You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by kf...@apache.org on 2012/03/27 09:39:46 UTC
svn commit: r1305758 - in /tomcat/tc6.0.x/trunk: ./
java/org/apache/catalina/ha/authenticator/ webapps/docs/
Author: kfujino
Date: Tue Mar 27 07:39:45 2012
New Revision: 1305758
URL: http://svn.apache.org/viewvc?rev=1305758&view=rev
Log:
Replicate Principal in ClusterSingleSignOn.
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java
tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOnListener.java
tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/SingleSignOnMessage.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1305758&r1=1305757&r2=1305758&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Mar 27 07:39:45 2012
@@ -86,11 +86,6 @@ PATCHES PROPOSED TO BACKPORT:
-0: markt - https://issues.apache.org/bugzilla/show_bug.cgi?id=52579#c8
-1:
-* Replicate Principal in ClusterSingleSignOn.
- http://svn.apache.org/viewvc?view=revision&revision=1298299
- +1: kfujino, fhanik, markt
- -1:
-
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52500
Add configurable mechanism to retrieve user names from X509 client certificates.
trunk patch: http://svn.apache.org/viewvc?view=revision&revision=r1298476
Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java?rev=1305758&r1=1305757&r2=1305758&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java Tue Mar 27 07:39:45 2012
@@ -21,8 +21,8 @@ package org.apache.catalina.ha.authentic
import java.security.Principal;
-import org.apache.catalina.Container;
import org.apache.catalina.Cluster;
+import org.apache.catalina.Container;
import org.apache.catalina.Engine;
import org.apache.catalina.Host;
import org.apache.catalina.LifecycleException;
@@ -31,6 +31,8 @@ import org.apache.catalina.Session;
import org.apache.catalina.authenticator.SingleSignOn;
import org.apache.catalina.ha.CatalinaCluster;
import org.apache.catalina.ha.ClusterManager;
+import org.apache.catalina.ha.session.SerializablePrincipal;
+import org.apache.catalina.realm.GenericPrincipal;
@@ -333,6 +335,12 @@ public class ClusterSingleSignOn
msg.setUsername(username);
msg.setPassword(password);
+ SerializablePrincipal sp = null;
+ if (principal instanceof GenericPrincipal) {
+ sp = SerializablePrincipal.createPrincipal((GenericPrincipal) principal);
+ msg.setPrincipal(sp);
+ }
+
cluster.sendClusterDomain(msg);
if (containerLog.isDebugEnabled())
containerLog.debug("SingleSignOnMessage Send with action "
@@ -390,6 +398,12 @@ public class ClusterSingleSignOn
msg.setUsername(username);
msg.setPassword(password);
+ SerializablePrincipal sp = null;
+ if (principal instanceof GenericPrincipal) {
+ sp = SerializablePrincipal.createPrincipal((GenericPrincipal) principal);
+ msg.setPrincipal(sp);
+ }
+
cluster.sendClusterDomain(msg);
if (containerLog.isDebugEnabled())
containerLog.debug("SingleSignOnMessage Send with action "
Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOnListener.java
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOnListener.java?rev=1305758&r1=1305757&r2=1305758&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOnListener.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOnListener.java Tue Mar 27 07:39:45 2012
@@ -17,6 +17,7 @@
package org.apache.catalina.ha.authenticator;
+import java.security.Principal;
import java.util.Map;
import java.io.IOException;
@@ -88,6 +89,7 @@ public class ClusterSingleSignOnListener
SingleSignOnMessage msg = (SingleSignOnMessage) myobj;
int action = msg.getAction();
Session session = null;
+ Principal principal = null;
if (log.isDebugEnabled())
log.debug("SingleSignOnMessage Received with action "
@@ -110,12 +112,18 @@ public class ClusterSingleSignOnListener
clusterSSO.deregisterLocal(msg.getSsoId());
break;
case SingleSignOnMessage.REGISTER_SESSION:
- clusterSSO.registerLocal(msg.getSsoId(), null, msg.getAuthType(),
- msg.getUsername(), msg.getPassword());
+ if (msg.getPrincipal() != null) {
+ principal = msg.getPrincipal().getPrincipal(clusterSSO.getContainer().getRealm());
+ }
+ clusterSSO.registerLocal(msg.getSsoId(), principal, msg.getAuthType(),
+ msg.getUsername(), msg.getPassword());
break;
case SingleSignOnMessage.UPDATE_SESSION:
- clusterSSO.updateLocal(msg.getSsoId(), null, msg.getAuthType(),
- msg.getUsername(), msg.getPassword());
+ if (msg.getPrincipal() != null) {
+ principal = msg.getPrincipal().getPrincipal(clusterSSO.getContainer().getRealm());
+ }
+ clusterSSO.updateLocal(msg.getSsoId(), principal, msg.getAuthType(),
+ msg.getUsername(), msg.getPassword());
break;
case SingleSignOnMessage.REMOVE_SESSION:
session = getSession(msg.getSessionId(),
Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/SingleSignOnMessage.java
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/SingleSignOnMessage.java?rev=1305758&r1=1305757&r2=1305758&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/SingleSignOnMessage.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/authenticator/SingleSignOnMessage.java Tue Mar 27 07:39:45 2012
@@ -20,6 +20,7 @@ package org.apache.catalina.ha.authentic
import java.io.Serializable;
import org.apache.catalina.ha.ClusterMessage;
+import org.apache.catalina.ha.session.SerializablePrincipal;
import org.apache.catalina.tribes.Member;
/**
@@ -43,6 +44,7 @@ public class SingleSignOnMessage impleme
private String authType = null;
private String password = null;
private String username = null;
+ private SerializablePrincipal principal = null;
private Member address = null;
private long timestamp = 0;
@@ -169,6 +171,13 @@ public class SingleSignOnMessage impleme
this.username = username;
}
+ public SerializablePrincipal getPrincipal() {
+ return principal;
+ }
+
+ public void setPrincipal(SerializablePrincipal principal) {
+ this.principal = principal;
+ }
// --------------------------------------------------------- Public Methods
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1305758&r1=1305757&r2=1305758&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Tue Mar 27 07:39:45 2012
@@ -150,6 +150,13 @@
</fix>
</changelog>
</subsection>
+ <subsection name="Cluster">
+ <changelog>
+ <fix>
+ Replicate principal in ClusterSingleSignOn. (kfujino)
+ </fix>
+ </changelog>
+ </subsection>
<subsection name="Webapps">
<changelog>
<fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org