geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick McGuire <rick...@gmail.com>
Subject Re: svn commit: r538265 - /geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
Date Wed, 16 May 2007 09:49:13 GMT
This was the ClientCertAuthenticator that was causing the problem.  I'm 
ok with this getting fixed in Jetty (I'd prefer it be done that way, 
actually).  I figured that given the timing of things, this was an 
easier fix to get in place. 

Rick

David Jencks wrote:
> I think we need to fix this by having jetty check for a response 
> before trying to use it.  Which authenticator is this using?  I filed 
> a bug http://jira.codehaus.org/browse/JETTY-340 for this situation in 
> the FormAuthenticator.
>
> I'm going to be removing this change as part of GERONIMO-3154.  I'm 
> happy to take this up with Greg W if necessary, but I don't think this 
> is an appropriate fix.
>
> thanks
> david jencks
>
> On May 15, 2007, at 10:51 AM, rickmcguire@apache.org wrote:
>
>> Author: rickmcguire
>> Date: Tue May 15 10:51:13 2007
>> New Revision: 538265
>>
>> URL: http://svn.apache.org/viewvc?view=rev&rev=538265
>> Log:
>> Fix exception when authenticator fails because of missing certs.
>>
>>
>> Modified:
>>     
>> geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java

>>
>>
>> Modified: 
>> geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java

>>
>> URL: 
>> http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java?view=diff&rev=538265&r1=538264&r2=538265

>>
>> ============================================================================== 
>>
>> --- 
>> geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java

>> (original)
>> +++ 
>> geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java

>> Tue May 15 10:51:13 2007
>> @@ -259,11 +259,16 @@
>>          // j_security_check.
>>          // if we are logged in, return the logged in principal.
>>          if (request != null) {
>> -            // null response appears to prevent redirect to login page
>> -            Principal user = authenticator.authenticate(realm, 
>> pathInContext,
>> -                    request, null);
>> -            if (user != null) {
>> -                return user;
>> +            try {
>> +                // null response appears to prevent redirect to 
>> login page
>> +                Principal user = authenticator.authenticate(realm, 
>> pathInContext,
>> +                        request, null);
>> +                if (user != null) {
>> +                    return user;
>> +                }
>> +            } catch (Exception e) {
>> +            // the Jetty authenticator tries to write something to 
>> the response if
>> +            // there is a failure.  Ignore any errors and continue 
>> as if this failed.
>>              }
>>          }
>>
>>
>>
>
>


Mime
View raw message