DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881

SingleSignOn and FormAuthenticator in embedded tomcat





--- Additional Comments From [EMAIL PROTECTED]  2003-12-24 20:42 ---
I have applied you patch to TC4.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881

SingleSignOn and FormAuthenticator in embedded tomcat





--- Additional Comments From [EMAIL PROTECTED]  2003-12-24 06:44 ---
Created an attachment (id=9694)
Previous patch to 4.1 updated to avoid conflict with patch applied today by Mark Thomas

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881

SingleSignOn and FormAuthenticator in embedded tomcat





--- Additional Comments From [EMAIL PROTECTED]  2003-12-24 06:48 ---
Patch attached a moment ago is a zip file which includes a diff plus a new 
class.  The new class is just the existing SingleSignOnEntry inner class 
extracted out of SingleSignOn.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881

SingleSignOn and FormAuthenticator in embedded tomcat

[EMAIL PROTECTED] changed:

   What|Removed |Added

 CC||[EMAIL PROTECTED]



--- Additional Comments From [EMAIL PROTECTED]  2003-12-07 19:27 ---
*** Bug 4350 has been marked as a duplicate of this bug. ***

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881

SingleSignOn and FormAuthenticator in embedded tomcat





--- Additional Comments From [EMAIL PROTECTED]  2003-11-26 04:53 ---
Created an attachment (id=9288)
Port of the TC5 patch to TC 4.1; includes related fix to 9077 and 10040

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881

SingleSignOn and FormAuthenticator in embedded tomcat

[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED



--- Additional Comments From [EMAIL PROTECTED]  2003-11-24 16:53 ---
I have applied your patch, thanks.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881

SingleSignOn and FormAuthenticator in embedded tomcat

[EMAIL PROTECTED] changed:

   What|Removed |Added

Product|Tomcat 4|Tomcat 5
Version|4.0 Beta 1  |5.0.14



--- Additional Comments From [EMAIL PROTECTED]  2003-11-23 17:45 ---
I think I'm going to apply this patch. Esp since it has been tested in JB land
first (otherwise, I wouldn't want to commit it so close to a release).

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881

SingleSignOn and FormAuthenticator in embedded tomcat





--- Additional Comments From [EMAIL PROTECTED]  2003-11-23 00:01 ---
Created an attachment (id=9247)
Patch w/ diff and one new class

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881

SingleSignOn and FormAuthenticator in embedded tomcat





--- Additional Comments From [EMAIL PROTECTED]  2003-11-23 00:18 ---
Attached is a proposed patch.  It adds a configurable 
attribute requiresReauthentication to SingleSignOn.  If false (the 
default), applications will behave as they do now.  If true, each incoming 
request will need to be reauthenticated to the Realm.  The various 
authenticators have been modified to handle this.  In this case the 
SingleSignOnEntry serves as a store of authentication credentials.

If the 1st webapp a user visits uses FORM or BASIC auth, and then they visit 
another app that requires DIGEST, the cached username/password from the 
FORM/BASIC authentication will not be sufficient information to do a digest 
authentication, so the user will be prompted for a digest login.  Possibly we 
could add a config option to allow a username/password authentication to 
override the DIGEST auth specified in the web.xml.

Similarly, if the user first visits a webapp with DIGEST auth, and then visits 
one that uses FORM or BASIC, again the cached credentials will not be 
sufficient (no cached password from the digest auth), so they will have to be 
prompted for their username/password.

The attached patch includes logic that deals with all this and ensures that a 
single SSO session is maintained throughout.

Of course, if webapps in a deployment don't mix their authentication schemes, 
none of the above details are an issue.

This bug was raised against TC 4; sorry the patch is against TC 5.  I can very 
easily pull together a TC4.1 version if desired.

This patch also addresses bug 10040.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 23881] - SingleSignOn and FormAuthenticator in embedded tomcat

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23881

SingleSignOn and FormAuthenticator in embedded tomcat





--- Additional Comments From [EMAIL PROTECTED]  2003-10-17 09:08 ---
also the register method in AuthenticatorBase creates a new cookie for 
SingleSignOn - i guess should check against an already existing cookie (using 
lookup) - and just call method associate in case this one exists. this solves a 
potential memory leak and the logout issue (register is called after every 
successful authenticate with the container realm).

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]