geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: svn commit: r538265 - /geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
Date Tue, 15 May 2007 22:26:13 GMT
I think we need to fix this by having jetty check for a response  
before trying to use it.  Which authenticator is this using?  I filed  
a bug http://jira.codehaus.org/browse/JETTY-340 for this situation in  
the FormAuthenticator.

I'm going to be removing this change as part of GERONIMO-3154.  I'm  
happy to take this up with Greg W if necessary, but I don't think  
this is an appropriate fix.

thanks
david jencks

On May 15, 2007, at 10:51 AM, rickmcguire@apache.org wrote:

> Author: rickmcguire
> Date: Tue May 15 10:51:13 2007
> New Revision: 538265
>
> URL: http://svn.apache.org/viewvc?view=rev&rev=538265
> Log:
> Fix exception when authenticator fails because of missing certs.
>
>
> Modified:
>     geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/ 
> apache/geronimo/jetty6/handler/JettySecurityHandler.java
>
> Modified: geronimo/server/trunk/modules/geronimo-jetty6/src/main/ 
> java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
> URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/ 
> geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/ 
> JettySecurityHandler.java?view=diff&rev=538265&r1=538264&r2=538265
> ====================================================================== 
> ========
> --- geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/ 
> apache/geronimo/jetty6/handler/JettySecurityHandler.java (original)
> +++ geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/ 
> apache/geronimo/jetty6/handler/JettySecurityHandler.java Tue May 15  
> 10:51:13 2007
> @@ -259,11 +259,16 @@
>          // j_security_check.
>          // if we are logged in, return the logged in principal.
>          if (request != null) {
> -            // null response appears to prevent redirect to login  
> page
> -            Principal user = authenticator.authenticate(realm,  
> pathInContext,
> -                    request, null);
> -            if (user != null) {
> -                return user;
> +            try {
> +                // null response appears to prevent redirect to  
> login page
> +                Principal user = authenticator.authenticate(realm,  
> pathInContext,
> +                        request, null);
> +                if (user != null) {
> +                    return user;
> +                }
> +            } catch (Exception e) {
> +            // the Jetty authenticator tries to write something to  
> the response if
> +            // there is a failure.  Ignore any errors and continue  
> as if this failed.
>              }
>          }
>
>
>


Mime
View raw message