org.apache.catalina.authenticator

Class SingleSignOn

java.lang.Object

org.apache.catalina.valves.ValveBase

org.apache.catalina.authenticator.SingleSignOn

All Implemented Interfaces:

Contained, Lifecycle, SessionListener, Valve, GlassFishValve

Direct Known Subclasses:

GlassFishSingleSignOn

public class SingleSignOn
extends ValveBase
implements SessionListener

A Valve that supports a "single sign on" user experience, where the security identity of a user who successfully authenticates to one web application is propagated to other web applications in the same security domain. For successful use, the following requirements must be met:

• This Valve must be configured on the Container that represents a virtual host (typically an implementation of Host).
• The Realm that contains the shared user and role information must be configured on the same Container (or a higher one), and not overridden at the web application level.
• The web applications themselves must use one of the standard Authenticators found in the org.apache.catalina.authenticator package.

Version:

$Revision: 1.7 $ $Date: 2007/05/05 05:31:53 $

Author:

Craig R. McClanahan

Field Summary

Fields

Modifier and Type	Field and Description
protected Map<String,SingleSignOnEntry>	cache The cache of SingleSignOnEntry instances for authenticated Principals, keyed by the cookie value that is used to select them.
protected static String	info Descriptive information about this Valve implementation.

Fields inherited from class org.apache.catalina.valves.ValveBase

container, controller, debug, domain, lifecycle, next, oname, started

Fields inherited from interface org.apache.catalina.Lifecycle

AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, INIT_EVENT, START_EVENT, STOP_EVENT

Fields inherited from interface org.glassfish.web.valve.GlassFishValve

END_PIPELINE, INVOKE_NEXT

Constructor Summary

Constructors

Constructor and Description
SingleSignOn()

Method Summary

Modifier and Type	Method and Description
void	associate(String ssoId, long ssoVersion, Session session) Associate the specified single sign on identifier with the specified Session.
protected void	deregister(String ssoId, Session session) Deregister the specified session.
int	getDebug() Return the debugging detail level.
String	getInfo() Return descriptive information about this Valve implementation.
int	invoke(Request request, Response response) Perform single-sign-on support processing for this request.
boolean	isVersioningSupported() Return a boolean to indicate whether the sso id version is supported or not.
protected void	log(String message) Log a message on the Logger associated with our Container (if any).
protected void	log(String message, Throwable t) Log a message on the Logger associated with our Container (if any).
protected SingleSignOnEntry	lookup(String ssoId) Look up and return the cached SingleSignOn entry associated with this sso id value, if there is one; otherwise return null.
protected SingleSignOnEntry	lookup(String ssoId, long ssoVersion) Look up and return the cached SingleSignOn entry associated with this sso id value, if there is one; otherwise return null.
protected void	register(String ssoId, Principal principal, String authType, String username, char[] password, String realmName) Register the specified Principal as being associated with the specified value for the single sign on identifier.
void	sessionEvent(SessionEvent event) Acknowledge the occurrence of the specified event.
void	setDebug(int debug) Set the debugging detail level.
void	start() Prepare for the beginning of active use of the public methods of this component.
void	stop() Gracefully terminate the active use of the public methods of this component.
String	toString() Return a String rendering of this object.

Methods inherited from class org.apache.catalina.valves.ValveBase

addLifecycleListener, backgroundProcess, createObjectName, event, findLifecycleListeners, getContainer, getController, getDomain, getNext, getObjectName, getParentName, invoke, isStarted, postInvoke, removeLifecycleListener, setContainer, setController, setNext, setObjectName

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

info

protected static final String info

Descriptive information about this Valve implementation.

See Also:

Constant Field Values

cache

protected Map<String,SingleSignOnEntry> cache

The cache of SingleSignOnEntry instances for authenticated Principals, keyed by the cookie value that is used to select them.

Constructor Detail

SingleSignOn

public SingleSignOn()

Method Detail

getDebug

public int getDebug()

Return the debugging detail level.

Overrides:

getDebug in class ValveBase

setDebug

public void setDebug(int debug)

Set the debugging detail level.

Overrides:

setDebug in class ValveBase

Parameters:

debug - The new debugging detail level

start

public void start()
           throws LifecycleException

Prepare for the beginning of active use of the public methods of this component. This method should be called after configure(), and before any of the public methods of the component are utilized.

Specified by:

start in interface Lifecycle

Overrides:

start in class ValveBase

Throws:

LifecycleException - if this component detects a fatal error that prevents this component from being used

stop

public void stop()
          throws LifecycleException

Gracefully terminate the active use of the public methods of this component. This method should be the last one called on a given instance of this component.

Specified by:

stop in interface Lifecycle

Overrides:

stop in class ValveBase

Throws:

LifecycleException - if this component detects a fatal error that needs to be reported

sessionEvent

public void sessionEvent(SessionEvent event)

Acknowledge the occurrence of the specified event.

Specified by:

sessionEvent in interface SessionListener

Parameters:

event - SessionEvent that has occurred

getInfo

public String getInfo()

Return descriptive information about this Valve implementation.

Specified by:

getInfo in interface Valve

Specified by:

getInfo in interface GlassFishValve

Overrides:

getInfo in class ValveBase

invoke

public int invoke(Request request,
                  Response response)
           throws IOException,
                  javax.servlet.ServletException

Perform single-sign-on support processing for this request.

Specified by:

invoke in interface GlassFishValve

Specified by:

invoke in class ValveBase

Parameters:

request - The servlet request we are processing

response - The servlet response we are creating

Returns:

INVOKE_NEXT or END_PIPELINE

Throws:

IOException - if an input/output error occurs

javax.servlet.ServletException - if a servlet error occurs

toString

public String toString()

Return a String rendering of this object.

Overrides:

toString in class Object

associate

public void associate(String ssoId,
                      long ssoVersion,
                      Session session)

Associate the specified single sign on identifier with the specified Session.

Parameters:

ssoId - Single sign on identifier

ssoVersion - Single sign on version

session - Session to be associated

deregister

protected void deregister(String ssoId,
                          Session session)

Deregister the specified session. If it is the last session, then also get rid of the single sign on identifier

Parameters:

ssoId - Single sign on identifier

session - Session to be deregistered

register

protected void register(String ssoId,
                        Principal principal,
                        String authType,
                        String username,
                        char[] password,
                        String realmName)

Register the specified Principal as being associated with the specified value for the single sign on identifier.

Parameters:

ssoId - Single sign on identifier to register

principal - Associated user principal that is identified

authType - Authentication type used to authenticate this user principal

username - Username used to authenticate this user

password - Password used to authenticate this user

log

protected void log(String message)

Log a message on the Logger associated with our Container (if any).

Parameters:

message - Message to be logged

log

protected void log(String message,
                   Throwable t)

Log a message on the Logger associated with our Container (if any).

Parameters:

message - Message to be logged

t - Associated exception

lookup

protected SingleSignOnEntry lookup(String ssoId)

Look up and return the cached SingleSignOn entry associated with this sso id value, if there is one; otherwise return null.

Parameters:

ssoId - Single sign on identifier to look up

lookup

protected SingleSignOnEntry lookup(String ssoId,
                                   long ssoVersion)

Look up and return the cached SingleSignOn entry associated with this sso id value, if there is one; otherwise return null.

Parameters:

ssoId - Single sign on identifier to look up

ssoVersion - Single sign on version to look up

isVersioningSupported

public boolean isVersioningSupported()

Return a boolean to indicate whether the sso id version is supported or not.