/** * Deregister the specified session. If it is the last session, * then also get rid of the single sign on identifier * * @param ssoId Single sign on identifier * @param session Session to be deregistered */ protected void deregister(String ssoId, Session session) { synchronized (reverse) { reverse.remove(session); } SingleSignOnEntry sso = lookup(ssoId); if (sso == null) return; sso.removeSession(session); // see if we are the last session, if so blow away ssoId Session sessions[] = sso.findSessions(); if (sessions == null || sessions.length == 0) { synchronized (cache) { cache.remove(ssoId); } } }
/** * Register the specified Principal as being associated with the specified * value for the single sign on identifier. * * @param ssoId Single sign on identifier to register * @param principal Associated user principal that is identified * @param authType Authentication type used to authenticate this * user principal * @param username Username used to authenticate this user * @param password Password used to authenticate this user */ public void register(String ssoId, Principal principal, String authType, String username, String password) { synchronized (cache) { cache.put(ssoId, new SingleSignOnEntry(principal, authType, username, password)); } }
/** * Associate the specified single sign on identifier with the * specified Session. * * @param ssoId Single sign on identifier * @param session Session to be associated */ public void associate(String ssoId, Session session) { SingleSignOnEntry sso = lookup(ssoId); if (sso != null) sso.addSession(this, session); synchronized (reverse) { reverse.put(session, ssoId); } }
if (sso != null && !sso.getCanReauthenticate()) { synchronized(sso) { sso.updateCredentials(principal, authType, username, password);
/** * Remove a single Session from a SingleSignOn. Called when * a session is timed out and no longer active. * * @param ssoId Single sign on identifier from which to remove the session. * @param session the session to be removed. */ protected void removeSession(String ssoId, Session session) { if (logger.isLoggable(Level.FINE)) { logger.fine("Removing session " + session.toString() + " from sso id " + ssoId ); } // Get a reference to the SingleSignOn SingleSignOnEntry entry = lookup(ssoId); if (entry == null) return; // Remove the inactive session from SingleSignOnEntry entry.removeSession(session); // If there are not sessions left in the SingleSignOnEntry, // deregister the entry. if (entry.isEmpty()) { deregister(ssoId); } }
if (entry != null && entry.getCanReauthenticate()) { String username = entry.getUsername(); if (username != null) { Principal reauthPrincipal = realm.authenticate(username, entry.getPassword()); if (reauthPrincipal != null) { reauthenticated = true; request.setAuthType(entry.getAuthType()); request.setUserPrincipal(reauthPrincipal);
if (containerLog.isDebugEnabled()) containerLog.debug(" Found cached principal '" + entry.getPrincipal().getName() + "' with auth type '" + entry.getAuthType() + "'"); request.setNote(Constants.REQ_SSOID_NOTE, cookie.getValue()); request.setAuthType(entry.getAuthType()); request.setUserPrincipal(entry.getPrincipal());
if (logger.isLoggable(Level.FINE)) { logger.fine(" Found cached principal '" + entry.getPrincipal().getName() + "' with auth type '" + entry.getAuthType() + "' in realm '" + entry.getRealmName() + "'"); if (entry.getRealmName().equals(realmName)) { request.setNote(Constants.REQ_SSOID_NOTE, cookie.getValue()); ((HttpRequest) request).setAuthType(entry.getAuthType()); ((HttpRequest) request).setUserPrincipal(entry.getPrincipal()); entry.setLastAccessTime(System.currentTimeMillis());
/** * Creates a new SingleSignOnEntry * * @param principal the <code>Principal</code> returned by the latest * call to <code>Realm.authenticate</code>. * @param authType the type of authenticator used (BASIC, CLIENT_CERT, * DIGEST or FORM) * @param username the username (if any) used for the authentication * @param password the password (if any) used for the authentication */ public SingleSignOnEntry(Principal principal, String authType, String username, String password) { updateCredentials(principal, authType, username, password); }
if (debug >= 1) { String msg = MessageFormat.format(rb.getString(LogFacade.FOUND_CACHED_PRINCIPAL_AUTH_TYPE_INFO), new Object[] {entry.getPrincipal().getName(), entry.getAuthType()}); log(msg); long ver = entry.incrementAndGetVersion(); request.setNote(Constants.REQ_SSO_VERSION_NOTE, Long.valueOf(ver)); ((HttpRequest) request).setAuthType(entry.getAuthType()); ((HttpRequest) request).setUserPrincipal(entry.getPrincipal()); } else { if (debug >= 1)
