Author: pero Date: Wed Jan 17 10:03:59 2007 New Revision: 497104 URL: http://svn.apache.org/viewvc?view=rev&rev=497104 Log: Add clustered SSO code, submitted by Fabien Carrion Backport form tomcat 6.0.x Formatting source
Added: tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/ tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOn.java tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOnListener.java tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/SingleSignOnMessage.java tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/mbeans-descriptors.xml Modified: tomcat/container/tc5.5.x/modules/cluster/build.xml tomcat/container/tc5.5.x/webapps/docs/changelog.xml Modified: tomcat/container/tc5.5.x/modules/cluster/build.xml URL: http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/modules/cluster/build.xml?view=diff&rev=497104&r1=497103&r2=497104 ============================================================================== --- tomcat/container/tc5.5.x/modules/cluster/build.xml (original) +++ tomcat/container/tc5.5.x/modules/cluster/build.xml Wed Jan 17 10:03:59 2007 @@ -100,6 +100,8 @@ tofile="${catalina.build}/classes/org/apache/catalina/cluster/mcast/LocalStrings.properties"/> <copy file="${basedir}/src/share/org/apache/catalina/cluster/mcast/mbeans-descriptors.xml" tofile="${catalina.build}/classes/org/apache/catalina/cluster/mcast/mbeans-descriptors.xml"/> + <copy file="${basedir}/src/share/org/apache/catalina/cluster/authenticator/mbeans-descriptors.xml" + tofile="${catalina.build}/classes/org/apache/catalina/cluster/authenticator/mbeans-descriptors.xml"/> </target> @@ -115,7 +117,7 @@ version="true" windowtitle="Catalina Internal API Documentation" doctitle="Catalina API" - bottom="Copyright © 2000-2002 Apache Software Foundation. All Rights Reserved." + bottom="Copyright © 2000-2007 Apache Software Foundation. All Rights Reserved." /> </target> Added: tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOn.java URL: http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOn.java?view=auto&rev=497104 ============================================================================== --- tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOn.java (added) +++ tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOn.java Wed Jan 17 10:03:59 2007 @@ -0,0 +1,376 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.apache.catalina.cluster.authenticator; + + +import java.security.Principal; + +import org.apache.catalina.Container; +import org.apache.catalina.Cluster; +import org.apache.catalina.Engine; +import org.apache.catalina.Host; +import org.apache.catalina.LifecycleException; +import org.apache.catalina.Manager; +import org.apache.catalina.Session; +import org.apache.catalina.authenticator.SingleSignOn; +import org.apache.catalina.cluster.CatalinaCluster; +import org.apache.catalina.cluster.ClusterManager; +import org.apache.catalina.cluster.ClusterValve; + +/** + * A <strong>Valve</strong> that supports a "single sign on" user experience on + * each nodes of a cluster, where the security identity of a user who successfully + * authenticates to one web application is propogated to other web applications and + * to other nodes cluster in the same security domain. For successful use, the following + * requirements must be met: + * <ul> + * <li>This Valve must be configured on the Container that represents a + * virtual host (typically an implementation of <code>Host</code>).</li> + * <li>The <code>Realm</code> that contains the shared user and role + * information must be configured on the same Container (or a higher + * one), and not overridden at the web application level.</li> + * <li>The web applications themselves must use one of the standard + * Authenticators found in the + * <code>org.apache.catalina.authenticator</code> package.