tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chao Wang <soul2zim...@gmail.com>
Subject SingleSignOn valve enabled by default?
Date Fri, 19 Jul 2013 12:16:32 GMT



Hi all,

I have an issue with SSO configuration in tomcat 7.0.42.

According to the doc [1],  it requires to enable SSO valve inside
server.xml. However, without making such modification, I deployed two
web-app test.war and test2.war (see attached file). Then, try to login
from /test, after successful login, I don't need to login a second time
for /test2 and can see the secured welcome page directly . That's
strange for me, is the SingleSignOn valve enabled by default in tomcat?

FYI, I add following configuration in tomcat-user.xml
<role rolename="User"/>
<user username="test" password="pass.1234" roles="User"/>

If it's not a real issue, please point me how that works, and I'd like
to know how could I set the reauthenticate parameter for SSO.

[1] http://tomcat.apache.org/tomcat-7.0-doc/config/host.html#Single_Sign_On

Thanks & Regards,




Mime
View raw message