/** * Logout the specified single sign on identifier from all sessions. * * @param ssoId Single sign on identifier to logout */ public void removeLogin(String ssoId) { // Look up and remove the corresponding SingleSignOnEntry SingleSignOnEntry sso = null; synchronized (cache) { sso = cache.get(ssoId); } if (sso == null) return; // Remove all authentication information from all associated sessions Session sessions[] = sso.findSessions(); for (Session session : sessions) { session.setAuthType(null); session.setPrincipal(null); session.removeNote(Constants.SESS_USERNAME_NOTE); session.removeNote(Constants.SESS_PASSWORD_NOTE); } // Reset SSO authentication sso.updateCredentials(null, null, null, null); }
/** * Deregister the specified single sign on identifier, and invalidate * any associated sessions. * * @param ssoId Single sign on identifier to deregister */ public void deregister(String ssoId) { // Look up and remove the corresponding SingleSignOnEntry SingleSignOnEntry sso = null; synchronized (cache) { sso = (SingleSignOnEntry) cache.remove(ssoId); } if (sso == null) return; // Expire any associated sessions Session sessions[] = sso.findSessions(); for (int i = 0; i < sessions.length; i++) { // Remove from reverse cache first to avoid recursion synchronized (reverse) { reverse.remove(sessions[i]); } // Invalidate this session sessions[i].expire(); } // NOTE: Clients may still possess the old single sign on cookie, // but it will be removed on the next request since it is no longer // in the cache }
if (entry != null && entry.getCanReauthenticate()) { String username = entry.getUsername(); if (username != null) { Principal reauthPrincipal = realm.authenticate(username, entry.getPassword()); if (reauthPrincipal != null) { reauthenticated = true; request.setAuthType(entry.getAuthType()); request.setUserPrincipal(reauthPrincipal);
request.setAuthType(entry.getAuthType()); request.setUserPrincipal(entry.getPrincipal());
if (sso != null && !sso.getCanReauthenticate()) { synchronized(sso) { sso.updateCredentials(principal, authType, username, password);
/** * Creates a new SingleSignOnEntry * * @param principal the <code>Principal</code> returned by the latest * call to <code>Realm.authenticate</code>. * @param authType the type of authenticator used (BASIC, CLIENT_CERT, * DIGEST or FORM) * @param username the username (if any) used for the authentication * @param password the password (if any) used for the authentication */ public SingleSignOnEntry(Principal principal, String authType, String username, String password) { updateCredentials(principal, authType, username, password); }
Session sessions[] = sso.findSessions(); for (int i = 0; i < sessions.length; i++) { if (containerLog.isTraceEnabled())
/** * Deregister the specified session. If it is the last session, * then also get rid of the single sign on identifier * * @param ssoId Single sign on identifier * @param session Session to be deregistered */ protected void deregister(String ssoId, Session session) { SingleSignOnEntry sso = lookup(ssoId); if ( sso == null ) return; session.setSsoId(null); session.setSsoVersion(0L); sso.removeSession( session ); // see if we are the last session, if so blow away ssoId if (sso.isEmpty()) { synchronized (cache) { cache.remove(ssoId); } } }
if (entry != null && entry.getCanReauthenticate()) { String username = entry.getUsername(); if (username != null) { Principal reauthPrincipal = realm.authenticate(username, entry.getPassword()); if (reauthPrincipal != null) { reauthenticated = true; request.setAuthType(entry.getAuthType()); request.setUserPrincipal(reauthPrincipal);
/** * Deregister the specified session. If it is the last session, * then also get rid of the single sign on identifier * * @param ssoId Single sign on identifier * @param session Session to be deregistered */ protected void deregister(String ssoId, Session session) { synchronized (reverse) { reverse.remove(session); } SingleSignOnEntry sso = lookup(ssoId); if (sso == null) return; sso.removeSession(session); // see if we are the last session, if so blow away ssoId Session sessions[] = sso.findSessions(); if (sessions == null || sessions.length == 0) { synchronized (cache) { cache.remove(ssoId); } } }