You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Chao Wang <so...@gmail.com> on 2013/07/19 14:16:32 UTC
SingleSignOn valve enabled by default?
Hi all,
I have an issue with SSO configuration in tomcat 7.0.42.
According to the doc [1], it requires to enable SSO valve inside
server.xml. However, without making such modification, I deployed two
web-app test.war and test2.war (see attached file). Then, try to login
from /test, after successful login, I don't need to login a second time
for /test2 and can see the secured welcome page directly . That's
strange for me, is the SingleSignOn valve enabled by default in tomcat?
FYI, I add following configuration in tomcat-user.xml
<role rolename="User"/>
<user username="test" password="pass.1234" roles="User"/>
If it's not a real issue, please point me how that works, and I'd like
to know how could I set the reauthenticate parameter for SSO.
[1] http://tomcat.apache.org/tomcat-7.0-doc/config/host.html#Single_Sign_On
Thanks & Regards,
RE: SingleSignOn valve enabled by default?
Posted by Martin Gainty <mg...@hotmail.com>.
NO:
<!-- /conf/server.xml -->
<!-- SingleSignOn valve, share authentication between web applications Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
YES:
<!-- /conf/server.xml -->
<!-- SingleSignOn valve, share authentication between web applications Documentation at: /docs/config/valve.html -->
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
Martin
______________________________________________
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni.
Date: Fri, 19 Jul 2013 20:16:32 +0800
From: soul2zimate@gmail.com
To: users@tomcat.apache.org
Subject: SingleSignOn valve enabled by default?
Hi all,
I have an issue with SSO configuration in tomcat 7.0.42.
According to the doc [1], it requires to enable SSO valve inside
server.xml. However, without making such modification, I deployed two
web-app test.war and test2.war (see attached file). Then, try to login
from /test, after successful login, I don't need to login a second time
for /test2 and can see the secured welcome page directly . That's
strange for me, is the SingleSignOn valve enabled by default in tomcat?
FYI, I add following configuration in tomcat-user.xml
<role rolename="User"/>
<user username="test" password="pass.1234" roles="User"/>
If it's not a real issue, please point me how that works, and I'd like
to know how could I set the reauthenticate parameter for SSO.
[1] http://tomcat.apache.org/tomcat-7.0-doc/config/host.html#Single_Sign_On
Thanks & Regards,
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: SingleSignOn valve enabled by default?
Posted by Konstantin Kolinko <kn...@gmail.com>.
2013/7/19 Chao Wang <so...@gmail.com>:
>
>
>
> Hi all,
>
> I have an issue with SSO configuration in tomcat 7.0.42.
>
> According to the doc [1], it requires to enable SSO valve inside
> server.xml. However, without making such modification, I deployed two
> web-app test.war and test2.war (see attached file). Then, try to login
> from /test, after successful login, I don't need to login a second time
> for /test2 and can see the secured welcome page directly . That's
> strange for me, is the SingleSignOn valve enabled by default in tomcat?
>
> FYI, I add following configuration in tomcat-user.xml
> <role rolename="User"/>
> <user username="test" password="pass.1234" roles="User"/>
>
> If it's not a real issue, please point me how that works, and I'd like
> to know how could I set the reauthenticate parameter for SSO.
>
> [1] http://tomcat.apache.org/tomcat-7.0-doc/config/host.html#Single_Sign_On
>
> Thanks & Regards,
>
1. Attachments are not allowed here
http://tomcat.apache.org/lists.html#tomcat-users
-> "7."
2. If you are using BASIC authentication,
then the browser caches the password for this "server+realm name(*)"
combination unless you close the browser window.
(*) realm name = the name as displayed in the authentication prompt.
The browser does not know the structure of your server and where lies
a boundary between different resources on the same server. It is all
the same site and the same realm name, so it reuses the cached
password.
Read more about BASIC authentication.
(Better a RFC document, but a Wikipedia article also should explain the basics).
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org