Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 83428 invoked from network); 15 Sep 2010 18:23:57 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 15 Sep 2010 18:23:57 -0000 Received: (qmail 42711 invoked by uid 500); 15 Sep 2010 18:23:53 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 42494 invoked by uid 500); 15 Sep 2010 18:23:53 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 42479 invoked by uid 99); 15 Sep 2010 18:23:52 -0000 Received: from Unknown (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 Sep 2010 18:23:52 +0000 X-ASF-Spam-Status: No, hits=1.5 required=10.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of Ming_Chang@mcafee.com designates 205.227.136.216 as permitted sender) Received: from [205.227.136.216] (HELO dalsmrelay2.nai.com) (205.227.136.216) by apache.org (qpsmtpd/0.29) with SMTP; Wed, 15 Sep 2010 18:23:29 +0000 Received: from (unknown [10.64.5.51]) by dalsmrelay2.nai.com with smtp id 1806_b2e5_4340d194_c0f6_11df_817a_00219b929abd; Wed, 15 Sep 2010 18:22:56 +0000 Received: from AMERDALEXMB1.corp.nai.org ([fe80::b534:4a0d:1289:2d2d]) by DALEXHT1.corp.nai.org ([::1]) with mapi; Wed, 15 Sep 2010 13:22:00 -0500 From: To: Date: Wed, 15 Sep 2010 13:25:10 -0500 Subject: tomcat 7.0.2 single sign on issue Thread-Topic: tomcat 7.0.2 single sign on issue Thread-Index: ActVA1S2Sq+v66/ZS3iBympun/M0Tw== Message-ID: <8C9E006BBCE77749B660D7D0F164E0E60291B64AAF@AMERDALEXMB1.corp.nai.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: multipart/alternative; boundary="_000_8C9E006BBCE77749B660D7D0F164E0E60291B64AAFAMERDALEXMB1c_" MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org --_000_8C9E006BBCE77749B660D7D0F164E0E60291B64AAFAMERDALEXMB1c_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi, there, I am playing with the latest 7.0.2 and the single sign on part is not worki= ng correctly. And I debugged the problem and found the sso member variable = is always null in AuthenticatorBase class. Here is the clip of code in thi= s class I found it may have a problem. This code tries to find the singles= ignon valve through all ancestor container, but all the container don't imp= lement Pipeline interface. And the pipeline is member variable of Container= Base. I don't know if this is a bug or I didn't configure my server.xml cor= rectly. It seems to me sso will never get set if I use standardEngine or s= tandardHost. protected synchronized void startInternal() throws LifecycleException { // Look up the SingleSignOn implementation in our request processin= g // path, if there is one Container parent =3D context.getParent(); while ((sso =3D=3D null) && (parent !=3D null)) { if (!(parent instanceof Pipeline)) { parent =3D parent.getParent(); continue; } Valve valves[] =3D ((Pipeline) parent).getValves(); for (int i =3D 0; i < valves.length; i++) { if (valves[i] instanceof SingleSignOn) { sso =3D (SingleSignOn) valves[i]; break; } } if (sso =3D=3D null) parent =3D parent.getParent(); } ...... Thanks for looking at this issue. Ming --_000_8C9E006BBCE77749B660D7D0F164E0E60291B64AAFAMERDALEXMB1c_--