tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: [SingleSignOn Valve] Chaning its behaviour
Date Tue, 03 Aug 2010 12:22:59 GMT
On 03/08/2010 13:15, DJP JEAN-PROST Dominique wrote:
> Hello,
> 
> I’m porting applications from weblogic to jboss which uses tomcat as everybody knows.
> In weblogic, I used to use the SSO feature which allowed me to logout from a webapp without
invalidating session for all webapps.
> 
> After reading SingleSignOn Valve documentation, I realize that tomcat doesn’t behave
as I would like. So I’m about to code a new SingleSignOn Valve by extending tomcat’s one
and overriding the deregister(String ssoId) method so that it doesn’t invalidate all sessions
bound to the SSO Entry
> 
> My question is : is it safe for me to do that ? I mean, am I about to wreck something
in tomcat internal ? Will I introduce such a change that SSO valve wouldn't work anymore ?
> 
> Thank in advance.

Probably more a question for the users list than the dev list.

Mark



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message