svn commit: r1646757 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/authenticator/ java/org/apache/catalina/ha/authenticator/

markt Fri, 19 Dec 2014 06:55:08 -0800

Author: markt
Date: Fri Dec 19 14:54:08 2014
New Revision: 1646757

URL: http://svn.apache.org/r1646757
Log:
Refactor to replace reverse map with dedicated session listener that contains a 
reference to the SSO ID. This refactoring is in support of the fix for BZ 57338.


Added:
    
tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOnListener.java
   (props changed)
      - copied unchanged from r1646721, 
tomcat/trunk/java/org/apache/catalina/authenticator/SingleSignOnListener.java
Modified:
    tomcat/tc8.0.x/trunk/   (props changed)
    
tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java
    
tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOnEntry.java
    
tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java

Propchange: tomcat/tc8.0.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Dec 19 14:54:08 2014
@@ -1 +1 @@
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892
 
,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646720
+/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892
 
,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646721

Modified: 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java?rev=1646757&r1=1646756&r2=1646757&view=diff
==============================================================================
--- 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java 
(original)
+++ 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java 
Fri Dec 19 14:54:08 2014
@@ -31,7 +31,6 @@ import org.apache.catalina.LifecycleExce
 import org.apache.catalina.Manager;
 import org.apache.catalina.Realm;
 import org.apache.catalina.Session;
-import org.apache.catalina.SessionEvent;
 import org.apache.catalina.SessionListener;
 import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
@@ -57,7 +56,7 @@ import org.apache.tomcat.util.res.String
  *
  * @author Craig R. McClanahan
  */
-public class SingleSignOn extends ValveBase implements SessionListener {
+public class SingleSignOn extends ValveBase {
 
     private static final StringManager sm = 
StringManager.getManager(SingleSignOn.class);
 
@@ -90,13 +89,6 @@ public class SingleSignOn extends ValveB
     private boolean requireReauthentication = false;
 
     /**
-     * The cache of single sign on identifiers, keyed by the Session that is
-     * associated with them.
-     */
-    protected Map<SingleSignOnSessionKey,String> reverse = new 
ConcurrentHashMap<>();
-
-
-    /**
      * Optional SSO cookie domain.
      */
     private String cookieDomain;
@@ -196,55 +188,6 @@ public class SingleSignOn extends ValveB
     }
 
 
-    // ------------------------------------------------ SessionListener Methods
-
-    /**
-     * Acknowledge the occurrence of the specified event.
-     *
-     * @param event SessionEvent that has occurred
-     */
-    @Override
-    public void sessionEvent(SessionEvent event) {
-
-        if (!getState().isAvailable()) {
-            return;
-        }
-
-        // We only care about session destroyed events
-        if (!Session.SESSION_DESTROYED_EVENT.equals(event.getType())) {
-            return;
-        }
-
-        // Look up the single session id associated with this session (if any)
-        Session session = event.getSession();
-        if (containerLog.isDebugEnabled()) {
-            containerLog.debug("Process session destroyed on " + session);
-        }
-
-        String ssoId = null;
-        ssoId = reverse.get(new SingleSignOnSessionKey(session));
-        if (ssoId == null) {
-            return;
-        }
-
-        // Was the session destroyed as the result of a timeout or context 
stop?
-        // If so, we'll just remove the expired session from the SSO. If the
-        // session was logged out, we'll log out of all session associated with
-        // the SSO.
-        if (((session.getMaxInactiveInterval() > 0)
-            && (System.currentTimeMillis() - 
session.getThisAccessedTimeInternal() >=
-                session.getMaxInactiveInterval() * 1000))
-            || (!session.getManager().getContext().getState().isAvailable())) {
-            removeSession(ssoId, session);
-        } else {
-            // The session was logged out.
-            // Deregister this single session id, invalidating
-            // associated sessions
-            deregister(ssoId);
-        }
-    }
-
-
     // ---------------------------------------------------------- Valve Methods
 
     /**
@@ -349,6 +292,43 @@ public class SingleSignOn extends ValveB
     // ------------------------------------------------------ Protected Methods
 
