tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From na...@apache.org
Subject cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/aaa AccessInterceptor.java
Date Fri, 09 Mar 2001 22:54:07 GMT
nacho       01/03/09 14:54:07

  Modified:    src/examples/jsp/security/login login.jsp
               src/examples/jsp index.html
               src/share/org/apache/tomcat/modules/aaa
                        AccessInterceptor.java
  Added:       src/examples/jsp/security index.jsp
  Log:
  Fix for < http://nagoya.apache.org/bugzilla/show_bug.cgi?id=539 >
  
  Added a way to show up the changes throught examples/jsp/security/protected.
  
  Reported by: dcernahoschi@softwin.ro
  
  Revision  Changes    Path
  1.3       +1 -1      jakarta-tomcat/src/examples/jsp/security/login/login.jsp
  
  Index: login.jsp
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/examples/jsp/security/login/login.jsp,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- login.jsp	2000/10/09 02:38:15	1.2
  +++ login.jsp	2001/03/09 22:54:06	1.3
  @@ -2,7 +2,7 @@
   <body>
   <h1>Login page for examples</h1>
   
  -<form method="POST" action="j_security_check" >
  +<form method="POST" action='<%= response.encodeURL("j_security_check")%>' >
    Username: <input type="text" name="j_username"><br>
    Password: <input type="password" name="j_password"><br> 
    <br>
  
  
  
  1.1                  jakarta-tomcat/src/examples/jsp/security/index.jsp
  
  Index: index.jsp
  ===================================================================
  <html>
  <!--
    Copyright (c) 1999 The Apache Software Foundation.  All rights 
    reserved.
  -->
  
  <body bgcolor="white">
  <html>
  <h1>Security Examples</h1>
  <table border=0>
      <tr><td>
          <a href='<%= response.encodeURL("protected/index.jsp") %>'>Protected
Directory, browse it with cookies disabled</a><br/>
      </td></tr>
      <tr><td>
          <a href='protected/index.jsp'>Protected Directory, Use with cookies enabled
browser</a>
      </td></tr>
  </table>
  
  </html>
  
  
  
  1.5       +1 -1      jakarta-tomcat/src/examples/jsp/index.html
  
  Index: index.html
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/examples/jsp/index.html,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- index.html	2000/10/09 02:40:01	1.4
  +++ index.html	2001/03/09 22:54:06	1.5
  @@ -152,7 +152,7 @@
   <tr VALIGN=TOP>
   <td>Security&nbsp;</td>
   
  -<td VALIGN=TOP WIDTH="30%"><a href="security/protected"><img SRC="../images/execute.gif"
HSPACE=4 BORDER=0  align=TOP></a><a href="security/protected">Execute</a></td>
  +<td VALIGN=TOP WIDTH="30%"><a href="security/"><img SRC="../images/execute.gif"
HSPACE=4 BORDER=0  align=TOP></a><a href="security/">Execute</a></td>
   
   <td WIDTH="30%"><a href="security/security.html"><img SRC="../images/code.gif"
HSPACE=4 BORDER=0 height=24 width=24 align=TOP></a><a href="security/security.html">Source</a></td>
   </tr>
  
  
  
  1.8       +11 -4     jakarta-tomcat/src/share/org/apache/tomcat/modules/aaa/AccessInterceptor.java
  
  Index: AccessInterceptor.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/aaa/AccessInterceptor.java,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- AccessInterceptor.java	2001/02/20 03:16:51	1.7
  +++ AccessInterceptor.java	2001/03/09 22:54:07	1.8
  @@ -55,7 +55,7 @@
    *
    * [Additional notices, if required by prior licensing conditions]
    *
  - */ 
  + */
   
   package org.apache.tomcat.modules.aaa;
   
  @@ -459,7 +459,7 @@
   	ServerSession session=req.getSession( false );
   	if( session == null ) {
   	}
  -	
  +
   	String page=ctx.getFormLoginPage();
   	String errorPage=ctx.getFormErrorPage();
   	// assert errorPage!=null ( AccessInterceptor will check
  @@ -481,8 +481,15 @@
   	}
   
   	String originalLocation = req.requestURI().toString();
  -	if (req.queryString().toString() != null)
  +	if (req.queryString().toString() != null
  +                && !req.queryString().toString().equals(""))
   	    originalLocation += "?" + req.queryString().toString();
  +        //XXX is needed to put the JVM route too?
  +        if (req.getSessionIdSource().equals(Request.SESSIONID_FROM_URL)){
  +            String id=";jsessionid="+req.getSessionId() ;
  +            originalLocation += id ;
  +            page += id ;
  +        }
   	session.setAttribute( "tomcat.auth.originalLocation",
   			      originalLocation);
   	if( debug > 0 )
  @@ -502,7 +509,7 @@
       This is called after the user POST the form login page.
   */
   class FormSecurityCheckHandler extends Handler {
  -    
  +
       FormSecurityCheckHandler() {
   	//	setOrigin( Handler.ORIGIN_INTERNAL );
   	name="tomcat.formSecurityCheck";
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, email: tomcat-dev-help@jakarta.apache.org


Mime
View raw message