geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dwo...@apache.org
Subject svn commit: r718945 - in /geronimo/server/branches/2.1/plugins/tomcat: geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/ManagerGBean.java
Date Wed, 19 Nov 2008 12:52:02 GMT
Author: dwoods
Date: Wed Nov 19 04:52:02 2008
New Revision: 718945

URL: http://svn.apache.org/viewvc?rev=718945&view=rev
Log:
GERONIMO-3838 Close potential denial of service attack vector in Tomcat session handling,
which can be exploited by accessing the Admin Console login page but never logging in.  Thanks
to Ivan for the patch.

Modified:
    geronimo/server/branches/2.1/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java
    geronimo/server/branches/2.1/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/ManagerGBean.java

Modified: geronimo/server/branches/2.1/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java?rev=718945&r1=718944&r2=718945&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java
(original)
+++ geronimo/server/branches/2.1/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java
Wed Nov 19 04:52:02 2008
@@ -402,7 +402,7 @@
             if (tomcatWebApp.isSetManager()) {
                 String manager = tomcatWebApp.getManager().trim();
                 AbstractName managerName = earContext.getNaming().createChildName(moduleName,
manager, ManagerGBean.J2EE_TYPE);
-                webModuleData.setReferencePattern("Manager", managerName);
+                webModuleData.setReferencePattern(TomcatWebAppContext.GBEAN_REF_MANAGER_RETRIEVER,
managerName);
             }
             
             Boolean distributable = webApp.getDistributableArray().length == 1 ? TRUE : FALSE;

Modified: geronimo/server/branches/2.1/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/ManagerGBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/ManagerGBean.java?rev=718945&r1=718944&r2=718945&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/ManagerGBean.java
(original)
+++ geronimo/server/branches/2.1/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/ManagerGBean.java
Wed Nov 19 04:52:02 2008
@@ -16,14 +16,19 @@
  */
 package org.apache.geronimo.tomcat;
 
+import java.util.HashMap;
+import java.util.Iterator;
 import java.util.Map;
 
 import org.apache.catalina.Manager;
+import org.apache.catalina.Store;
+import org.apache.catalina.session.PersistentManagerBase;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.geronimo.gbean.GBeanInfo;
 import org.apache.geronimo.gbean.GBeanInfoBuilder;
 import org.apache.geronimo.gbean.GBeanLifecycle;
+import org.apache.tomcat.util.IntrospectionUtils;
 
 public class ManagerGBean extends BaseGBean implements GBeanLifecycle, ObjectRetriever{
 
@@ -48,15 +53,18 @@
         super(); // TODO: make it an attribute
         //Validate
         if (className == null){
-            className = "org.apache.catalina.core.StandardHost";
+            className = "org.apache.catalina.session.StandardManager";
         }
         
         //Create the Manager object
         manager = (Manager)Class.forName(className).newInstance();
-        
+
         //Set the parameters
-        setParameters(manager, initParams);
-        
+        if (CLASSNAME_PARAMETERHANDLER_MAP.containsKey(className)) {
+            CLASSNAME_PARAMETERHANDLER_MAP.get(className).handle(manager, initParams);
+        } else {
+            CLASSNAME_PARAMETERHANDLER_MAP.get(DEFAULT_PARAMETER_HANDLER).handle(manager,
initParams);
+        }
     }
     
     public void doStart() throws Exception {
@@ -69,12 +77,15 @@
     }
 
     public Object getInternalObject() {
-        // TODO Auto-generated method stub
         return manager;
     }
     
     public static final GBeanInfo GBEAN_INFO;
 
