Package org.apache.catalina.authenticator

Class SingleSignOn

  • All Implemented Interfaces:
    Contained, Lifecycle, SessionListener, Valve, GlassFishValve
    Direct Known Subclasses:
    GlassFishSingleSignOn
    public class SingleSignOn
extends ValveBase
implements SessionListener
    A Valve that supports a "single sign on" user experience, where the security identity of a user who successfully authenticates to one web application is propagated to other web applications in the same security domain. For successful use, the following requirements must be met:
    • This Valve must be configured on the Container that represents a virtual host (typically an implementation of Host).
    • The Realm that contains the shared user and role information must be configured on the same Container (or a higher one), and not overridden at the web application level.
    • The web applications themselves must use one of the standard Authenticators found in the org.apache.catalina.authenticator package.
    Version:
    $Revision: 1.7 $ $Date: 2007/05/05 05:31:53 $
    Author:
    Craig R. McClanahan

    • Field Detail

      • cache

        protected final ConcurrentMap<String,​SingleSignOnEntry> cache
        The cache of SingleSignOnEntry instances for authenticated Principals, keyed by the cookie value that is used to select them.

    • Constructor Detail

      • SingleSignOn

        public SingleSignOn()

    • Method Detail

      • getDebug

        public int getDebug()
        Return the debugging detail level.
        Overrides:
        getDebug in class ValveBase

      • setDebug

        public void setDebug​(int debug)
        Set the debugging detail level.
        Overrides:
        setDebug in class ValveBase
        Parameters:
        debug - The new debugging detail level

      • start

        public void start()
           throws LifecycleException
        Prepare for the beginning of active use of the public methods of this component. This method should be called after configure(), and before any of the public methods of the component are utilized.
        Specified by:
        start in interface Lifecycle
        Overrides:
        start in class ValveBase
        Throws:
        LifecycleException - if this component detects a fatal error that prevents this component from being used

      • stop

        public void stop()
          throws LifecycleException
        Gracefully terminate the active use of the public methods of this component. This method should be the last one called on a given instance of this component.
        Specified by:
        stop in interface Lifecycle
        Overrides:
        stop in class ValveBase
        Throws:
        LifecycleException - if this component detects a fatal error that needs to be reported

      • sessionEvent

        public void sessionEvent​(SessionEvent event)
        Acknowledge the occurrence of the specified event.
        Specified by:
        sessionEvent in interface SessionListener
        Parameters:
        event - SessionEvent that has occurred

      • invoke

        public int invoke​(Request request,
                  Response response)
           throws IOException,
                  jakarta.servlet.ServletException
        Perform single-sign-on support processing for this request.
        Specified by:
        invoke in interface GlassFishValve
        Specified by:
        invoke in class ValveBase
        Parameters:
        request - The servlet request we are processing
        response - The servlet response we are creating
        Returns:
        INVOKE_NEXT or END_PIPELINE
        Throws:
        IOException - if an input/output error occurs
        jakarta.servlet.ServletException - if a servlet error occurs

      • toString

        public String toString()
        Return a String rendering of this object.
        Overrides:
        toString in class Object

      • associate

        public void associate​(String ssoId,
                      long ssoVersion,
                      Session session)
        Associate the specified single sign on identifier with the specified Session.
        Parameters:
        ssoId - Single sign on identifier
        ssoVersion - Single sign on version
        session - Session to be associated

      • deregister

        protected void deregister​(String ssoId,
                          Session session)
        Deregister the specified session. If it is the last session, then also get rid of the single sign on identifier
        Parameters:
        ssoId - Single sign on identifier
        session - Session to be deregistered

      • register

        protected void register​(String ssoId,
                        Principal principal,
                        String authType,
                        String username,
                        char[] password,
                        String realmName)
        Register the specified Principal as being associated with the specified value for the single sign on identifier.
        Parameters:
        ssoId - Single sign on identifier to register
        principal - Associated user principal that is identified
        authType - Authentication type used to authenticate this user principal
        username - Username used to authenticate this user
        password - Password used to authenticate this user

      • log

        protected void log​(String message)
        Log a message on the Logger associated with our Container (if any).
        Parameters:
        message - Message to be logged

      • log

        protected void log​(String message,
                   Throwable t)
        Log a message on the Logger associated with our Container (if any).
        Parameters:
        message - Message to be logged
        t - Associated exception

      • lookup

        protected SingleSignOnEntry lookup​(String ssoId)
        Look up and return the cached SingleSignOn entry associated with this sso id value, if there is one; otherwise return null.
        Parameters:
        ssoId - Single sign on identifier to look up

      • lookup

        protected SingleSignOnEntry lookup​(String ssoId,
                                   long ssoVersion)
        Look up and return the cached SingleSignOn entry associated with this sso id value, if there is one; otherwise return null.
        Parameters:
        ssoId - Single sign on identifier to look up
        ssoVersion - Single sign on version to look up

      • isVersioningSupported

        public boolean isVersioningSupported()
        Return a boolean to indicate whether the sso id version is supported or not.