support Tomcat's SingleSignOn valve
-----------------------------------
Key: CDV-746
URL: https://jira.terracotta.org/jira//browse/CDV-746
Project: Community Development
Issue Type: New Feature
Components: DSO:L1
Reporter: Tim Eck
Assignee: Issue Review Board
>From the forums:
http://forums.terracotta.org/forums/posts/list/1017.page
The singleSignOn valve depends on the tomcat specific extensions to HttpSession
as defined in org.apache.catalina.Session. When terracotta sessions are used,
we attempt to provide support for these extensions but we do not cover 100% of
the interface. Specifically the tomcat specific session event listeners are
essentially no-ops in our implementation
(com.tc.tomcat.session.SessionInternal).
The SingleSignOn valve tries to add itself as an event listener which has no
effect since addSessionListener() is empty in our implemenation. The net effect
of this is that the bookkeeping done in that valve does not know when sessions
are invalidated.
The main challenge in getting this working is the lifetime of our
SessionInternal instance is only for a single request at the moment. The thing
that needs to remember who the listeners are needs to have the same lifecycle
as the session object itself.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.terracotta.org/jira//secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
tc-dev mailing list
[email protected]
http://lists.terracotta.org/mailman/listinfo/tc-dev
