Author: remy.maucherat(a)jboss.com Date: 2007-10-18 16:51:53 -0400 (Thu, 18 Oct 2007) New Revision: 314 Modified: trunk/java/org/apache/catalina/authenticator/SingleSignOn.java Log: - For future releases, better extensibility and usage of SSO. Modified: trunk/java/org/apache/catalina/authenticator/SingleSignOn.java =================================================================== --- trunk/java/org/apache/catalina/authenticator/SingleSignOn.java 2007-10-18 16:45:38 UTC (rev 313) +++ trunk/java/org/apache/catalina/authenticator/SingleSignOn.java 2007-10-18 20:51:53 UTC (rev 314) @@ -95,7 +95,7 @@ * reauthenticate each request, or if it itself can bind a UserPrincipal * and AuthType object to the request. */ - private boolean requireReauthentication = false; + protected boolean requireReauthentication = false; /** * The cache of single sign on identifiers, keyed by the Session that is @@ -119,7 +119,7 @@ /** * Optional SSO cookie domain. */ - private String cookieDomain; + protected String cookieDomain; // ------------------------------------------------------------- Properties @@ -308,8 +308,6 @@ // Look up the single session id associated with this session (if any) Session session = event.getSession(); - if (containerLog.isDebugEnabled()) - containerLog.debug("Process session destroyed on " + session); String ssoId = null; synchronized (reverse) { @@ -365,19 +363,12 @@ request.removeNote(Constants.REQ_SSOID_NOTE); // Has a valid user already been authenticated? - if (containerLog.isDebugEnabled()) - containerLog.debug("Process request for '" + request.getRequestURI() + "'"); if (request.getUserPrincipal() != null) { - if (containerLog.isDebugEnabled()) - containerLog.debug(" Principal '" + request.getUserPrincipal().getName() + - "' has already been authenticated"); getNext().invoke(request, response); return; } // Check for the single sign on cookie - if (containerLog.isDebugEnabled()) - containerLog.debug(" Checking for SSO cookie"); Cookie cookie = null; Cookie cookies[] = request.getCookies(); if (cookies == null) @@ -389,21 +380,13 @@ } } if (cookie == null) { - if (containerLog.isDebugEnabled()) - containerLog.debug(" SSO cookie is not present"); getNext().invoke(request, response); return; } // Look up the cached Principal associated with this cookie value - if (containerLog.isDebugEnabled()) - containerLog.debug(" Checking for cached principal for " + cookie.getValue()); SingleSignOnEntry entry = lookup(cookie.getValue()); if (entry != null) { - if (containerLog.isDebugEnabled()) - containerLog.debug(" Found cached principal '" + - (entry.getPrincipal() != null ? entry.getPrincipal().getName() : "") + "' with auth type '" + - entry.getAuthType() + "'"); request.setNote(Constants.REQ_SSOID_NOTE, cookie.getValue()); // Only set security elements if reauthentication is not required if (!getRequireReauthentication()) { @@ -411,8 +394,6 @@ request.setUserPrincipal(entry.getPrincipal()); } } else { - if (containerLog.isDebugEnabled()) - containerLog.debug(" No cached principal found, erasing SSO cookie"); cookie.setMaxAge(0); response.addCookie(cookie); } @@ -452,11 +433,8 @@ * @param ssoId Single sign on identifier * @param session Session to be associated */ - protected void associate(String ssoId, Session session) { + public void associate(String ssoId, Session session) { - if (containerLog.isDebugEnabled()) - containerLog.debug("Associate sso id " + ssoId + " with session " + session); - SingleSignOnEntry sso = lookup(ssoId); if (sso != null) sso.addSession(this, session); @@ -502,11 +480,8 @@ * * @param ssoId Single sign on identifier to deregister */ - protected void deregister(String ssoId) { + public void deregister(String ssoId) { - if (containerLog.isDebugEnabled()) - containerLog.debug("Deregistering sso id '" + ssoId + "'"); - // Look up and remove the corresponding SingleSignOnEntry SingleSignOnEntry sso = null; synchronized (cache) { @@ -519,8 +494,6 @@ // Expire any associated sessions Session sessions[] = sso.findSessions(); for (int i = 0; i < sessions.length; i++) { - if (containerLog.isTraceEnabled()) - containerLog.trace(" Invalidating session " + sessions[i]); // Remove from reverse cache first to avoid recursion synchronized (reverse) { reverse.remove(sessions[i]); @@ -557,7 +530,7 @@ * @return <code>true</code> if reauthentication was successful, * <code>false</code> otherwise. */ - protected boolean reauthenticate(String ssoId, Realm realm, + public boolean reauthenticate(String ssoId, Realm realm, Request request) { if (ssoId == null || realm == null) @@ -596,13 +569,9 @@ * @param username Username used to authenticate this user * @param password Password used to authenticate this user */ - protected void register(String ssoId, Principal principal, String authType, + public void register(String ssoId, Principal principal, String authType, String username, String password) { - if (containerLog.isDebugEnabled()) - containerLog.debug("Registering sso id '" + ssoId + "' for user '" + - (principal != null ? principal.getName() : "") + "' with auth type '" + authType + "'"); - synchronized (cache) { cache.put(ssoId, new SingleSignOnEntry(principal, authType, username, password)); @@ -641,14 +610,11 @@ SingleSignOnEntry sso = lookup(ssoId); if (sso != null && !sso.getCanReauthenticate()) { - if (containerLog.isDebugEnabled()) - containerLog.debug("Update sso id " + ssoId + " to auth type " + authType); - synchronized(sso) { sso.updateCredentials(principal, authType, username, password); } - } + } @@ -676,10 +642,6 @@ */ protected void removeSession(String ssoId, Session session) { - if (containerLog.isDebugEnabled()) - containerLog.debug("Removing session " + session.toString() + " from sso id " + - ssoId ); - // Get a reference to the SingleSignOn SingleSignOnEntry entry = lookup(ssoId); if (entry == null)