Author: rjung
Date: Wed Nov 26 18:13:41 2014
New Revision: 1641874
URL: http://svn.apache.org/r1641874
Log:
Replicate Principal in ClusterSingleSignOn.
Backport of r1305758 from TC6.
Modified:
tomcat/sandbox/tomcat-oacc/trunk/docs/changelog.xml
tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOn.java
tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOnListener.java
tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/SingleSignOnMessage.java
Modified: tomcat/sandbox/tomcat-oacc/trunk/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-oacc/trunk/docs/changelog.xml?rev=1641874&r1=1641873&r2=1641874&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-oacc/trunk/docs/changelog.xml (original)
+++ tomcat/sandbox/tomcat-oacc/trunk/docs/changelog.xml Wed Nov 26 18:13:41 2014
@@ -32,6 +32,9 @@
<section name="Tomcat OACC 0.1 (rjung)">
<subsection name="Cluster">
<fix>
+ Replicate principal in ClusterSingleSignOn. (kfujino)
+ </fix>
+ <fix>
<bug>52488</bug>: Correct typos: exipre -> expire. Based on a patch by
prockter. (markt)
</fix>
Modified:
tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOn.java
URL:
http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOn.java?rev=1641874&r1=1641873&r2=1641874&view=diff
==============================================================================
---
tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOn.java
(original)
+++
tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOn.java
Wed Nov 26 18:13:41 2014
@@ -21,8 +21,8 @@ package org.apache.catalina.cluster.auth
import java.security.Principal;
-import org.apache.catalina.Container;
import org.apache.catalina.Cluster;
+import org.apache.catalina.Container;
import org.apache.catalina.Engine;
import org.apache.catalina.Host;
import org.apache.catalina.LifecycleException;
@@ -33,6 +33,8 @@ import org.apache.catalina.authenticator
import org.apache.catalina.cluster.CatalinaCluster;
import org.apache.catalina.cluster.ClusterManager;
import org.apache.catalina.cluster.ClusterValve;
+import org.apache.catalina.cluster.session.SerializablePrincipal;
+import org.apache.catalina.realm.GenericPrincipal;
/**
* A <strong>Valve</strong> that supports a "single sign on" user experience on
@@ -245,7 +247,7 @@ public class ClusterSingleSignOn
*/
protected void register(String ssoId, Principal principal, String authType,
String username, String password) {
- sendSSOIdWithAuth(ssoId,
+ sendSSOIdWithAuth(ssoId, principal,
authType, username, password,
SingleSignOnMessage.REGISTER_SESSION);
registerLocal(ssoId, principal, authType, username, password);
@@ -284,7 +286,7 @@ public class ClusterSingleSignOn
*/
protected void update(String ssoId, Principal principal, String authType,
String username, String password) {
- sendSSOIdWithAuth(ssoId,
+ sendSSOIdWithAuth(ssoId, principal,
authType, username, password,
SingleSignOnMessage.UPDATE_SESSION);
updateLocal(ssoId, principal, authType, username, password);
@@ -345,7 +347,7 @@ public class ClusterSingleSignOn
* @param password the password (if any) used for the authentication
* @param action SSO Action type
*/
- protected void sendSSOIdWithAuth(String ssoId,String authType,
+ protected void sendSSOIdWithAuth(String ssoId, Principal principal, String
authType,
String username, String password, int action) {
if (cluster != null) {
messageNumber++;
@@ -355,6 +357,13 @@ public class ClusterSingleSignOn
msg.setAuthType(authType);
msg.setUsername(username);
msg.setPassword(password);
+
+ SerializablePrincipal sp = null;
+ if (principal instanceof GenericPrincipal) {
+ sp = SerializablePrincipal.createPrincipal((GenericPrincipal)
principal);
+ msg.setPrincipal(sp);
+ }
+
send(msg,action);
}
}
Modified:
tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOnListener.java
URL:
http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOnListener.java?rev=1641874&r1=1641873&r2=1641874&view=diff
==============================================================================
---
tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOnListener.java
(original)
+++
tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOnListener.java
Wed Nov 26 18:13:41 2014
@@ -17,6 +17,7 @@
package org.apache.catalina.cluster.authenticator;
+import java.security.Principal;
import java.util.Map;
import java.io.IOException;
@@ -86,6 +87,7 @@ public class ClusterSingleSignOnListener
SingleSignOnMessage msg = (SingleSignOnMessage) myobj;
int action = msg.getAction();
Session session = null;
+ Principal principal = null;
if (log.isDebugEnabled())
log.debug("SingleSignOnMessage Received with action "
@@ -106,12 +108,18 @@ public class ClusterSingleSignOnListener
clusterSSO.deregisterLocal(msg.getSsoId());
break;
case SingleSignOnMessage.REGISTER_SESSION:
- clusterSSO.registerLocal(msg.getSsoId(), null, msg
- .getAuthType(), msg.getUsername(), msg.getPassword());
+ if (msg.getPrincipal() != null) {
+ principal =
msg.getPrincipal().getPrincipal(clusterSSO.getContainer().getRealm());
+ }
+ clusterSSO.registerLocal(msg.getSsoId(), principal,
msg.getAuthType(),
+ msg.getUsername(), msg.getPassword());
break;
case SingleSignOnMessage.UPDATE_SESSION:
- clusterSSO.updateLocal(msg.getSsoId(), null, msg.getAuthType(),
- msg.getUsername(), msg.getPassword());
+ if (msg.getPrincipal() != null) {
+ principal =
msg.getPrincipal().getPrincipal(clusterSSO.getContainer().getRealm());
+ }
+ clusterSSO.updateLocal(msg.getSsoId(), principal,
msg.getAuthType(),
+ msg.getUsername(), msg.getPassword());
break;
case SingleSignOnMessage.REMOVE_SESSION:
session = getSession(msg.getSessionId(), msg.getContextName());
Modified:
tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/SingleSignOnMessage.java
URL:
http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/SingleSignOnMessage.java?rev=1641874&r1=1641873&r2=1641874&view=diff
==============================================================================
---
tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/SingleSignOnMessage.java
(original)
+++
tomcat/sandbox/tomcat-oacc/trunk/src/share/org/apache/catalina/cluster/authenticator/SingleSignOnMessage.java
Wed Nov 26 18:13:41 2014
@@ -22,6 +22,7 @@ import java.io.Serializable;
import org.apache.catalina.cluster.ClusterMessage;
import org.apache.catalina.cluster.ClusterMessageBase;
import org.apache.catalina.cluster.Member;
+import org.apache.catalina.cluster.session.SerializablePrincipal;
/**
* Contains the SingleSignOn data, read and written by the ClusterSingleSignOn
@@ -56,6 +57,7 @@ public class SingleSignOnMessage extends
private String password = null;
private String username = null;
+ private SerializablePrincipal principal = null;
public SingleSignOnMessage(Member source, String ssoId, String sessionId) {
this.address = source;
@@ -137,6 +139,14 @@ public class SingleSignOnMessage extends
this.username = username;
}
+ public SerializablePrincipal getPrincipal() {
+ return principal;
+ }
+
+ public void setPrincipal(SerializablePrincipal principal) {
+ this.principal = principal;
+ }
+
// --------------------------------------------------------- Public Methods
/**
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
