DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=28286>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=28286 Loosely couple SingleSignOn Valve and Authenticators Summary: Loosely couple SingleSignOn Valve and Authenticators Product: Tomcat 5 Version: 5.0.22 Platform: All OS/Version: Other Status: NEW Severity: Enhancement Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Attached is a patch that loosens the coupling between the SingleSignOn valve implementation and the various Authenticator classes. Right now, all authenticators check for an instance of the SingleSignOn class in the pipeline, and interact directly with it. In the patch, SingleSignOn implements interface SSOValve, and all external classes interact with it through the interface. This will allow application developers to deploy custom SSO implementations without having to replace the entire TC5 Authenticator infrastructure. This follows the pattern used by other TC components. I've been messing around with trying to use the SingleSignOn valve in a cluster (see enhancement request 28039) and can easily see how different implementations would be appropriate for different environments. My 28039 patch attacks the problem by adding a property to SingleSignOn where deployers can specify use of an implementation of a new interface SSOClusterManager. I think that's a valid approach, but loosening the coupling between SingleSignOn and Authenticators will provide greater flexibility. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
