tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Srinadh Karumuri <skaru...@bbn.com>
Subject Re: single sign on and time outs
Date Fri, 30 Aug 2002 13:00:13 GMT
Thanks for sharing the details. It's very helpful.
I guess I have to catchup with TC4. :)
-Sri

At 07:08 PM 8/29/2002, Craig R. McClanahan wrote:

>On Thu, 29 Aug 2002, Srinadh Karumuri wrote:
>
> > Date: Thu, 29 Aug 2002 16:29:40 -0400
> > From: Srinadh Karumuri <skarumur@bbn.com>
> > Reply-To: Tomcat Users List <tomcat-user@jakarta.apache.org>
> > To: Tomcat Users List <tomcat-user@jakarta.apache.org>
> > Subject: Re: single sign on and time outs
> >
> >
> > >More precisely, both sessions will be invalidated.
> > I didn't get this. Lets say I have two webapps sharing one Tomcat3.0.
> > If
> >          timeout for webapp1 = 5 min.
> > and
> >          timeout for webapp2 = 10 min.
> > Does it mean both will get timed out after 5 min. I don't think so.
>
>Tomcat 3.x doesn't have any notion of "single sign on" support, so of
>course you won't see both logged out there.
>
>Tomcat 4.x has single sign on support if you are using form-based login
>for all the apps -- and it will indeed time out all sessions if any one of
>them times out.  However, there is no way (in Servlet 2.3) to
>programmatically force a logout from all of the sessions.  Of course, you
>have to explicitly enable the single sign on valve to get this behavior.
>
>Tomcat 5 will have the same "timeout once times out all" behavior, and
>adds the ability to programmatically request a logout.
>
>Craig
>
> >
> > -Sri
> > At 04:00 PM 8/29/2002, you wrote:
> >
> >
> > >On Thu, 29 Aug 2002, HAVENS,PETER (HP-Cupertino,ex3) wrote:
> > >
> > > > Date: Thu, 29 Aug 2002 15:25:20 -0400
> > > > From: "HAVENS,PETER (HP-Cupertino,ex3)" <peter_havens@hp.com>
> > > > Reply-To: Tomcat Users List <tomcat-user@jakarta.apache.org>
> > > > To: 'Tomcat Users List' <tomcat-user@jakarta.apache.org>
> > > > Subject: single sign on and time outs
> > > >
> > > > I have a question regarding SingleSignOn.  It seems that if any web 
> app is
> > > > accessed and then not visited for a period of time equal to the 
> time out
> > > > value of the global web.xml then the user will be de-authenticated 
> for all
> > > > webapps.  To clarify, if I have two webapps, demo1 and demo2, and I log
> > > onto
> > > > my server which is configured for SingleSignOn; then if I visit a 
> resource
> > > > in the demo1 webapp and then start viewing resources on the demo2 
> web app,
> > > > the timeout will occur for the demo1 session and thus timeout my entire
> > > > session.
> > > >
> > >
> > >More precisely, both sessions will be invalidated.
> > >
> > > > Is there a way to configure single sign on so that it does not do 
> timeouts
> > > > based on each web app?
> > > >
> > >
> > >Isn't it easier to just make your sessions not time out?
> > >
> > > > -Peter
> > > >
> > >
> > >Craig
> > >
> > >
> > >--
> > >To unsubscribe, 
> e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> > >For additional commands, e-mail: 
> <mailto:tomcat-user-help@jakarta.apache.org>
> >
> >
> > --
> > To unsubscribe, 
> e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> > For additional commands, e-mail: 
> <mailto:tomcat-user-help@jakarta.apache.org>
> >
> >
>
>
>--
>To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
>For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message