</li> + * </ul> + * + * @author Fabien Carrion + */ + +public class ClusterSingleSignOn + extends SingleSignOn implements ClusterValve { + + // ----------------------------------------------------- Instance Variables + + /** + * Descriptive information about this Valve implementation. + */ + protected static String info = + "org.apache.catalina.cluster.authenticator.ClusterSingleSignOn/1.0"; + + protected int messageNumber = 0; + + private ClusterSingleSignOnListener clusterSSOListener = null; + + // ------------------------------------------------------------- Properties + + private CatalinaCluster cluster = null; + + /** + * Return descriptive information about this Valve implementation. + */ + public String getInfo() { + return (info); + } + + public CatalinaCluster getCluster() { + return cluster; + } + + public void setCluster(CatalinaCluster cluster) { + this.cluster = cluster; + } + + // ------------------------------------------------------ Lifecycle Methods + + /** + * Prepare for the beginning of active use of the public methods of this + * component. This method should be called after <code>configure()</code>, + * and before any of the public methods of the component are utilized. + * + * @exception LifecycleException if this component detects a fatal error + * that prevents this component from being used + */ + public void start() throws LifecycleException { + super.start(); + clusterSSOListener = new ClusterSingleSignOnListener(); + clusterSSOListener.setClusterSSO(this); + // Load the cluster component, if any + try { + //the channel is already running + Cluster cluster = getCluster(); + // stop remove cluster binding + if(cluster == null) { + Container host = getContainer(); + if(host != null && host instanceof Host) { + cluster = host.getCluster(); + if(cluster != null && cluster instanceof CatalinaCluster) { + setCluster((CatalinaCluster) cluster); + } else { + Container engine = host.getParent(); + if(engine != null && engine instanceof Engine) { + cluster = engine.getCluster(); + if(cluster != null && cluster instanceof CatalinaCluster) { + setCluster((CatalinaCluster) cluster); + } + } else { + cluster = null; + } + } + } + } + if (cluster == null) { + throw new LifecycleException + ("There is no Cluster for ClusterSingleSignOn"); + } + ((CatalinaCluster)cluster).addClusterListener(clusterSSOListener); + } catch (Throwable t) { + throw new LifecycleException + ("ClusterSingleSignOn exception during clusterLoad " + t); + } + } + + /** + * Gracefully terminate the active use of the public methods of this + * component. This method should be the last one called on a given + * instance of this component. + * + * @exception LifecycleException if this component detects a fatal error + * that needs to be reported + */ + public void stop() throws LifecycleException { + super.stop(); + if (getCluster() != null && getCluster() instanceof CatalinaCluster) { + getCluster().removeClusterListener(clusterSSOListener); + } + } + + // --------------------------------------------------------- Public Methods + + /** + * Return a String rendering of this object. + */ + public String toString() { + StringBuffer sb = new StringBuffer("ClusterSingleSignOn["); + if (container == null ) + sb.append("Container is null"); + else + sb.append(container.getName()); + sb.append("]"); + return (sb.toString()); + } + + // ------------------------------------------------------ Protected Methods + + /** + * Notify the cluster of the addition of a Session to + * an SSO session and associate the specified single + * sign on identifier with the specified Session on the + * local node. + * + * @param ssoId Single sign on identifier + * @param session Session to be associated + */ + protected void associate(String ssoId, Session session) { + if (cluster != null) { + messageNumber++; + SingleSignOnMessage msg = + new SingleSignOnMessage(cluster.getLocalMember(), + ssoId, session.getId()); + Manager mgr = session.getManager(); + if ((mgr != null) && (mgr instanceof ClusterManager)) + msg.setContextName(((ClusterManager) mgr).getName()); + msg.setAction(SingleSignOnMessage.ADD_SESSION); + cluster.sendClusterDomain(msg); + if (containerLog.isDebugEnabled()) + containerLog.debug("SingleSignOnMessage Send with action " + + msg.getAction()); + } + associateLocal(ssoId, session); + + } + + protected void associateLocal(String ssoId, Session session) { + super.associate(ssoId, session); + } + + /** + * Notify the cluster of the removal of a Session from an + * SSO session and deregister the specified session. If it is the last + * session, then also get rid of the single sign on identifier on the + * local node. + * + * @param ssoId Single sign on identifier + * @param session Session to be deregistered + */ + protected void deregister(String ssoId, Session session) { + if (cluster != null) { + messageNumber++; + SingleSignOnMessage msg = + new