     /**
+     * Process a session destroyed event by removing references to that session
+     * from the caches and - if the session destruction is the result of a
+     * logout - destroy the associated SSO session.
+     *
+     * @param ssoId   The ID of the SSO session which which the destroyed
+     *                session was associated
+     * @param session The session that has been destroyed
+     */
+    public void sessionDestroyed(String ssoId, Session session) {
+
+        if (!getState().isAvailable()) {
+            return;
+        }
+
+        if (containerLog.isDebugEnabled()) {
+            containerLog.debug("Process session destroyed on " + session);
+        }
+
+        // Was the session destroyed as the result of a timeout or context 
stop?
+        // If so, we'll just remove the expired session from the SSO. If the
+        // session was logged out, we'll log out of all session associated with
+        // the SSO.
+        if (((session.getMaxInactiveInterval() > 0)
+            && (System.currentTimeMillis() - 
session.getThisAccessedTimeInternal() >=
+                session.getMaxInactiveInterval() * 1000))
+            || (!session.getManager().getContext().getState().isAvailable())) {
+            removeSession(ssoId, session);
+        } else {
+            // The session was logged out.
+            // Deregister this single session id, invalidating
+            // associated sessions
+            deregister(ssoId);
+        }
+    }
+
+
+    /**
      * Associate the specified single sign on identifier with the
      * specified Session.
      *
@@ -368,8 +348,7 @@ public class SingleSignOn extends ValveB
         if (sso == null) {
             return false;
         } else {
-            sso.addSession(this, session);
-            reverse.put(new SingleSignOnSessionKey(session), ssoId);
+            sso.addSession(this, ssoId, session);
             return true;
         }
     }
@@ -399,8 +378,6 @@ public class SingleSignOn extends ValveB
             if (containerLog.isTraceEnabled()) {
                 containerLog.trace(" Invalidating session " + ssoKey);
             }
-            // Remove from reverse cache first to avoid recursion
-            reverse.remove(ssoKey);
             // Invalidate this session
             expire(ssoKey);
         }
@@ -586,9 +563,6 @@ public class SingleSignOn extends ValveB
         // Remove the inactive session from SingleSignOnEntry
         entry.removeSession(session);
 
-        // Remove the inactive session from the 'reverse' Map.
-        reverse.remove(new SingleSignOnSessionKey(session));
-
         // If there are not sessions left in the SingleSignOnEntry,
         // deregister the entry.
         if (entry.findSessions().size() == 0) {
@@ -597,6 +571,11 @@ public class SingleSignOn extends ValveB
     }
 
 
+    protected SessionListener getSessionListener(String ssoId) {
+        return new SingleSignOnListener(ssoId);
+    }
+
+
     @Override
     protected synchronized void startInternal() throws LifecycleException {
         Container c = getContainer();

Modified: 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOnEntry.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOnEntry.java?rev=1646757&r1=1646756&r2=1646757&view=diff
==============================================================================
--- 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOnEntry.java
 (original)
+++ 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOnEntry.java
 Fri Dec 19 14:54:08 2014
@@ -87,12 +87,12 @@ public class SingleSignOnEntry implement
      *                  the SSO session.
      * @param session   The <code>Session</code> being associated with the SSO.
      */
-    public void addSession(SingleSignOn sso, Session session) {
+    public void addSession(SingleSignOn sso, String ssoId, Session session) {
         SingleSignOnSessionKey key = new SingleSignOnSessionKey(session);
         SingleSignOnSessionKey currentKey = sessionKeys.putIfAbsent(key, key);
         if (currentKey == null) {
             // Session not previously added
-            session.addSessionListener(sso);
+            session.addSessionListener(sso.getSessionListener(ssoId));
         }
     }
 

Propchange: 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOnListener.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java?rev=1646757&r1=1646756&r2=1646757&view=diff
==============================================================================
--- 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java
 (original)
+++ 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java
 Fri Dec 19 14:54:08 2014
@@ -24,7 +24,6 @@ import org.apache.catalina.LifecycleExce
 import org.apache.catalina.Session;
 import org.apache.catalina.authenticator.SingleSignOn;
 import org.apache.catalina.authenticator.SingleSignOnEntry;
-import org.apache.catalina.authenticator.SingleSignOnSessionKey;
 import org.apache.catalina.ha.CatalinaCluster;
 import org.apache.catalina.ha.ClusterValve;
 import org.apache.catalina.tribes.Channel;
@@ -157,12 +156,6 @@ public class ClusterSingleSignOn extends
                     cls, terminateOnStartFailure);
             cache.setChannelSendOptions(mapSendOptions);
             this.cache = cache;
-
-            ReplicatedMap<SingleSignOnSessionKey,String> reverse = new 
ReplicatedMap<>(
-                    this, cluster.getChannel(), rpcTimeout, 
cluster.getClusterName() + "-SSO-reverse",
-                    cls, terminateOnStartFailure);
-            reverse.setChannelSendOptions(mapSendOptions);
-            this.reverse = reverse;
         } catch (Throwable t) {
             ExceptionUtils.handleThrowable(t);
             throw new LifecycleException(
@@ -187,7 +180,6 @@ public class ClusterSingleSignOn extends
 
         if (getCluster() != null) {
             ((ReplicatedMap<?,?>) cache).breakdown();
-            ((ReplicatedMap<?,?>) reverse).breakdown();
         }
     }
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

svn commit: r1646757 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/authenticator/ java/org/apache/catalina/ha/authenticator/

Reply via email to