Return-Path: 
 <scm-return-7747-apmail-geronimo-scm-archive=geronimo.apache.org@geronimo.apache.org>
Delivered-To: apmail-geronimo-scm-archive@www.apache.org
Received: (qmail 30908 invoked from network); 12 Sep 2005 11:03:52 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 12 Sep 2005 11:03:52 -0000
Received: (qmail 36374 invoked by uid 500); 12 Sep 2005 11:03:52 -0000
Delivered-To: apmail-geronimo-scm-archive@geronimo.apache.org
Received: (qmail 36226 invoked by uid 500); 12 Sep 2005 11:03:51 -0000
Mailing-List: contact scm-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:scm-help@geronimo.apache.org>
list-unsubscribe: <mailto:scm-unsubscribe@geronimo.apache.org>
List-Post: <mailto:scm@geronimo.apache.org>
Reply-To: dev@geronimo.apache.org
List-Id: <scm.geronimo.apache.org>
Delivered-To: mailing list scm@geronimo.apache.org
Received: (qmail 36213 invoked by uid 99); 12 Sep 2005 11:03:50 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 12 Sep 2005 04:03:50 -0700
X-ASF-Spam-Status: No, hits=-9.8 required=10.0
	tests=ALL_TRUSTED,NO_REAL_NAME
X-Spam-Check-By: apache.org
Received: from [209.237.227.194] (HELO minotaur.apache.org) (209.237.227.194)
    by apache.org (qpsmtpd/0.29) with SMTP; Mon, 12 Sep 2005 04:04:02 -0700
Received: (qmail 30899 invoked by uid 65534); 12 Sep 2005 11:03:50 -0000
Message-ID: <20050912110350.30897.qmail@minotaur.apache.org>
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r280318 -
 /geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java
Date: Mon, 12 Sep 2005 11:03:49 -0000
To: scm@geronimo.apache.org
From: jgenender@apache.org
X-Mailer: svnmailer-1.0.5
X-Virus-Checked: Checked by ClamAV on apache.org
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

Author: jgenender
Date: Mon Sep 12 04:03:44 2005
New Revision: 280318

URL: http://svn.apache.org/viewcvs?rev=280318&view=rev
Log:
Fixed issues relating to SSL and JACC

Modified:
    geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java

Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java?rev=280318&r1=280317&r2=280318&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java (original)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java Mon Sep 12 04:03:44 2005
@@ -87,7 +87,7 @@
                                          Response response,
                                          SecurityConstraint[] constraints)
             throws IOException {
-
+        
         //Get an authenticated subject, if there is one
         Subject subject = null;
         try {
@@ -114,7 +114,14 @@
             /**
              * JACC v1.0 secion 4.1.1
              */
-            WebUserDataPermission wudp = new WebUserDataPermission(request);
+            String transportType;
+            if (request.isSecure()) {
+                transportType = "CONFIDENTIAL";
+                //What about INTEGRAL?? Does Tomcat support it??
+            } else {
+                transportType = "NONE";
+            }
+            WebUserDataPermission wudp = new WebUserDataPermission(request.getServletPath(), new String[]{request.getMethod()}, transportType);
             acc.checkPermission(wudp);
 
         } catch (AccessControlException ace) {
@@ -138,7 +145,7 @@
      */
     public boolean hasResourcePermission(Request request,
                                          Response response,
-                                         SecurityConstraint[] constraint,
+                                         SecurityConstraint[] constraints,
                                          Context context)
             throws IOException {
 
@@ -172,9 +179,12 @@
 
         // Which user principal have we already authenticated?
         Principal principal = request.getUserPrincipal();
-
+ 
         //If we have no principal, then we should use the default.
         if (principal == null) {
+            if (request.isSecure())
+                return true;
+            
             return false;
         } else {
             ContextManager.setCurrentCaller(((JAASTomcatPrincipal) principal).getSubject());
@@ -404,7 +414,6 @@
             return null;
         }
     }
-
 
     /**
      * Prepare for active use of the public methods of this <code>Component</code>.