SingleSignOnMessage(cluster.getLocalMember(), + ssoId, session.getId()); + Manager mgr = session.getManager(); + if ((mgr != null) && (mgr instanceof ClusterManager)) + msg.setContextName(((ClusterManager) mgr).getName()); + msg.setAction(SingleSignOnMessage.DEREGISTER_SESSION); + cluster.sendClusterDomain(msg); + if (containerLog.isDebugEnabled()) + containerLog.debug("SingleSignOnMessage Send with action " + + msg.getAction()); + } + deregisterLocal(ssoId, session); + } + + protected void deregisterLocal(String ssoId, Session session) { + super.deregister(ssoId, session); + } + + /** + * Notifies the cluster that a single sign on session + * has been terminated due to a user logout, deregister + * the specified single sign on identifier, and invalidate + * any associated sessions on the local node. + * + * @param ssoId Single sign on identifier to deregister + */ + protected void deregister(String ssoId) { + if (cluster != null) { + messageNumber++; + SingleSignOnMessage msg = + new SingleSignOnMessage(cluster.getLocalMember(), + ssoId, null); + msg.setAction(SingleSignOnMessage.LOGOUT_SESSION); + cluster.sendClusterDomain(msg); + if (containerLog.isDebugEnabled()) + containerLog.debug("SingleSignOnMessage Send with action " + + msg.getAction()); + } + deregisterLocal(ssoId); + } + + protected void deregisterLocal(String ssoId) { + super.deregister(ssoId); + } + + /** + * Notifies the cluster of the creation of a new SSO entry + * and register the specified Principal as being associated + * with the specified value for the single sign on identifier. + * + * @param ssoId Single sign on identifier to register + * @param principal Associated user principal that is identified + * @param authType Authentication type used to authenticate this + * user principal + * @param username Username used to authenticate this user + * @param password Password used to authenticate this user + */ + protected void register(String ssoId, Principal principal, String authType, + String username, String password) { + if (cluster != null) { + messageNumber++; + SingleSignOnMessage msg = + new SingleSignOnMessage(cluster.getLocalMember(), + ssoId, null); + msg.setAction(SingleSignOnMessage.REGISTER_SESSION); + msg.setAuthType(authType); + msg.setUsername(username); + msg.setPassword(password); + cluster.sendClusterDomain(msg); + if (containerLog.isDebugEnabled()) + containerLog.debug("SingleSignOnMessage Send with action " + + msg.getAction()); + } + registerLocal(ssoId, principal, authType, username, password); + } + + protected void registerLocal(String ssoId, Principal principal, String authType, + String username, String password) { + super.register(ssoId, principal, authType, username, password); + } + + /** + * Notifies the cluster of an update of the security credentials + * associated with an SSO session. Updates any <code>SingleSignOnEntry</code> + * found under key <code>ssoId</code> with the given authentication data. + * <p> + * The purpose of this method is to allow an SSO entry that was + * established without a username/password combination (i.e. established + * following DIGEST or CLIENT-CERT authentication) to be updated with + * a username and password if one becomes available through a subsequent + * BASIC or FORM authentication. The SSO entry will then be usable for + * reauthentication. + * <p> + * <b>NOTE:</b> Only updates the SSO entry if a call to + * <code>SingleSignOnEntry.getCanReauthenticate()</code> returns + * <code>false</code>; otherwise, it is assumed that the SSO entry already + * has sufficient information to allow reauthentication and that no update + * is needed. + * + * @param ssoId identifier of Single sign to be updated + * @param principal the <code>Principal</code> returned by the latest + * call to <code>Realm.authenticate</code>. + * @param authType the type of authenticator used (BASIC, CLIENT-CERT, + * DIGEST or FORM) + * @param username the username (if any) used for the authentication + * @param password the password (if any) used for the authentication + */ + protected void update(String ssoId, Principal principal, String authType, + String username, String password) { + if (cluster != null) { + messageNumber++; + SingleSignOnMessage msg = + new