import org.apache.catalina.connector.Request; //导入方法依赖的package包/类

/**

* Perform single-sign-on support processing for this request.

*

* @param request The servlet request we are processing

* @param response The servlet response we are creating

*

* @exception IOException if an input/output error occurs

* @exception ServletException if a servlet error occurs

*/

public void invoke(Request request, Response response)

throws IOException, ServletException {

request.removeNote(Constants.REQ_SSOID_NOTE);

// Has a valid user already been authenticated?

if (request.getUserPrincipal() != null) {

getNext().invoke(request, response);

return;

}

// Check for the single sign on cookie

Cookie cookie = null;

Cookie cookies[] = request.getCookies();

if (cookies == null)

cookies = new Cookie[0];

for (int i = 0; i < cookies.length; i++) {

if (Constants.SINGLE_SIGN_ON_COOKIE.equals(cookies[i].getName())) {

cookie = cookies[i];

break;

}

}

if (cookie == null) {

getNext().invoke(request, response);

return;

}

// Look up the cached Principal associated with this cookie value

SingleSignOnEntry entry = lookup(cookie.getValue());

if (entry != null) {

request.setNote(Constants.REQ_SSOID_NOTE, cookie.getValue());

// Only set security elements if reauthentication is not required

if (!getRequireReauthentication()) {

request.setAuthType(entry.getAuthType());

request.setUserPrincipal(entry.getPrincipal());

}

} else {

cookie.setMaxAge(0);

response.addCookie(cookie);

}

// Invoke the next Valve in our pipeline

getNext().invoke(request, response);

}