luehe 2004/09/16 11:18:41
Modified: catalina/src/share/org/apache/catalina/authenticator
SingleSignOn.java
Log:
- Removed deregister(String ssoid), because it is no longer needed
(used to be called when session was logged out, which is no longer
supported)
- Replaced call to removeSession(String, Session) with
deregister(String, Session), which is identical, and removed
removeSession(String, Session) because it is no longer needed
Revision Changes Path
1.18 +3 -92
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java
Index: SingleSignOn.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/SingleSignOn.java,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- SingleSignOn.java 29 Aug 2004 16:46:09 -0000 1.17
+++ SingleSignOn.java 16 Sep 2004 18:18:41 -0000 1.18
@@ -287,24 +287,10 @@
synchronized (reverse) {
ssoId = (String) reverse.get(session);
}
- if (ssoId == null)
+ if (ssoId == null) {
return;
-
- // Was the session destroyed as the result of a timeout?
- // If so, we'll just remove the expired session from the
- // SSO. If the session was logged out, we'll log out
- // of all session associated with the SSO.
- if ((session.getMaxInactiveInterval() > 0)
- && (System.currentTimeMillis() - session.getLastAccessedTime() >=
- session.getMaxInactiveInterval() * 1000)) {
- removeSession(ssoId, session);
- } else {
- // The session was logged out.
- // Deregister this single session id, invalidating
- // associated sessions
- deregister(ssoId);
}
-
+ deregister(ssoId, session);
}
@@ -468,46 +454,6 @@
/**
- * Deregister the specified single sign on identifier, and invalidate
- * any associated sessions.
- *
- * @param ssoId Single sign on identifier to deregister
- */
- protected void deregister(String ssoId) {
-
- if (container.getLogger().isDebugEnabled())
- container.getLogger().debug("Deregistering sso id '" + ssoId + "'");
-
- // Look up and remove the corresponding SingleSignOnEntry
- SingleSignOnEntry sso = null;
- synchronized (cache) {
- sso = (SingleSignOnEntry) cache.remove(ssoId);
- }
-
- if (sso == null)
- return;
-
- // Expire any associated sessions
- Session sessions[] = sso.findSessions();
- for (int i = 0; i < sessions.length; i++) {
- if (container.getLogger().isTraceEnabled())
- container.getLogger().trace(" Invalidating session " + sessions[i]);
- // Remove from reverse cache first to avoid recursion
- synchronized (reverse) {
- reverse.remove(sessions[i]);
- }
- // Invalidate this session
- sessions[i].expire();
- }
-
- // NOTE: Clients may still possess the old single sign on cookie,
- // but it will be removed on the next request since it is no longer
- // in the cache
-
- }
-
-
- /**
* Attempts reauthentication to the given <code>Realm</code> using
* the credentials associated with the single sign-on session
* identified by argument <code>ssoId</code>.
@@ -636,39 +582,4 @@
}
}
-
-
- /**
- * Remove a single Session from a SingleSignOn. Called when
- * a session is timed out and no longer active.
- *
- * @param ssoId Single sign on identifier from which to remove the session.
- * @param session the session to be removed.
- */
- protected void removeSession(String ssoId, Session session) {
-
- if (container.getLogger().isDebugEnabled())
- container.getLogger().debug("Removing session " + session.toString() +
" from sso id " +
- ssoId );
-
- // Get a reference to the SingleSignOn
- SingleSignOnEntry entry = lookup(ssoId);
- if (entry == null)
- return;
-
- // Remove the inactive session from SingleSignOnEntry
- entry.removeSession(session);
-
- // Remove the inactive session from the 'reverse' Map.
- synchronized(reverse) {
- reverse.remove(session);
- }
-
- // If there are not sessions left in the SingleSignOnEntry,
- // deregister the entry.
- if (entry.findSessions().length == 0) {
- deregister(ssoId);
- }
- }
-
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
