INVOKE_NEXT
-
Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, INIT_EVENT, START_EVENT, STOP_EVENT
-
-
Constructor Summary
Constructors Constructor Description SingleSignOn()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
associate(String ssoId, long ssoVersion, Session session)
Associate the specified single sign on identifier with the specified Session.protected void
deregister(String ssoId, Session session)
Deregister the specified session.int
getDebug()
Return the debugging detail level.String
getInfo()
Return descriptive information about this Valve implementation.int
invoke(Request request, Response response)
Perform single-sign-on support processing for this request.boolean
isVersioningSupported()
Return a boolean to indicate whether the sso id version is supported or not.protected void
log(String message)
Log a message on the Logger associated with our Container (if any).protected void
log(String message, Throwable t)
Log a message on the Logger associated with our Container (if any).protected SingleSignOnEntry
lookup(String ssoId)
Look up and return the cached SingleSignOn entry associated with this sso id value, if there is one; otherwise returnnull
.protected SingleSignOnEntry
lookup(String ssoId, long ssoVersion)
Look up and return the cached SingleSignOn entry associated with this sso id value, if there is one; otherwise returnnull
.protected void
register(String ssoId, Principal principal, String authType, String username, char[] password, String realmName)
Register the specified Principal as being associated with the specified value for the single sign on identifier.void
sessionEvent(SessionEvent event)
Acknowledge the occurrence of the specified event.void
setDebug(int debug)
Set the debugging detail level.void
start()
Prepare for the beginning of active use of the public methods of this component.void
stop()
Gracefully terminate the active use of the public methods of this component.String
toString()
Return a String rendering of this object.-
Methods inherited from class org.apache.catalina.valves.ValveBase
addLifecycleListener, backgroundProcess, createObjectName, event, findLifecycleListeners, getContainer, getController, getDomain, getNext, getObjectName, getParentName, invoke, isStarted, postInvoke, removeLifecycleListener, setContainer, setController, setNext, setObjectName
-
-
-
-
Field Detail
-
info
protected static final String info
Descriptive information about this Valve implementation.- See Also:
- Constant Field Values
-
cache
protected final ConcurrentMap<String,SingleSignOnEntry> cache
The cache of SingleSignOnEntry instances for authenticated Principals, keyed by the cookie value that is used to select them.
-
-
Method Detail
-
getDebug
public int getDebug()
Return the debugging detail level.
-
setDebug
public void setDebug(int debug)
Set the debugging detail level.
-
start
public void start() throws LifecycleException
Prepare for the beginning of active use of the public methods of this component. This method should be called afterconfigure()
, and before any of the public methods of the component are utilized.- Specified by:
start
in interfaceLifecycle
- Overrides:
start
in classValveBase
- Throws:
LifecycleException
- if this component detects a fatal error that prevents this component from being used
-
stop
public void stop() throws LifecycleException
Gracefully terminate the active use of the public methods of this component. This method should be the last one called on a given instance of this component.- Specified by:
stop
in interfaceLifecycle
- Overrides:
stop
in classValveBase
- Throws:
LifecycleException
- if this component detects a fatal error that needs to be reported
-
sessionEvent
public void sessionEvent(SessionEvent event)
Acknowledge the occurrence of the specified event.- Specified by:
sessionEvent
in interfaceSessionListener
- Parameters:
event
- SessionEvent that has occurred
-
getInfo
public String getInfo()
Return descriptive information about this Valve implementation.
-
invoke
public int invoke(Request request, Response response) throws IOException, jakarta.servlet.ServletException
Perform single-sign-on support processing for this request.- Specified by:
invoke
in interfaceGlassFishValve
- Specified by:
invoke
in classValveBase
- Parameters:
request
- The servlet request we are processingresponse
- The servlet response we are creating- Returns:
INVOKE_NEXT
orEND_PIPELINE
- Throws:
IOException
- if an input/output error occursjakarta.servlet.ServletException
- if a servlet error occurs
-
toString
public String toString()
Return a String rendering of this object.
-
associate
public void associate(String ssoId, long ssoVersion, Session session)
Associate the specified single sign on identifier with the specified Session.- Parameters:
ssoId
- Single sign on identifierssoVersion
- Single sign on versionsession
- Session to be associated
-
deregister
protected void deregister(String ssoId, Session session)
Deregister the specified session. If it is the last session, then also get rid of the single sign on identifier- Parameters:
ssoId
- Single sign on identifiersession
- Session to be deregistered
-
register
protected void register(String ssoId, Principal principal, String authType, String username, char[] password, String realmName)
Register the specified Principal as being associated with the specified value for the single sign on identifier.- Parameters:
ssoId
- Single sign on identifier to registerprincipal
- Associated user principal that is identifiedauthType
- Authentication type used to authenticate this user principalusername
- Username used to authenticate this userpassword
- Password used to authenticate this user
-
log
protected void log(String message)
Log a message on the Logger associated with our Container (if any).- Parameters:
message
- Message to be logged
-
log
protected void log(String message, Throwable t)
Log a message on the Logger associated with our Container (if any).- Parameters:
message
- Message to be loggedt
- Associated exception
-
lookup
protected SingleSignOnEntry lookup(String ssoId)
Look up and return the cached SingleSignOn entry associated with this sso id value, if there is one; otherwise returnnull
.- Parameters:
ssoId
- Single sign on identifier to look up
-
lookup
protected SingleSignOnEntry lookup(String ssoId, long ssoVersion)
Look up and return the cached SingleSignOn entry associated with this sso id value, if there is one; otherwise returnnull
.- Parameters:
ssoId
- Single sign on identifier to look upssoVersion
- Single sign on version to look up
-
isVersioningSupported
public boolean isVersioningSupported()
Return a boolean to indicate whether the sso id version is supported or not.
-
-