org.apache.catalina.ha.authenticator
public class ClusterSingleSignOn extends SingleSignOn
Host
).Realm
that contains the shared user and role
information must be configured on the same Container (or a higher
one), and not overridden at the web application level.org.apache.catalina.authenticator
package.Field Summary | |
---|---|
protected static String | info
Descriptive information about this Valve implementation. |
protected int | messageNumber |
Method Summary | |
---|---|
protected void | associate(String ssoId, Session session)
Notify the cluster of the addition of a Session to
an SSO session and associate the specified single
sign on identifier with the specified Session on the
local node.
|
protected void | associateLocal(String ssoId, Session session) |
protected void | deregister(String ssoId, Session session)
Notify the cluster of the removal of a Session from an
SSO session and deregister the specified session. |
protected void | deregister(String ssoId)
Notifies the cluster that a single sign on session
has been terminated due to a user logout, deregister
the specified single sign on identifier, and invalidate
any associated sessions on the local node.
|
protected void | deregisterLocal(String ssoId, Session session) |
protected void | deregisterLocal(String ssoId) |
CatalinaCluster | getCluster() |
String | getInfo()
Return descriptive information about this Valve implementation. |
protected void | register(String ssoId, Principal principal, String authType, String username, String password)
Notifies the cluster of the creation of a new SSO entry
and register the specified Principal as being associated
with the specified value for the single sign on identifier.
|
protected void | registerLocal(String ssoId, Principal principal, String authType, String username, String password) |
protected void | removeSession(String ssoId, Session session)
Remove a single Session from a SingleSignOn and notify the cluster
of the removal. |
protected void | removeSessionLocal(String ssoId, Session session) |
void | setCluster(CatalinaCluster cluster) |
void | start()
Prepare for the beginning of active use of the public methods of this
component. |
void | stop()
Gracefully terminate the active use of the public methods of this
component. |
String | toString()
Return a String rendering of this object. |
protected void | update(String ssoId, Principal principal, String authType, String username, String password)
Notifies the cluster of an update of the security credentials
associated with an SSO session. |
protected void | updateLocal(String ssoId, Principal principal, String authType, String username, String password) |
Parameters: ssoId Single sign on identifier session Session to be associated
Parameters: ssoId Single sign on identifier session Session to be deregistered
Parameters: ssoId Single sign on identifier to deregister
Parameters: ssoId Single sign on identifier to register principal Associated user principal that is identified authType Authentication type used to authenticate this user principal username Username used to authenticate this user password Password used to authenticate this user
Parameters: ssoId Single sign on identifier from which to remove the session. session the session to be removed.
configure()
,
and before any of the public methods of the component are utilized.
Throws: LifecycleException if this component detects a fatal error that prevents this component from being used
Throws: LifecycleException if this component detects a fatal error that needs to be reported
SingleSignOnEntry
found under key ssoId
with the given authentication data.
The purpose of this method is to allow an SSO entry that was established without a username/password combination (i.e. established following DIGEST or CLIENT-CERT authentication) to be updated with a username and password if one becomes available through a subsequent BASIC or FORM authentication. The SSO entry will then be usable for reauthentication.
NOTE: Only updates the SSO entry if a call to
SingleSignOnEntry.getCanReauthenticate()
returns
false
; otherwise, it is assumed that the SSO entry already
has sufficient information to allow reauthentication and that no update
is needed.
Parameters: ssoId identifier of Single sign to be updated principal the Principal
returned by the latest
call to Realm.authenticate
. authType the type of authenticator used (BASIC, CLIENT-CERT,
DIGEST or FORM) username the username (if any) used for the authentication password the password (if any) used for the authentication