SingleSignOnMessage(cluster.getLocalMember(), + ssoId, null); + msg.setAction(SingleSignOnMessage.UPDATE_SESSION); + msg.setAuthType(authType); + msg.setUsername(username); + msg.setPassword(password); + cluster.sendClusterDomain(msg); + if (containerLog.isDebugEnabled()) + containerLog.debug("SingleSignOnMessage Send with action " + + msg.getAction()); + } + updateLocal(ssoId, principal, authType, username, password); + } + + protected void updateLocal(String ssoId, Principal principal, String authType, + String username, String password) { + super.update(ssoId, principal, authType, username, password); + } + + /** + * Remove a single Session from a SingleSignOn and notify the cluster + * of the removal. Called when a session is timed out and no longer active. + * + * @param ssoId Single sign on identifier from which to remove the session. + * @param session the session to be removed. + */ + protected void removeSession(String ssoId, Session session) { + if (cluster != null) { + messageNumber++; + SingleSignOnMessage msg = + new SingleSignOnMessage(cluster.getLocalMember(), + ssoId, session.getId()); + Manager mgr = session.getManager(); + if ((mgr != null) && (mgr instanceof ClusterManager)) + msg.setContextName(((ClusterManager) mgr).getName()); + msg.setAction(SingleSignOnMessage.REMOVE_SESSION); + cluster.sendClusterDomain(msg); + if (containerLog.isDebugEnabled()) + containerLog.debug("SingleSignOnMessage Send with action " + + msg.getAction()); + } + removeSessionLocal(ssoId, session); + } + + protected void removeSessionLocal(String ssoId, Session session) { + super.removeSession(ssoId, session); + } + +} Added: tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOnListener.java URL: http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOnListener.java?view=auto&rev=497104 ============================================================================== --- tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOnListener.java (added) +++ tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/ClusterSingleSignOnListener.java Wed Jan 17 10:03:59 2007 @@ -0,0 +1,172 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.catalina.cluster.authenticator; + +import java.util.Map; +import java.io.IOException; + +import org.apache.catalina.Session; +import org.apache.catalina.cluster.ClusterManager; +import org.apache.catalina.cluster.ClusterMessage; +import org.apache.catalina.cluster.session.ClusterListener; + +/** + * Receive replicated SingleSignOnMessage form other cluster node. + * + * @author Fabien Carrion + */ +public class ClusterSingleSignOnListener extends ClusterListener { + + /** + * The descriptive information about this implementation. + */ + protected static final String info = "org.apache.catalina.cluster.authenticator.ClusterSingleSignOnListener/1.0"; + + // ------------------------------------------------------------- Properties + + private ClusterSingleSignOn clusterSSO = null; + + // --Constructor--------------------------------------------- + + public ClusterSingleSignOnListener() { + } + + // --Logic--------------------------------------------------- + + /** + * Return descriptive information about this implementation. + */ + public String getInfo() { + + return (info); + + } + + public ClusterSingleSignOn getClusterSSO() { + + return clusterSSO; + + } + + public void setClusterSSO(ClusterSingleSignOn clusterSSO) { + + this.clusterSSO = clusterSSO; + + } + + /** + * Callback from the cluster, when a message is received, The cluster will + * broadcast it invoking the messageReceived on the receiver. + * + * @param myobj + * ClusterMessage - the message received from the cluster + */ + public void messageReceived(ClusterMessage myobj) { + if (myobj != null && myobj instanceof SingleSignOnMessage) { + SingleSignOnMessage msg = (SingleSignOnMessage) myobj; + int action = msg.getAction(); + Session session = null; + + if (log.isDebugEnabled()) + log.debug("SingleSignOnMessage Received with action " + + msg.getAction()); + + switch (action) { + case SingleSignOnMessage.ADD_SESSION: + session = getSession(msg.getSessionId(), msg.getContextName()); + if (session != null) + clusterSSO.associateLocal(msg.getSsoId(), session); + break; + case SingleSignOnMessage.DEREGISTER_SESSION: + session = getSession(msg.getSessionId(), msg.getContextName()); + if (session != null) + clusterSSO.deregisterLocal(msg.getSsoId(), session); + break; + case SingleSignOnMessage.LOGOUT_SESSION: + clusterSSO.deregisterLocal(msg.getSsoId()); + break; + case SingleSignOnMessage.REGISTER_SESSION: + clusterSSO.registerLocal(msg.getSsoId(), null, msg + .getAuthType(), msg.getUsername(), msg.getPassword()); + break; + case SingleSignOnMessage.UPDATE_SESSION: + clusterSSO.updateLocal(msg.getSsoId(), null, msg.getAuthType(), + msg.getUsername(), msg.getPassword()); + break; + case SingleSignOnMessage.REMOVE_SESSION: + session = getSession(msg.getSessionId(), msg.getContextName()); + if (session != null) + clusterSSO.removeSessionLocal(msg.getSsoId(), session); + break; + } + } + } + + /** + * Accept only SingleSignOnMessage + * + * @param msg + * ClusterMessage + * @return boolean - returns true to indicate that messageReceived should be + * invoked. If false is returned, the messageReceived method will + * not be invoked. + */ + public boolean accept(ClusterMessage msg) { + return (msg instanceof SingleSignOnMessage); + } + + private Session getSession(String sessionId, String ctxname) { + + Map managers = clusterSSO.getCluster().getManagers(); + Session session = null; + + if (ctxname == null) { + java.util.Iterator i = managers.keySet().iterator(); + while (i.hasNext()) { + String key = (String) i.next(); + ClusterManager mgr = (ClusterManager) managers.get(key); + if (mgr != null) { + try { + session = mgr.findSession(sessionId); + } catch (IOException io) { + log.error("Session doesn't exist:" + io); + } + return session; + } else { + // this happens a lot before the system has started + // up + if (log.isDebugEnabled()) + log.debug("Context manager doesn't exist:" + key); + } + } + } else { + ClusterManager mgr = (ClusterManager) managers.get(ctxname); + if (mgr != null) { + try { + session = mgr.findSession(sessionId); + } catch (IOException io) { + log.error("Session doesn't exist:" + io); + } + return session; + } else { + log.error("Context manager doesn't exist:" + ctxname); + } + } + return null; + } +} Added: tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/SingleSignOnMessage.java URL: http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/SingleSignOnMessage.java?view=auto&rev=497104 ============================================================================== --- tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/SingleSignOnMessage.java (added) +++ tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/SingleSignOnMessage.java Wed Jan 17 10:03:59 2007 @@ -0,0 +1,237 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.catalina.cluster.authenticator; + +import java.io.Serializable; + +import org.apache.catalina.cluster.ClusterMessage; +import org.apache.catalina.cluster.Member; + +/** + * Contains the SingleSignOn data, read and written by the ClusterSingleSignOn + * + * @author Fabien Carrion + */ + +public class SingleSignOnMessage implements ClusterMessage, Serializable { + + public static final int ADD_SESSION = 1; + + public static final int DEREGISTER_SESSION = 2; + + public static final int LOGOUT_SESSION = 3; + + public static final int REGISTER_SESSION = 4; + + public static final int UPDATE_SESSION = 5; + + public static final int REMOVE_SESSION = 6; + + private int action = -1; + + private String ssoId = null; + + private String ctxname = null; + + private String sessionId = null; + + private String authType = null; + + private String password = null; + + private String username = null; + + private Member address = null; + + private long timestamp = 0; + + private String uniqueId = null; + + private int resend = ClusterMessage.FLAG_DEFAULT; + + private int compress = ClusterMessage.FLAG_DEFAULT; + + public SingleSignOnMessage(Member source, String ssoId, String sessionId) { + this.address = source; + this.ssoId = ssoId; + this.sessionId = sessionId; + } + + /** + * Get the address that this message originated from. This would be set if + * the message was being relayed from a host other than the one that + * originally sent it. + */ + public Member getAddress() { + return address; + } + + /** + * Called by the cluster before sending it to the other nodes. + * + * @param member + * Member + */ + public void setAddress(Member member) { + this.address = member; + } + + /** + * Timestamp message. + * + * @return long + */ + public long getTimestamp() { + return timestamp; + } + + /** + * Called by the cluster before sending out the message. + * + * @param timestamp + * The timestamp + */ + public void setTimestamp(long timestamp) { + this.timestamp = timestamp; + } + + /** + * Each message must have a unique ID, in case of using async replication, + * and a smart queue, this id is used to replace messages not yet sent. + * + * @return String + */ + public String getUniqueId() { + if (this.uniqueId != null) + return this.uniqueId; + StringBuffer result = new StringBuffer(getSsoId()); + result.append("#-#"); + result.append(System.currentTimeMillis()); + return result.toString(); + } + + public void setUniqueId(String uniqueId) { + this.uniqueId = uniqueId; + } + + public int getAction() { + return action; + } + + public void setAction(int action) { + this.action = action; + } + + public String getSsoId() { + return ssoId; + } + + public void setSsoId(String ssoId) { + this.ssoId = ssoId; + } + + public String getContextName() { + return ctxname; + } + + public void setContextName(String ctxname) { + this.ctxname = ctxname; + } + + public String getSessionId() { + return sessionId; + } + + public void setSessionId(String sessionId) { + this.sessionId = sessionId; + } + + public String getAuthType() { + return authType; + } + + public void setAuthType(String authType) { + this.authType = authType; + } + + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } + + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + + /** + * @return Returns the compress. + * @since 5.5.10 + */ + public int getCompress() { + return compress; + } + + /** + * @param compress + * The compress to set. + * @since 5.5.10 + */ + public void setCompress(int compress) { + this.compress = compress; + } + + /** + * @return Returns the resend. + * @since 5.5.10 + */ + public int getResend() { + return resend; + } + + /** + * @param resend + * The resend to set. + * @since 5.5.10 + */ + public void setResend(int resend) { + this.resend = resend; + } + + // --------------------------------------------------------- Public Methods + + /** + * Return a String rendering of this object. + */ + public String toString() { + + StringBuffer sb = new StringBuffer("SingleSignOnMessage[action="); + sb.append(getAction()).append(", ssoId=").append(getSsoId()); + sb.append(", sessionId=").append(getSessionId()).append(", username="); + sb.append(getUsername()).append("]"); + return (sb.toString()); + + } + +} Added: tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/mbeans-descriptors.xml URL: http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/mbeans-descriptors.xml?view=auto&rev=497104 ============================================================================== --- tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/mbeans-descriptors.xml (added) +++ tomcat/container/tc5.5.x/modules/cluster/src/share/org/apache/catalina/cluster/authenticator/mbeans-descriptors.xml Wed Jan 17 10:03:59 2007 @@ -0,0 +1,25 @@ +<?xml version="1.0"?> +<mbeans-descriptors> + + <mbean name="ClusterSingleSignOn" + description="A Valve that supports a 'single signon' user experience on a whole cluster" + domain="Catalina" + group="Valve" + type="org.apache.catalina.cluster.authenticator.ClusterSingleSignOn"> + + <attribute name="className" + description="Fully qualified class name of the managed object" + type="java.lang.String" + writeable="false"/> + + <attribute name="requireReauthentication" + description="Should we attempt to reauthenticate each request against the security Realm?" + type="boolean"/> + + <attribute name="cookieDomain" + description="(Optiona) Domain to be used by sso cookies" + type="java.lang.String" /> + + </mbean> + +</mbeans-descriptors> Modified: tomcat/container/tc5.5.x/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/webapps/docs/changelog.xml?view=diff&rev=497104&r1=497103&r2=497104 ============================================================================== --- tomcat/container/tc5.5.x/webapps/docs/changelog.xml (original) +++ tomcat/container/tc5.5.x/webapps/docs/changelog.xml Wed Jan 17 10:03:59 2007 @@ -350,6 +350,10 @@ <subsection name="Cluster"> <changelog> <add> + Add clustered SSO code and backport feature from Tomcat 6.0.x, + submitted by Fabien Carrion (pero) + </add> + <add> Add better recovery at FastAsyncQueueSender. Made the startegy more robust for temporary connection problems (pero) </add> </changelog> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]