geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <>
Subject Re: svn commit: r111381 - in geronimo/branches/djencks/jetty-deployer1/trunk/modules: jetty-builder/src/java/org/apache/geronimo/jetty/deployment jetty/src/java/org/apache/geronimo/jetty jetty/src/test/org/apache/geronimo/jetty
Date Thu, 09 Dec 2004 21:36:13 GMT

On Dec 9, 2004, at 5:38 AM, wrote:
> +        ServletHttpRequest servletHttpRequest = (ServletHttpRequest) 
> request.getWrapper();
> +        WebResourcePermission resourcePermission = new 
> WebResourcePermission(servletHttpRequest);
> +        WebUserDataPermission dataPermission = new 
> WebUserDataPermission(servletHttpRequest);
> +        boolean unauthenticated = 
> !(checked.implies(resourcePermission) || 
> checked.implies(dataPermission));

I don't understand this line.  Why isn't it

       boolean unauthenticated = unchecked.implies(resourcePermission) 
&& unchecked.implies(dataPermission);

I also don't understand why the login path is checked specially.  
Shouldn't the login form have unchecked permissions so be taken care of 
by these other checks?

> +        boolean forbidden = 
> excludedPermissions.implies(resourcePermission) || 
> excludedPermissions.implies(dataPermission);
>          UserRealm realm = getRealm();

also, the jacc spec says (4.1.1, p.36)
The Servlet container must use one of the methods described in 
Section4.7,  “Checking AccessControlContext Independent Grants” to test 
if access to the  resource using the method and connection type 
encapsulated in the  WebUserDataPermission is permitted. If a 
SecurityException is thrown in the  permission determination, it must 
be caught, and the result of the determination  must be that access to 
the resource using the method and connection type is not  permitted. If 
access is not permitted, the request must be redirected as defined by  
the Servlet Specification. If access is permitted, the request must be 
subjected to a  pre-dispatch decision.

I think this means that the required order of events is:

check UserData permissions

if required, log in or say "forbidden"

check WebResource permissions

Currently we have

if required, log in

check UserData permissions

check WebResource permissions.

Am I missing something?

david jencks

View raw message