+    public static final Map<String, ParametersHandler> CLASSNAME_PARAMETERHANDLER_MAP
= new HashMap<String, ParametersHandler>();
+
+    public static final String DEFAULT_PARAMETER_HANDLER = "default";
+
     static {
         GBeanInfoBuilder infoFactory = GBeanInfoBuilder.createStatic("TomcatManager", ManagerGBean.class,
J2EE_TYPE);
         infoFactory.addAttribute("className", String.class, true);
@@ -84,9 +95,70 @@
                 "className", 
                 "initParams"});
         GBEAN_INFO = infoFactory.getBeanInfo();
+        //Initialize handler map
+        CLASSNAME_PARAMETERHANDLER_MAP.put(DEFAULT_PARAMETER_HANDLER, new DefaultParametersHandler());
+        CLASSNAME_PARAMETERHANDLER_MAP.put("org.apache.catalina.session.PersistentManager",
new PersistentManagerBaseParametersHandler());
+        CLASSNAME_PARAMETERHANDLER_MAP.put("org.apache.catalina.session.DistributedManager",
new PersistentManagerBaseParametersHandler());
     }
 
     public static GBeanInfo getGBeanInfo() {
         return GBEAN_INFO;
     }
+
+    public interface ParametersHandler {
+        public void handle(Object managerObject, Map<String, String> nameValueMap)
throws Exception;
+    }
+
+    static class DefaultParametersHandler implements ParametersHandler {
+        public void handle(Object managerObject, Map<String, String> nameValueMap)
throws Exception {
+            for (Iterator<String> it = nameValueMap.keySet().iterator(); it.hasNext();)
{
+                String sCurrentParameterName = it.next();
+                String sCurrentParameterValue = nameValueMap.get(sCurrentParameterName);
+                if (sCurrentParameterValue != null) {
+                    sCurrentParameterValue = sCurrentParameterValue.trim();
+                }
+                IntrospectionUtils.setProperty(managerObject, sCurrentParameterName, sCurrentParameterValue);
+            }
+        }
+    }
+
+    static class PersistentManagerBaseParametersHandler implements ParametersHandler {
+        private static final String STORE_CLASSNAME = "store.className";
+
+        private static final String STORE_PARAMETER_PREFIX = "store.";
+
+        public void handle(Object managerObject, Map<String, String> nameValueMap)
throws Exception {
+            //Search the Store implementation
+            if (!nameValueMap.containsKey(STORE_CLASSNAME) || nameValueMap.get(STORE_CLASSNAME)
== null) {
+                throw new IllegalArgumentException("store.className should be set to indicate
which implementation is used");
+            }
+            Store store = (Store) Class.forName(nameValueMap.get(STORE_CLASSNAME).trim()).newInstance();
+            nameValueMap.remove(STORE_CLASSNAME);
+            //Initialize store object            
+            for (Iterator<String> it = nameValueMap.keySet().iterator(); it.hasNext();)
{
+                String sCurrentParameterName = it.next();
+                String sCurrentParameterValue = nameValueMap.get(sCurrentParameterName);
+                if (sCurrentParameterValue != null) {
+                    sCurrentParameterValue = sCurrentParameterValue.trim();
+                }
+                if (sCurrentParameterName.indexOf(STORE_PARAMETER_PREFIX) == 0) {
+                    int iDotIndex = sCurrentParameterName.indexOf('.');
+                    String sStoreParameterName = sCurrentParameterName.substring(iDotIndex
+ 1);
+                    if (IntrospectionUtils.setProperty(store, sStoreParameterName, sCurrentParameterValue))
{
+                        log.debug("Property [" + sStoreParameterName + "] of the store object
is set with [" + sCurrentParameterValue + "]");
+                    } else {
+                        log.warn("Fail to set the property [" + sStoreParameterName + "]
of the store object with [" + sCurrentParameterValue + "]");
+                    }
+                } else {
+                    if (IntrospectionUtils.setProperty(managerObject, sCurrentParameterName,
sCurrentParameterValue)) {
+                        log.debug("Property [" + sCurrentParameterName + "] of the manager
object is set with [" + sCurrentParameterValue + "]");
+                    } else {
+                        log.warn("Fail to set the property [" + sCurrentParameterName + "]
of the manager object with [" + sCurrentParameterValue + "]");
+                    }
+                }
+            }
+            //Set Store to Manager
+            ((PersistentManagerBase) managerObject).setStore(store);
+        }
+    }
 }



Mime
View raw message