ClusterSingleSignOn (Apache Tomcat 8.0.15 API Documentation)

java.lang.Object
- org.apache.catalina.util.LifecycleBase
- - org.apache.catalina.util.LifecycleMBeanBase
  - - org.apache.catalina.valves.ValveBase
    - - org.apache.catalina.authenticator.SingleSignOn
      - org.apache.catalina.ha.authenticator.ClusterSingleSignOn

All Implemented Interfaces:

EventListener, MBeanRegistration, Contained, JmxEnabled, Lifecycle, SessionListener, Valve
```
public class ClusterSingleSignOn
extends SingleSignOn
```
A Valve that supports a "single sign on" user experience on each nodes of a cluster, where the security identity of a user who successfully authenticates to one web application is propagated to other web applications and to other nodes cluster in the same security domain. For successful use, the following requirements must be met:
- This Valve must be configured on the Container that represents a virtual host (typically an implementation of Host).
- The Realm that contains the shared user and role information must be configured on the same Container (or a higher one), and not overridden at the web application level.
- The web applications themselves must use one of the standard Authenticators found in the org.apache.catalina.authenticator package.
Author:

Fabien Carrion

Field Summary

Fields
Modifier and Type Field and Description

protected int messageNumber
- Fields inherited from class org.apache.catalina.authenticator.SingleSignOn
  cache, reverse
- Fields inherited from class org.apache.catalina.valves.ValveBase
  asyncSupported, container, containerLog, next, sm
- Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase
  mserver
- Fields inherited from interface org.apache.catalina.Lifecycle
  AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT

Fields
Modifier and Type	Field and Description
`protected int`	`messageNumber`

Constructor Summary

Constructors
Constructor and Description

ClusterSingleSignOn()

Constructors
Constructor and Description
`ClusterSingleSignOn()`

Method Summary

Methods
Modifier and Type	Method and Description
`protected void`	`associate(String ssoId, Session session)` Notify the cluster of the addition of a Session to an SSO session and associate the specified single sign on identifier with the specified Session on the local node.
`protected void`	`associateLocal(String ssoId, Session session)`
`protected void`	`deregister(String ssoId)` Notifies the cluster that a single sign on session has been terminated due to a user logout, deregister the specified single sign on identifier, and invalidate any associated sessions on the local node.
`protected void`	`deregister(String ssoId, Session session)` Notify the cluster of the removal of a Session from an SSO session and deregister the specified session.
`protected void`	`deregisterLocal(String ssoId)`
`protected void`	`deregisterLocal(String ssoId, Session session)`
`CatalinaCluster`	`getCluster()`
`protected void`	`register(String ssoId, Principal principal, String authType, String username, String password)` Notifies the cluster of the creation of a new SSO entry and register the specified Principal as being associated with the specified value for the single sign on identifier.
`protected void`	`registerLocal(String ssoId, Principal principal, String authType, String username, String password)`
`protected void`	`removeSession(String ssoId, Session session)` Remove a single Session from a SingleSignOn and notify the cluster of the removal.
`protected void`	`removeSessionLocal(String ssoId, Session session)`
`void`	`setCluster(CatalinaCluster cluster)`
`protected void`	`startInternal()` Start this component and implement the requirements of `LifecycleBase.startInternal()`.
`protected void`	`stopInternal()` Stop this component and implement the requirements of `LifecycleBase.stopInternal()`.
`protected void`	`update(String ssoId, Principal principal, String authType, String username, String password)` Notifies the cluster of an update of the security credentials associated with an SSO session.
`protected void`	`updateLocal(String ssoId, Principal principal, String authType, String username, String password)`

Methods inherited from class org.apache.catalina.authenticator.SingleSignOn
getCookieDomain, getRequireReauthentication, invoke, lookup, reauthenticate, sessionEvent, setCookieDomain, setRequireReauthentication

Methods inherited from class org.apache.catalina.valves.ValveBase
backgroundProcess, event, getContainer, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setContainer, setNext, toString

Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister

Methods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, init, removeLifecycleListener, setState, setState, start, stop

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Field Detail
  - messageNumber
```
protected int messageNumber
```
- Constructor Detail
  - ClusterSingleSignOn
```
public ClusterSingleSignOn()
```
- Method Detail
  - getCluster
```
public CatalinaCluster getCluster()
```
  - setCluster
```
public void setCluster(CatalinaCluster cluster)
```
  - startInternal
```
protected void startInternal()
                      throws LifecycleException
```
    Start this component and implement the requirements of LifecycleBase.startInternal().
    
    Overrides:
    
    startInternal in class ValveBase
    
    Throws:
    
    LifecycleException - if this component detects a fatal error that prevents this component from being used
  - stopInternal
```
protected void stopInternal()
                     throws LifecycleException
```
    Stop this component and implement the requirements of LifecycleBase.stopInternal().
    
