tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From craig...@locus.apache.org
Subject cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/servlets AuthServlet.java DefaultErrorPage.java
Date Thu, 13 Apr 2000 01:45:57 GMT
craigmcc    00/04/12 18:45:56

  Modified:    src/share/org/apache/tomcat/core ContextManager.java
                        HttpServletResponseFacade.java
               src/share/org/apache/tomcat/servlets AuthServlet.java
                        DefaultErrorPage.java
  Log:
  Fix a bug where BASIC authentication fails to trigger the pop-up
  dialog box for username and password on IE.  This bug was introduced
  by my previous fix to HttpServletResponseFacade.java to make it reset
  the response inside sendError() and sendRedirect().  Unfortunately,
  due to the way Tomcat is currently structured, this caused the
  "WWW-Authenticate" message containing the challenge to be erased.
  
  Netscape Navigator saw the 401 (Unauthorized) error, and popped up a
  dialog box anyway, with an "unknown" realm.  However, IE didn't see
  a "WWW-Authenticate" so it didn't do anything.
  
  The workaround in this patch is to NOT reset the response if sendError
  is called with a status code of 401.  I've been staring at this code for
  three hours, and cannot see any other way short of a major restructuring
  to get around this problem differently.
  
  Revision  Changes    Path
  1.69      +1 -0      jakarta-tomcat/src/share/org/apache/tomcat/core/ContextManager.java
  
  Index: ContextManager.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/ContextManager.java,v
  retrieving revision 1.68
  retrieving revision 1.69
  diff -u -r1.68 -r1.69
  --- ContextManager.java	2000/04/06 21:14:45	1.68
  +++ ContextManager.java	2000/04/13 01:45:54	1.69
  @@ -736,6 +736,7 @@
   	    errorServlet.handleRequest(req.getFacade(),res.getFacade());
   	    // will call this if any error happens
   	}
  +
   	return;
       }
       
  
  
  
  1.10      +4 -4      jakarta-tomcat/src/share/org/apache/tomcat/core/HttpServletResponseFacade.java
  
  Index: HttpServletResponseFacade.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/HttpServletResponseFacade.java,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- HttpServletResponseFacade.java	2000/04/08 00:02:18	1.9
  +++ HttpServletResponseFacade.java	2000/04/13 01:45:54	1.10
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/HttpServletResponseFacade.java,v
1.9 2000/04/08 00:02:18 craigmcc Exp $
  - * $Revision: 1.9 $
  - * $Date: 2000/04/08 00:02:18 $
  + * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/HttpServletResponseFacade.java,v
1.10 2000/04/13 01:45:54 craigmcc Exp $
  + * $Revision: 1.10 $
  + * $Date: 2000/04/13 01:45:54 $
    *
    * ====================================================================
    *
  @@ -155,7 +155,7 @@
       public void sendError(int sc, String msg) throws IOException {
   	if (isCommitted())
   	    throw new IllegalStateException(sm.getString("hsrf.error.ise"));
  -	else
  +	else if (sc != HttpServletResponse.SC_UNAUTHORIZED)	// CRM: FIXME
   	    reset();
   	setStatus( sc );
   	Request request=response.getRequest();
  
  
  
  1.6       +1 -0      jakarta-tomcat/src/share/org/apache/tomcat/servlets/AuthServlet.java
  
  Index: AuthServlet.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/servlets/AuthServlet.java,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- AuthServlet.java	2000/04/07 22:59:02	1.5
  +++ AuthServlet.java	2000/04/13 01:45:55	1.6
  @@ -81,6 +81,7 @@
   	Request req=((HttpServletRequestFacade)request).getRealRequest();
   	Context ctx=req.getContext();
   	String realm=ctx.getRealmName();
  +
   	if( "EXPERIMENTAL_FORM".equals( ctx.getAuthMethod() )) {
   	    // the code is not uglier that the spec, we are just implementing it.
   	    // if you don't understand what's here - you're not alone !
  
  
  
  1.9       +3 -0      jakarta-tomcat/src/share/org/apache/tomcat/servlets/DefaultErrorPage.java
  
  Index: DefaultErrorPage.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/servlets/DefaultErrorPage.java,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- DefaultErrorPage.java	2000/04/05 02:52:16	1.8
  +++ DefaultErrorPage.java	2000/04/13 01:45:56	1.9
  @@ -109,6 +109,7 @@
   
       // -------------------- Default error page --------------------
       private void sendPrivateError(Request request, Response response, int sc, String msg)
throws IOException {
  +
   	response.setContentType("text/html");
   
   	response.setStatus( sc );
  @@ -135,7 +136,9 @@
   
       // -------------------- Redirect page --------------------
       public void redirect(Request request, Response response, String location) throws IOException
{
  +
           location = makeAbsolute(request, location);
  +
   	response.setContentType("text/html");	// ISO-8859-1 default
   	response.setHeader("Location", location);
   
  
  
  

Mime
View raw message