[gatein-issues] [JBoss JIRA] (GTNSSO-12) CASAgent Singleton causes issues when different Portal Container in the same JVM uses InitiateLoginFilter

Marek Posolda (JIRA) jira-events at lists.jboss.org
Fri Sep 21 17:06:34 EDT 2012 

     [ https://issues.jboss.org/browse/GTNSSO-12?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Marek Posolda resolved GTNSSO-12.
---------------------------------

    Fix Version/s: 1.2.0-Beta02
       Resolution: Done


Nice timing! I already fixed this issue few days ago during some refactoring in SSO component. It will be available in next SSO release and definitely in EPP 6.

With the fix CASAgent, JOSSOAgent and OpenSSOAgent are not singletons, but are configured as components through exo kernel. This means that each portal container will have it's own CASAgent (and other agents). You can check latest sources here:
https://github.com/mposolda/gatein-sso/blob/master/agent/src/main/java/org/gatein/sso/agent/filter/InitiateLoginFilter.java

https://github.com/mposolda/gatein-sso/blob/master/agent/src/main/java/org/gatein/sso/agent/cas/CASAgent.java

https://github.com/mposolda/gatein-sso/blob/master/agent/src/main/java/org/gatein/sso/agent/cas/CASAgentImpl.java

And kernel configuration: https://github.com/mposolda/gatein-sso/blob/master/agent/src/main/resources/conf/portal/configuration.xml


                
> CASAgent Singleton causes issues when different Portal Container in the same JVM uses InitiateLoginFilter
> ---------------------------------------------------------------------------------------------------------
>
>                 Key: GTNSSO-12
>                 URL: https://issues.jboss.org/browse/GTNSSO-12
>             Project: GateIn SSO
>          Issue Type: Bug
>    Affects Versions: 1.1.1-GA
>         Environment: OS X 10.8.2, Java 1.6, JBoss EPP 5.2.2, 
>            Reporter: Ray Tsang
>            Assignee: Marek Posolda
>              Labels: sso-agent
>             Fix For: 1.2.0-Beta02
>
>
> When 2 or more portal containers are configured with InitiateLoginFilter in web.xml, both InitiateLoginFilter instances gets CASAgent by CASAgent.getInstance(serverUrl,serviceUrl).  However, the url may differ (especially the serviceUrl).
> Even though CASAgent.getInstance(...) takes in 2 arguments, it only stores a single singleton reference, hence whoever caused the single to instantiate first instances wins, and subsequent InitiateLoginFilter instances will get an instance with a different serverUrl/serviceUrl configuration.  This causes CAS authentication to fail.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the gatein-issues mailing list