tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Back-porting BZ57338 SSO + Cluster improvements
Date Thu, 18 Dec 2014 21:16:21 GMT
Mark,

On 12/16/14 5:52 PM, Mark Thomas wrote:
> The fix for BZ 57338 (SSO + cluster) ended up making some fairly
> invasive changes so that the implementation was sensible. I'd like to
> discuss which - if any - of these changes we'd be happy to back-port to
> Tomcat 8 and Tomcat 7.

I think you should expend reasonable effort back-porting this to Tomcat
8 as it's actually being used by people (as opposed to trunk/9.0, which
is not) and not bother back-porting to Tomcat 7.

If it looks like back-porting to Tomcat 8 would be tantamount to doing
the same for Tomcat 7 (e.g. the patch set looks pretty much identical),
then I'd say go for it. Even though it's not official, I think we should
start considering Tomcat 7 to be in semi-maintenance-mode.

> [1] Make GenericPrincipal Serializable
> I don't see any harm in back-porting this.
> 
> [2] Remove SerializablePrincipal from the cluster implementation
> This isn't necessary but is it a nice clean-up that is possible because
> of [1]. I'm thinking back-port to 8.0.x only. It depends if
> SerializablePrincipal is considered part of the API or an implementation
> detail.
> 
> [3] Switch to ConcurrentHashMap and remove syncs
> I don't see any harm in back-porting this.
> 
> [4] Remove lookup() method
> This changes the API and is not necessary so I think we leave this as is.
> 
> [5] Move sync to method
> I don't see any harm in back-porting this.
> 
> [6] Make SSO Maps non-final
> This is essential to facilitate the fix so it has to be back-ported.
> 
> [7] Switch to ReplicatedMap
> This changes the ClusterSSO API is essential to facilitate the fix so it
> has to be back-ported.
> 
> [8] Remove Session from SSO Maps
> This changes the SSO API but it is essential to facilitate the fix so it
> has to be back-ported.
> 
> [9] Make SingleSignOnEntry Serializable
> I don't see any harm in back-porting this.
> 
> [A] Logging TODOs
> I don't see any harm in back-porting this.
> 
> In summary, patches [7] and [8] look to be the ones that need the most
> careful consideration followed by [2].
> 
> Thoughts?
> 
> Mark
> 
> 
> [1] http://svn.apache.org/r1645953
> [2] http://svn.apache.org/r1645955
> [3] http://svn.apache.org/r1646099
> [4] http://svn.apache.org/r1646100
> [5] http://svn.apache.org/r1646101
> [6] http://svn.apache.org/r1646102
> [7] http://svn.apache.org/r1646103
> [8] http://svn.apache.org/r1646104
> [9] http://svn.apache.org/r1646105
> [A] http://svn.apache.org/r1646106
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
> 

-chris


Mime
View raw message