You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by yo...@apache.org on 2005/10/17 00:21:05 UTC
svn commit: r322520 - in /tomcat/container/tc5.5.x:
catalina/src/share/org/apache/catalina/authenticator/ webapps/docs/
Author: yoavs
Date: Sun Oct 16 15:21:00 2005
New Revision: 322520
URL: http://svn.apache.org/viewcvs?rev=322520&view=rev
Log:
Bugzilla 34724: http://issues.apache.org/bugzilla/show_bug.cgi?id=34724
Modified:
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/mbeans-descriptors.xml
tomcat/container/tc5.5.x/webapps/docs/changelog.xml
Modified: tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
URL: http://svn.apache.org/viewcvs/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java?rev=322520&r1=322519&r2=322520&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java (original)
+++ tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java Sun Oct 16 15:21:00 2005
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2001,2004 The Apache Software Foundation.
+ * Copyright 1999-2001,2004-2005 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -731,6 +731,13 @@
Cookie cookie = new Cookie(Constants.SINGLE_SIGN_ON_COOKIE, ssoId);
cookie.setMaxAge(-1);
cookie.setPath("/");
+
+ // Bugzilla 34724
+ String ssoDomain = sso.getCookieDomain();
+ if(ssoDomain != null) {
+ cookie.setDomain(ssoDomain);
+ }
+
response.addCookie(cookie);
// Register this principal with our SSO valve
Modified: tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java
URL: http://svn.apache.org/viewcvs/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java?rev=322520&r1=322519&r2=322520&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java (original)
+++ tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java Sun Oct 16 15:21:00 2005
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2001,2004 The Apache Software Foundation.
+ * Copyright 1999-2001,2004-2005 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -21,6 +21,7 @@
import java.io.IOException;
import java.security.Principal;
import java.util.HashMap;
+import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
@@ -72,7 +73,7 @@
* The cache of SingleSignOnEntry instances for authenticated Principals,
* keyed by the cookie value that is used to select them.
*/
- protected HashMap cache = new HashMap();
+ protected Map cache = new HashMap();
/**
@@ -98,7 +99,7 @@
* The cache of single sign on identifiers, keyed by the Session that is
* associated with them.
*/
- protected HashMap reverse = new HashMap();
+ protected Map reverse = new HashMap();
/**
@@ -113,9 +114,33 @@
*/
protected boolean started = false;
+ /**
+ * Optional SSO cookie domain.
+ */
+ private String cookieDomain;
// ------------------------------------------------------------- Properties
+ /**
+ * Returns the optional cookie domain.
+ * May return null.
+ *
+ * @return The cookie domain
+ */
+ public String getCookieDomain() {
+ return cookieDomain;
+ }
+ /**
+ * Sets the domain to be used for sso cookies.
+ *
+ * @param cookieDomain cookie domain name
+ */
+ public void setCookieDomain(String cookieDomain) {
+ if (cookieDomain != null && cookieDomain.trim().length() == 0) {
+ cookieDomain = null;
+ }
+ this.cookieDomain = cookieDomain;
+ }
/**
* Gets whether each request needs to be reauthenticated (by an
Modified: tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/mbeans-descriptors.xml
URL: http://svn.apache.org/viewcvs/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/mbeans-descriptors.xml?rev=322520&r1=322519&r2=322520&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/mbeans-descriptors.xml (original)
+++ tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/mbeans-descriptors.xml Sun Oct 16 15:21:00 2005
@@ -113,11 +113,15 @@
<attribute name="requireReauthentication"
description="Should we attempt to reauthenticate each request against the security Realm?"
type="boolean"/>
+
+ <attribute name="cookieDomain"
+ description="(Optiona) Domain to be used by sso cookies"
+ type="java.lang.String" />
</mbean>
- <mbean name="SSLAuthenticator"
+ <mbean name="SSLAuthenticator"
description="An Authenticator and Valve implementation of authentication that utilizes SSL certificates to identify client users"
domain="Catalina"
group="Valve"
Modified: tomcat/container/tc5.5.x/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewcvs/tomcat/container/tc5.5.x/webapps/docs/changelog.xml?rev=322520&r1=322519&r2=322520&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/webapps/docs/changelog.xml (original)
+++ tomcat/container/tc5.5.x/webapps/docs/changelog.xml Sun Oct 16 15:21:00 2005
@@ -40,8 +40,12 @@
</fix>
<fix>
<bug>36840</bug>: Provide information as to which web.xml is being processed on startup to
- help debug parsing errors. (yoavs)
+ help debug parsing errors. (yoavs)
</fix>
+ <add>
+ <bug>34724</bug>: Ability to set domain for Single-Sign-On cookie. Patch by Oliver
+ Rossmueller. (yoavs)
+ </add>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org