On 11/10/11 22:24, Christopher Schultz wrote:
I'm not an expert at SSO, nor have I ever used it on any of my projects. All my answers should be considered suspicious :)
>
So, it looks like the Valve should *not* be expiring your SSO when the "static" webapp's session expires. Can you confirm that you really are suffering a timeout? Are there other reasons a session could be invalidated in any one of your webapps? The "static" one seems like the most likely candidate, but one of the others could be doing it.
>
Can you enable debug logging for org.apache.catalina.authenticator.SingleSignOn? It looks like there should be lots of good logging emitted in there for you to check.
It was late at night when I said the SSO Valve was a jsp. Thanks for not pointing out my mistake!
I've successfully run a remote debugger session against the SingleSignOn Valve while it is handling my timeout scenario.
Interestingly, the logic to handle the timeout of a single webapp is exactly as I wanted it to be... only the specific Session is removed from the array and the SSOEvent remains cached and valid until the array becomes empty. However, when the first of the two Sessions times out, the array immediately becomes empty and so the SSOEntry is legitimately deregistered!
It seems the second, longer-lived, webapp's Session is no longer associated with the existing SSOEntry when the first webapp times out. I noticed the second Session being validated, but didn't follow that particular bit of logic. I will run the scenario again to see what happens when the second webapp is first called.
Brian --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
