Skip to Content.
Sympa Menu

shibboleth-dev - [Shib-Dev] Principals in Session

Subject: Shibboleth Developers

List archive

[Shib-Dev] Principals in Session


Chronological Thread 
  • From: Paul Hethmon <>
  • To: Shibboleth Dev <>
  • Subject: [Shib-Dev] Principals in Session
  • Date: Wed, 24 Nov 2010 13:23:35 -0500

Title: Principals in Session
A couple of months ago we had a thread here about storing a custom Principal in the session:

http://groups.google.com/group/shibboleth-dev/browse_thread/thread/a79b66fba144a071/a77ce1c16144f958?lnk=gst&q=data+connector#a77ce1c16144f958

I’ve pretty much got that working. Inside my login handler/servlet, I have my own Principal class that I give to the authentication engine once auth is complete. Then inside of my custom data connector, I pull out that Principal and resolve the attributes stored during the authentication sequence.

In the last couple of days, I’ve started working on getting this set up in a Terracotta clustered environment. Using TC 3.4.0.

Here’s the problem I’m running into. During the initial authentication, I get my Principal object. During a previous session authentication, I’m getting a Shib Principal object instead.

What I’m thinking is happening here is because of how I “changed” the authentication engine code to only store a single Principal (instead of multiple). That thought has just come up as I’m writing this. So, without my changes, would the previous session handler create a new Principal object and store it in the session? Even though the principal name is the same?

thanks,

Paul




Archive powered by MHonArc 2.6.16.

Top of Page