    Overrides:
    
    stopInternal in class ValveBase
    
    Throws:
    
    LifecycleException - if this component detects a fatal error that prevents this component from being used
  - associate
```
protected void associate(String ssoId,
             Session session)
```
    Notify the cluster of the addition of a Session to an SSO session and associate the specified single sign on identifier with the specified Session on the local node.
    
    Overrides:
    
    associate in class SingleSignOn
    
    Parameters:
    ssoId - Single sign on identifier
    session - Session to be associated
  - associateLocal
```
protected void associateLocal(String ssoId,
                  Session session)
```
  - deregister
```
protected void deregister(String ssoId,
              Session session)
```
    Notify the cluster of the removal of a Session from an SSO session and deregister the specified session. If it is the last session, then also get rid of the single sign on identifier on the local node.
    
    Overrides:
    
    deregister in class SingleSignOn
    
    Parameters:
    ssoId - Single sign on identifier
    session - Session to be deregistered
  - deregisterLocal
```
protected void deregisterLocal(String ssoId,
                   Session session)
```
  - deregister
```
protected void deregister(String ssoId)
```
    Notifies the cluster that a single sign on session has been terminated due to a user logout, deregister the specified single sign on identifier, and invalidate any associated sessions on the local node.
    
    Overrides:
    
    deregister in class SingleSignOn
    
    Parameters:
    ssoId - Single sign on identifier to deregister
  - deregisterLocal
```
protected void deregisterLocal(String ssoId)
```
  - register
```
protected void register(String ssoId,
            Principal principal,
            String authType,
            String username,
            String password)
```
    Notifies the cluster of the creation of a new SSO entry and register the specified Principal as being associated with the specified value for the single sign on identifier.
    
    Overrides:
    
    register in class SingleSignOn
    
    Parameters:
    ssoId - Single sign on identifier to register
    principal - Associated user principal that is identified
    authType - Authentication type used to authenticate this user principal
    username - Username used to authenticate this user
    password - Password used to authenticate this user
  - registerLocal
```
protected void registerLocal(String ssoId,
                 Principal principal,
                 String authType,
                 String username,
                 String password)
```
  - update
```
protected void update(String ssoId,
          Principal principal,
          String authType,
          String username,
          String password)
```
    Notifies the cluster of an update of the security credentials associated with an SSO session. Updates any SingleSignOnEntry found under key ssoId with the given authentication data.
    The purpose of this method is to allow an SSO entry that was established without a username/password combination (i.e. established following DIGEST or CLIENT-CERT authentication) to be updated with a username and password if one becomes available through a subsequent BASIC or FORM authentication. The SSO entry will then be usable for reauthentication.
    NOTE: Only updates the SSO entry if a call to SingleSignOnEntry.getCanReauthenticate() returns false; otherwise, it is assumed that the SSO entry already has sufficient information to allow reauthentication and that no update is needed.
    
    Overrides:
    
    update in class SingleSignOn
    
    Parameters:
    ssoId - identifier of Single sign to be updated
    principal - the Principal returned by the latest call to Realm.authenticate.
    authType - the type of authenticator used (BASIC, CLIENT-CERT, DIGEST or FORM)
    username - the username (if any) used for the authentication
    password - the password (if any) used for the authentication
  - updateLocal
```
protected void updateLocal(String ssoId,
               Principal principal,
               String authType,
               String username,
               String password)
```
  - removeSession
```
protected void removeSession(String ssoId,
                 Session session)
```
    Remove a single Session from a SingleSignOn and notify the cluster of the removal. Called when a session is timed out and no longer active.
    
    Overrides:
    
    removeSession in class SingleSignOn
    
    Parameters:
    ssoId - Single sign on identifier from which to remove the session.
    session - the session to be removed.
  - removeSessionLocal
```
protected void removeSessionLocal(String ssoId,
                      Session session)
```

Class ClusterSingleSignOn

Field Summary

Fields inherited from class org.apache.catalina.authenticator.SingleSignOn

Fields inherited from class org.apache.catalina.valves.ValveBase

Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase

Fields inherited from interface org.apache.catalina.Lifecycle

Constructor Summary

Method Summary

Methods inherited from class org.apache.catalina.authenticator.SingleSignOn

Methods inherited from class org.apache.catalina.valves.ValveBase

Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase

Methods inherited from class org.apache.catalina.util.LifecycleBase

Methods inherited from class java.lang.Object

Field Detail

messageNumber

Constructor Detail

ClusterSingleSignOn

Method Detail

getCluster

setCluster

startInternal

stopInternal

associate

associateLocal

deregister

deregisterLocal

deregister

deregisterLocal

register

registerLocal

update

updateLocal

removeSession

removeSessionLocal