Author: markt
Date: Thu Dec 18 15:23:45 2014
New Revision: 1646476
URL: http://svn.apache.org/r1646476
Log:
kfujino review of BZ 57338 fix.
Add configuration options for mapSendOptions and terminateOnStartFailure.
Document the configuration options.
Modified:
tomcat/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java
tomcat/trunk/webapps/docs/config/cluster-valve.xml
Modified:
tomcat/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java?rev=1646476&r1=1646475&r2=1646476&view=diff
==============================================================================
---
tomcat/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java
Thu Dec 18 15:23:45 2014
@@ -23,8 +23,10 @@ import org.apache.catalina.Host;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.authenticator.SingleSignOn;
import org.apache.catalina.authenticator.SingleSignOnEntry;
+import org.apache.catalina.authenticator.SingleSignOnSessionKey;
import org.apache.catalina.ha.CatalinaCluster;
import org.apache.catalina.ha.ClusterValve;
+import org.apache.catalina.tribes.Channel;
import org.apache.catalina.tribes.tipis.AbstractReplicatedMap.MapOwner;
import org.apache.catalina.tribes.tipis.ReplicatedMap;
import org.apache.tomcat.util.ExceptionUtils;
@@ -70,6 +72,26 @@ public class ClusterSingleSignOn extends
}
+ private int mapSendOptions =
+ Channel.SEND_OPTIONS_SYNCHRONIZED_ACK |
Channel.SEND_OPTIONS_USE_ACK;
+ public int getMapSendOptions() {
+ return mapSendOptions;
+ }
+ public void setMapSendOptions(int mapSendOptions) {
+ this.mapSendOptions = mapSendOptions;
+ }
+
+
+ private boolean terminateOnStartFailure = false;
+ public boolean getTerminateOnStartFailure() {
+ return terminateOnStartFailure;
+ }
+
+ public void setTerminateOnStartFailure(boolean terminateOnStartFailure) {
+ this.terminateOnStartFailure = terminateOnStartFailure;
+ }
+
+
// ---------------------------------------------------- SingleSignOn
Methods
@Override
@@ -120,11 +142,17 @@ public class ClusterSingleSignOn extends
ClassLoader[] cls = new ClassLoader[] {
this.getClass().getClassLoader() };
- cache = new ReplicatedMap<>(this, cluster.getChannel(), rpcTimeout,
- cluster.getClusterName() + "-SSO-cache", cls);
- reverse = new ReplicatedMap<>(this, cluster.getChannel(),
rpcTimeout,
- cluster.getClusterName() + "-SSO-reverse", cls);
-
+ ReplicatedMap<String,SingleSignOnEntry> cache = new
ReplicatedMap<>(
+ this, cluster.getChannel(), rpcTimeout,
cluster.getClusterName() + "-SSO-cache",
+ cls, terminateOnStartFailure);
+ cache.setChannelSendOptions(mapSendOptions);
+ this.cache = cache;
+
+ ReplicatedMap<SingleSignOnSessionKey,String> reverse = new
ReplicatedMap<>(
+ this, cluster.getChannel(), rpcTimeout,
cluster.getClusterName() + "-SSO-reverse",
+ cls, terminateOnStartFailure);
+ reverse.setChannelSendOptions(mapSendOptions);
+ this.reverse = reverse;
} catch (Throwable t) {
ExceptionUtils.handleThrowable(t);
throw new LifecycleException(
Modified: tomcat/trunk/webapps/docs/config/cluster-valve.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/cluster-valve.xml?rev=1646476&r1=1646475&r2=1646476&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/cluster-valve.xml (original)
+++ tomcat/trunk/webapps/docs/config/cluster-valve.xml Thu Dec 18 15:23:45 2014
@@ -122,6 +122,16 @@
<p>Java class name of the implementation to use. This MUST be set to
<strong>org.apache.catalina.ha.authenticator.ClusterSingleSignOn</strong>.</p>
</attribute>
+ <attribute name="cookieDomain" required="false">
+ <p>Sets the host domain to be used for sso cookies.</p>
+ </attribute>
+ <attribute name="mapSendOptions" required="false">
+ <p>The Valve uses a replicated map. You can setup the flag for how this
+ map sends messages. The default value is <code>6</code> (synchronous).
+ Note that if you use asynchronous messaging it is possible for update
+ messages to be processed by the receiving node in a different order to
+ the order in which they were sent.</p>
+ </attribute>
<attribute name="requireReauthentication" required="false">
<p>Default false. Flag to determine whether each request needs to be
reauthenticated to the security <strong>Realm</strong>. If "true", this
@@ -131,8 +141,20 @@
requests based on the presence of a valid SSO cookie, without
rechecking with the <strong>Realm</strong>.</p>
</attribute>
- <attribute name="cookieDomain" required="false">
- <p>Sets the host domain to be used for sso cookies.</p>
+ <attribute name="rpcTimeout" required="false">
+ <p>The Valve uses a replicated map. This is the timeout for messages
+ that transfer state to/from the other nodes in the cluster. If not
+ specified, a default value of <code>15000</code> milliseconds is used.
+ </p>
+ </attribute>
+ <attribute name="terminateOnStartFailure" required="false">
+ <p>Set to <code>true</code> if you wish this Valve to fail if the
+ underlying replication fails to start. If the Valve fails, then the
+ associated container will fail to start. If you set this attribute to
+ false, and the underlying replications fails to start, the Valve will
+ start and it will attempt to join the cluster and start replication as
+ part of the heartbeat process. If not specified, the default value of
+ <code>false</code> is used.</p>
</attribute>
</attributes>
</subsection>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
