Tomcat does save logged users during restart
- by mabuzer
How to force Tomcat to save logged users, so that the they kept logged in even after Tomcat has restarted? Right now the user has to login again everytime.
Added the following lines into web-app context.xml:
<Manager className="org.apache.catalina.session.PersistentManager">
<Store className="org.apache.catalina.session.FileStore"/>
</Manager>
but still I see login page after Tomcat restart, I use Tomcat 6.0.26
Update I managed to solve it like this:
1) Make my own extended version of FormAuthentication class:
package com.alz.tomcat;
import java.io.IOException;
import java.security.Principal;
import org.apache.catalina.Session;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.authenticator.Constants;
import org.apache.catalina.authenticator.FormAuthenticator;
/**
*
* @author mabuzer
*/
public class Authenticator extends FormAuthenticator {
@Override
public boolean authenticate(Request request, Response response, LoginConfig config) throws IOException {
String username = (String) request.getSession().getAttribute("USERNAME");
String password = (String) request.getSession().getAttribute("PASSWORD");
Principal principal = request.getUserPrincipal();
Session session = request.getSessionInternal(true);
if (request.getUserPrincipal() == null
&& !isNull(username) && !isNull(password)) {
principal = context.getRealm().authenticate(username, password);
if (principal != null) {
session.setNote(Constants.FORM_PRINCIPAL_NOTE, principal);
if (!matchRequest(request)) {
register(request, response, principal,
Constants.FORM_METHOD,
username, password);
return (true);
}
}
return super.authenticate(request, response, config);
} else {
return super.authenticate(request, response, config);
}
}
private boolean isNull(String str) {
if (str == null || "".equals(str)) {
return true;
} else {
return false;
}
}
}
2) Have your own ContextConfig class:
package com.alz.tomcat;
import java.util.HashMap;
import org.apache.catalina.Valve;
/**
*
* @author [email protected]
*/
public class ContextConfig extends org.apache.catalina.startup.ContextConfig {
public ContextConfig() {
super();
// we need to append our authenticator
setCustomAuthenticators(customAuthenticators);
customAuthenticators = new HashMap();
customAuthenticators.put("Authenticator" , new Authenticator());
}
}
3) Have a class extends LifeCycleListener to set replace default ContextConfig the one you made:
package com.alz.tomcat;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.core.StandardHost;
/**
*
* @author [email protected]
*/
public class LifeCycleListener implements org.apache.catalina.LifecycleListener {
public void lifecycleEvent(LifecycleEvent lifeCycleEvent) {
if (Lifecycle.BEFORE_START_EVENT.equals(lifeCycleEvent.getType())) {
StandardHost aStandardHost = (StandardHost) lifeCycleEvent.getLifecycle();
aStandardHost.setConfigClass("com.alz.tomcat.ContextConfig");
}
}
}
4) Final step which is to add your LifeCycleListener to server.xml in Host tag like this:
<Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true" xmlNamespaceAware="false" xmlValidation="false">
<Listener className="com.alz.tomcat.LifeCycleListener"/>
</Host>