diff --git a/appserver/web/web-core/src/main/java/org/apache/catalina/authenticator/AuthenticatorBase.java b/appserver/web/web-core/src/main/java/org/apache/catalina/authenticator/AuthenticatorBase.java index 181d679caca..6374b298b6e 100644 --- a/appserver/web/web-core/src/main/java/org/apache/catalina/authenticator/AuthenticatorBase.java +++ b/appserver/web/web-core/src/main/java/org/apache/catalina/authenticator/AuthenticatorBase.java @@ -768,6 +768,9 @@ protected void register(HttpRequest request, HttpResponse response, Principal pr assert (realm != null); sso.register(value, principal, authType, username, password, realm); // END S1AS8 PE 4856080,4918627 + if (session != null) { + sso.associate(value, 0, session); + } request.setNote(Constants.REQ_SSOID_NOTE, value); if (sso.isVersioningSupported()) { @@ -807,6 +810,9 @@ public void logout(HttpRequest request) throws ServletException { if (session != null) { session.setPrincipal(null); session.setAuthType(null); + if (session.getSsoId() != null) { + session.expire(); + } } // principal and authType set to null in the following diff --git a/appserver/web/web-glue/src/main/java/com/sun/enterprise/security/web/GlassFishSingleSignOn.java b/appserver/web/web-glue/src/main/java/com/sun/enterprise/security/web/GlassFishSingleSignOn.java index 8a619a0a90b..9aef83e0f76 100644 --- a/appserver/web/web-glue/src/main/java/com/sun/enterprise/security/web/GlassFishSingleSignOn.java +++ b/appserver/web/web-glue/src/main/java/com/sun/enterprise/security/web/GlassFishSingleSignOn.java @@ -337,7 +337,7 @@ public int invoke(final Request request, final Response response) { } String realmName = realm.getRealmName(); - if (realmName == null) { + if (realmName == null || realmName.isEmpty()) { // S1AS8 6155481 START if (logger.isLoggable(Level.FINE)) { logger.log(Level.FINE, LogFacade.NO_REALM_CONFIGURED);