[
https://issues.apache.org/jira/browse/OFBIZ-10047?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Yong updated OFBIZ-10047:
-------------------------------
Attachment: OFBIZ-10047.patch
Thanks [~jacques.le.roux] for the review.
This current patch contains the following changes:
1) Use of coyoteRequest.alreadyAuthenticated instead of comparing message directly.
2) ICalWorker.java and XmlRpcEventHandler.java doesn't need TomcatSSO. So the variable useTomcatSSO also check whether the request parameter is supplied before continuing with Tomcat SSO.
3) Implemented the mutate methods.
From [
http://grokbase.com/t/tomcat/users/054cf7702k/way-to-specify-singlesignon-session-timeout], it seems that tomcat SSO session timeout depends on the timeout of individual web applications. So we need to create another JIRA issue for custom implementation if we want a deterministic SSO session timeout.
There is no pending task I know of, for this JIRA issue.
> Tomcat SSO
> ----------
>
> Key: OFBIZ-10047
> URL:
https://issues.apache.org/jira/browse/OFBIZ-10047> Project: OFBiz
> Issue Type: Improvement
> Components: framework
> Affects Versions: Trunk
> Reporter: James Yong
> Assignee: James Yong
> Priority: Minor
> Attachments: OFBIZ-10047.patch, OFBIZ-10047.patch, OFBIZ-10047.patch, OFBIZ-10047.patch
>
>
> Proposing Tomcat SSO to be used in OFBiz to improve on Single-Sign-On.
> This aim to fix the issues mentioned in OFBIZ-6963, OFBIZ-6994.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
Locked
