patrickl 2002/08/12 12:12:44
Modified: catalina/src/share/org/apache/catalina/authenticator
SingleSignOn.java
catalina/src/share/org/apache/catalina/session
StandardSession.java
Log:
This patch causes logout() and invalidate() to do the Servlet spec 2.4 "right
thing." It is implemented using the Data field of SessionEvent to distinguish between
logout/invalidate.
Submitted by: Bob Herrmann ([EMAIL PROTECTED])
Revision Changes Path
1.2 +62 -7
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java
Index: SingleSignOn.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- SingleSignOn.java 18 Jul 2002 16:48:03 -0000 1.1
+++ SingleSignOn.java 12 Aug 2002 19:12:44 -0000 1.2
@@ -293,6 +293,7 @@
Session session = event.getSession();
if (debug >= 1)
log("Process session destroyed on " + session);
+
String ssoId = null;
synchronized (reverse) {
ssoId = (String) reverse.get(session);
@@ -300,8 +301,22 @@
if (ssoId == null)
return;
- // Deregister this single session id, invalidating associated sessions
- deregister(ssoId);
+ if ( event.getData() != null
+ && "logout".equals( event.getData().toString() )) {
+
+ log("XXXXX logout event on " + ssoId);
+
+ // logout of all applications
+ deregister(ssoId);
+
+ } else {
+
+ log("XXXXX invalidate of just one session " + ssoId + " " + session);
+
+ // invalidate just one session
+ deregister(ssoId, session);
+
+ }
}
@@ -442,6 +457,35 @@
}
+ /**
+ * Deregister the specified session. If it is the last session,
+ * then also get rid of the single sign on identifier
+ *
+ * @param ssoId Single sign on identifier
+ * @param session Session to be deregistered
+ */
+ private void deregister(String ssoId, Session session) {
+
+ synchronized (reverse) {
+ reverse.remove(session);
+ }
+
+ SingleSignOnEntry sso = lookup(ssoId);
+ if ( sso == null )
+ return;
+
+ sso.removeSession( session );
+
+ // see if we are the last session, if so blow away ssoId
+ Session sessions[] = sso.findSessions();
+ if ( sessions == null || sessions.length == 0 ) {
+ synchronized (cache) {
+ sso = (SingleSignOnEntry) cache.remove(ssoId);
+ }
+ }
+
+ }
+
/**
* Deregister the specified single sign on identifier, and invalidate
@@ -449,7 +493,7 @@
*
* @param ssoId Single sign on identifier to deregister
*/
- void deregister(String ssoId) {
+ private void deregister(String ssoId) {
if (debug >= 1)
log("Deregistering sso id '" + ssoId + "'");
@@ -459,6 +503,7 @@
synchronized (cache) {
sso = (SingleSignOnEntry) cache.remove(ssoId);
}
+
if (sso == null)
return;
@@ -601,6 +646,16 @@
results[sessions.length] = session;
sessions = results;
session.addSessionListener(sso);
+ }
+
+ public synchronized void removeSession(Session session) {
+ Session[] nsessions = new Session[sessions.length - 1];
+ for (int i = 0, j = 0; i < sessions.length; i++) {
+ if (session == sessions[i])
+ continue;
+ nsessions[j++] = sessions[i];
+ }
+ sessions = nsessions;
}
public synchronized Session[] findSessions() {
1.4 +8 -5
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/StandardSession.java
Index: StandardSession.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/StandardSession.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- StandardSession.java 8 Aug 2002 04:03:44 -0000 1.3
+++ StandardSession.java 12 Aug 2002 19:12:44 -0000 1.4
@@ -1066,7 +1066,10 @@
throw new IllegalStateException
(sm.getString("standardSession.isNew.ise"));
- invalidate();
+
+ // kills all sessions
+ fireSessionEvent(Session.SESSION_DESTROYED_EVENT, "logout");
+
}
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
