You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by yo...@apache.org on 2005/10/17 00:21:05 UTC

svn commit: r322520 - in /tomcat/container/tc5.5.x: catalina/src/share/org/apache/catalina/authenticator/ webapps/docs/

Author: yoavs
Date: Sun Oct 16 15:21:00 2005
New Revision: 322520

URL: http://svn.apache.org/viewcvs?rev=322520&view=rev
Log:
Bugzilla 34724: http://issues.apache.org/bugzilla/show_bug.cgi?id=34724

Modified:
    tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
    tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java
    tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/mbeans-descriptors.xml
    tomcat/container/tc5.5.x/webapps/docs/changelog.xml

Modified: tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
URL: http://svn.apache.org/viewcvs/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java?rev=322520&r1=322519&r2=322520&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java (original)
+++ tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java Sun Oct 16 15:21:00 2005
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2001,2004 The Apache Software Foundation.
+ * Copyright 1999-2001,2004-2005 The Apache Software Foundation.
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -731,6 +731,13 @@
             Cookie cookie = new Cookie(Constants.SINGLE_SIGN_ON_COOKIE, ssoId);
             cookie.setMaxAge(-1);
             cookie.setPath("/");
+            
+            // Bugzilla 34724
+            String ssoDomain = sso.getCookieDomain();
+            if(ssoDomain != null) {
+                cookie.setDomain(ssoDomain);
+            }
+
             response.addCookie(cookie);
 
             // Register this principal with our SSO valve

Modified: tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java
URL: http://svn.apache.org/viewcvs/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java?rev=322520&r1=322519&r2=322520&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java (original)
+++ tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java Sun Oct 16 15:21:00 2005
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2001,2004 The Apache Software Foundation.
+ * Copyright 1999-2001,2004-2005 The Apache Software Foundation.
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,6 +21,7 @@
 import java.io.IOException;
 import java.security.Principal;
 import java.util.HashMap;
+import java.util.Map;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.Cookie;
@@ -72,7 +73,7 @@
      * The cache of SingleSignOnEntry instances for authenticated Principals,
      * keyed by the cookie value that is used to select them.
      */
-    protected HashMap cache = new HashMap();
+    protected Map cache = new HashMap();
 
 
     /**
@@ -98,7 +99,7 @@
      * The cache of single sign on identifiers, keyed by the Session that is
      * associated with them.
      */
-    protected HashMap reverse = new HashMap();
+    protected Map reverse = new HashMap();
 
 
     /**
@@ -113,9 +114,33 @@
      */
     protected boolean started = false;
 
+    /**
+     * Optional SSO cookie domain.
+     */
+    private String cookieDomain;
 
     // ------------------------------------------------------------- Properties
 
+    /**
+     * Returns the optional cookie domain.
+     * May return null.
+     *
+     * @return The cookie domain
+     */
+    public String getCookieDomain() {
+        return cookieDomain;
+    }
+    /**
+     * Sets the domain to be used for sso cookies.
+     *
+     * @param cookieDomain cookie domain name
+     */
+    public void setCookieDomain(String cookieDomain) {
+        if (cookieDomain != null && cookieDomain.trim().length() == 0) {
+            cookieDomain = null;
+        }
+        this.cookieDomain = cookieDomain;
+    }
 
     /**
      * Gets whether each request needs to be reauthenticated (by an

Modified: tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/mbeans-descriptors.xml
URL: http://svn.apache.org/viewcvs/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/mbeans-descriptors.xml?rev=322520&r1=322519&r2=322520&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/mbeans-descriptors.xml (original)
+++ tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/mbeans-descriptors.xml Sun Oct 16 15:21:00 2005
@@ -113,11 +113,15 @@
     <attribute name="requireReauthentication"
                description="Should we attempt to reauthenticate each request against the security Realm?"
                type="boolean"/>
+
+    <attribute name="cookieDomain"
+               description="(Optiona) Domain to be used by sso cookies"
+               type="java.lang.String" />
       
   </mbean>
 
 
-  <mbean  name="SSLAuthenticator"
+  <mbean name="SSLAuthenticator"
          description="An Authenticator and Valve implementation of authentication that utilizes SSL certificates to identify client users"
          domain="Catalina"
          group="Valve"

Modified: tomcat/container/tc5.5.x/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewcvs/tomcat/container/tc5.5.x/webapps/docs/changelog.xml?rev=322520&r1=322519&r2=322520&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/webapps/docs/changelog.xml (original)
+++ tomcat/container/tc5.5.x/webapps/docs/changelog.xml Sun Oct 16 15:21:00 2005
@@ -40,8 +40,12 @@
       </fix>
       <fix>
         <bug>36840</bug>: Provide information as to which web.xml is being processed on startup to
-          help debug parsing errors. (yoavs)
+        help debug parsing errors. (yoavs)
       </fix>
+      <add>
+        <bug>34724</bug>: Ability to set domain for Single-Sign-On cookie.  Patch by Oliver
+        Rossmueller. (yoavs)
+      </add>
     </changelog>
   </subsection>
   <subsection name="Coyote">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org