DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881 SingleSignOn and FormAuthenticator in embedded tomcat --- Additional Comments From [EMAIL PROTECTED] 2003-12-24 20:42 --- I have applied you patch to TC4. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881 SingleSignOn and FormAuthenticator in embedded tomcat --- Additional Comments From [EMAIL PROTECTED] 2003-12-24 06:44 --- Created an attachment (id=9694) Previous patch to 4.1 updated to avoid conflict with patch applied today by Mark Thomas - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881 SingleSignOn and FormAuthenticator in embedded tomcat --- Additional Comments From [EMAIL PROTECTED] 2003-12-24 06:48 --- Patch attached a moment ago is a zip file which includes a diff plus a new class. The new class is just the existing SingleSignOnEntry inner class extracted out of SingleSignOn. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881 SingleSignOn and FormAuthenticator in embedded tomcat [EMAIL PROTECTED] changed: What|Removed |Added CC||[EMAIL PROTECTED] --- Additional Comments From [EMAIL PROTECTED] 2003-12-07 19:27 --- *** Bug 4350 has been marked as a duplicate of this bug. *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881 SingleSignOn and FormAuthenticator in embedded tomcat --- Additional Comments From [EMAIL PROTECTED] 2003-11-26 04:53 --- Created an attachment (id=9288) Port of the TC5 patch to TC 4.1; includes related fix to 9077 and 10040 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881 SingleSignOn and FormAuthenticator in embedded tomcat [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2003-11-24 16:53 --- I have applied your patch, thanks. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881 SingleSignOn and FormAuthenticator in embedded tomcat [EMAIL PROTECTED] changed: What|Removed |Added Product|Tomcat 4|Tomcat 5 Version|4.0 Beta 1 |5.0.14 --- Additional Comments From [EMAIL PROTECTED] 2003-11-23 17:45 --- I think I'm going to apply this patch. Esp since it has been tested in JB land first (otherwise, I wouldn't want to commit it so close to a release). - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881 SingleSignOn and FormAuthenticator in embedded tomcat --- Additional Comments From [EMAIL PROTECTED] 2003-11-23 00:01 --- Created an attachment (id=9247) Patch w/ diff and one new class - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881 SingleSignOn and FormAuthenticator in embedded tomcat --- Additional Comments From [EMAIL PROTECTED] 2003-11-23 00:18 --- Attached is a proposed patch. It adds a configurable attribute requiresReauthentication to SingleSignOn. If false (the default), applications will behave as they do now. If true, each incoming request will need to be reauthenticated to the Realm. The various authenticators have been modified to handle this. In this case the SingleSignOnEntry serves as a store of authentication credentials. If the 1st webapp a user visits uses FORM or BASIC auth, and then they visit another app that requires DIGEST, the cached username/password from the FORM/BASIC authentication will not be sufficient information to do a digest authentication, so the user will be prompted for a digest login. Possibly we could add a config option to allow a username/password authentication to override the DIGEST auth specified in the web.xml. Similarly, if the user first visits a webapp with DIGEST auth, and then visits one that uses FORM or BASIC, again the cached credentials will not be sufficient (no cached password from the digest auth), so they will have to be prompted for their username/password. The attached patch includes logic that deals with all this and ensures that a single SSO session is maintained throughout. Of course, if webapps in a deployment don't mix their authentication schemes, none of the above details are an issue. This bug was raised against TC 4; sorry the patch is against TC 5. I can very easily pull together a TC4.1 version if desired. This patch also addresses bug 10040. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881 SingleSignOn and FormAuthenticator in embedded tomcat --- Additional Comments From [EMAIL PROTECTED] 2003-10-17 09:08 --- also the register method in AuthenticatorBase creates a new cookie for SingleSignOn - i guess should check against an already existing cookie (using lookup) - and just call method associate in case this one exists. this solves a potential memory leak and the logout issue (register is called after every successful authenticate with the container realm). - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]