tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <>
Subject Re: [SingleSignOn Valve] Chaning its behaviour
Date Tue, 03 Aug 2010 12:22:59 GMT
On 03/08/2010 13:15, DJP JEAN-PROST Dominique wrote:
> Hello,
> I’m porting applications from weblogic to jboss which uses tomcat as everybody knows.
> In weblogic, I used to use the SSO feature which allowed me to logout from a webapp without
invalidating session for all webapps.
> After reading SingleSignOn Valve documentation, I realize that tomcat doesn’t behave
as I would like. So I’m about to code a new SingleSignOn Valve by extending tomcat’s one
and overriding the deregister(String ssoId) method so that it doesn’t invalidate all sessions
bound to the SSO Entry
> My question is : is it safe for me to do that ? I mean, am I about to wreck something
in tomcat internal ? Will I introduce such a change that SSO valve wouldn't work anymore ?
> Thank in advance.

Probably more a question for the users list than the dev list.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message