tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From craig...@apache.org
Subject cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup Authenticators.properties ContextConfig.java
Date Tue, 08 May 2001 21:22:40 GMT
craigmcc    01/05/08 14:22:40

  Modified:    catalina/src/share/org/apache/catalina/deploy
                        LoginConfig.java
               catalina/src/share/org/apache/catalina/startup
                        Authenticators.properties ContextConfig.java
  Added:       catalina/src/share/org/apache/catalina/authenticator
                        NonLoginAuthenticator.java
  Log:
  If the only security constraint defined for a web application imposes only
  limits not related to authentication (such as only a <user-data-constraint>),
  install a special Authenticator that imposes the remaining constraints.
  Previously, these constraints were being ignored unless there was a
  <login-config> element defined.
  
  Submitted by:	QingQing Ouyang <qingqing.ouyang@eng.sun.com>
  
  Revision  Changes    Path
  1.1                  jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/NonLoginAuthenticator.java
  
  Index: NonLoginAuthenticator.java
  ===================================================================
  /*
   * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/NonLoginAuthenticator.java,v
1.1 2001/05/08 21:22:29 craigmcc Exp $
   * $Revision: 1.1 $
   * $Date: 2001/05/08 21:22:29 $
   *
   * ====================================================================
   *
   * The Apache Software License, Version 1.1
   *
   * Copyright (c) 1999 The Apache Software Foundation.  All rights
   * reserved.
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
   *
   * 1. Redistributions of source code must retain the above copyright
   *    notice, this list of conditions and the following disclaimer.
   *
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in
   *    the documentation and/or other materials provided with the
   *    distribution.
   *
   * 3. The end-user documentation included with the redistribution, if
   *    any, must include the following acknowlegement:
   *       "This product includes software developed by the
   *        Apache Software Foundation (http://www.apache.org/)."
   *    Alternately, this acknowlegement may appear in the software itself,
   *    if and wherever such third-party acknowlegements normally appear.
   *
   * 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
   *    Foundation" must not be used to endorse or promote products derived
   *    from this software without prior written permission. For written
   *    permission, please contact apache@apache.org.
   *
   * 5. Products derived from this software may not be called "Apache"
   *    nor may "Apache" appear in their names without prior written
   *    permission of the Apache Group.
   *
   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
   * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
   * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
   * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   * SUCH DAMAGE.
   * ====================================================================
   *
   * This software consists of voluntary contributions made by many
   * individuals on behalf of the Apache Software Foundation.  For more
   * information on the Apache Software Foundation, please see
   * <http://www.apache.org/>.
   *
   * [Additional notices, if required by prior licensing conditions]
   *
   */
  
  
  package org.apache.catalina.authenticator;
  
  
  import java.io.IOException;
  import java.security.Principal;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  import org.apache.catalina.HttpRequest;
  import org.apache.catalina.HttpResponse;
  import org.apache.catalina.Realm;
  import org.apache.catalina.Session;
  import org.apache.catalina.deploy.LoginConfig;
  
  
  
  /**
   * An <b>Authenticator</b> and <b>Valve</b> implementation that
checks
   * only security constraints not involving user authentication.
   *
   * @author Craig R. McClanahan
   * @version $Revision: 1.1 $ $Date: 2001/05/08 21:22:29 $
   */
  
  public final class NonLoginAuthenticator
      extends AuthenticatorBase {
  
  
      // ----------------------------------------------------- Instance Variables
  
  
      /**
       * Descriptive information about this implementation.
       */
      private static final String info =
  	"org.apache.catalina.authenticator.NonLoginAuthenticator/1.0";
  
  
      // ------------------------------------------------------------- Properties
  
  
      /**
       * Return descriptive information about this Valve implementation.
       */
      public String getInfo() {
  
  	return (this.info);
  
      }
  
  
      // --------------------------------------------------------- Public Methods
  
  
      /**
       * Authenticate the user making this request, based on the specified
       * login configuration.  Return <code>true</code> if any specified
       * constraint has been satisfied, or <code>false</code> if we have
       * created a response challenge already.
       *
       * @param request Request we are processing
       * @param response Response we are creating
       * @param login Login configuration describing how authentication
       *              should be performed
       *
       * @exception IOException if an input/output error occurs
       */
      public boolean authenticate(HttpRequest request,
  				HttpResponse response,
  				LoginConfig config)
  	throws IOException {
  
          if (debug >= 1)
              log("User authentication is not required");
          return (true);
  
  
      }
  
  
  }
  
  
  
  1.5       +37 -4     jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/LoginConfig.java
  
  Index: LoginConfig.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/LoginConfig.java,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- LoginConfig.java	2000/11/25 00:57:25	1.4
  +++ LoginConfig.java	2001/05/08 21:22:32	1.5
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/LoginConfig.java,v
1.4 2000/11/25 00:57:25 craigmcc Exp $
  - * $Revision: 1.4 $
  - * $Date: 2000/11/25 00:57:25 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/LoginConfig.java,v
1.5 2001/05/08 21:22:32 craigmcc Exp $
  + * $Revision: 1.5 $
  + * $Date: 2001/05/08 21:22:32 $
    *
    * ====================================================================
    *
  @@ -74,10 +74,43 @@
    * deployment descriptor.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.4 $ $Date: 2000/11/25 00:57:25 $
  + * @version $Revision: 1.5 $ $Date: 2001/05/08 21:22:32 $
    */
   
   public final class LoginConfig {
  +
  +
  +    // ----------------------------------------------------------- Constructors
  +
  +
  +    /**
  +     * Construct a new LoginConfig with default properties.
  +     */
  +    public LoginConfig() {
  +
  +        super();
  +
  +    }
  +
  +
  +    /**
  +     * Construct a new LoginConfig with the specified properties.
  +     *
  +     * @param authMethod The authentication method
  +     * @param realmName The realm name
  +     * @param loginPage The login page URI
  +     * @param errorPage The error page URI
  +     */
  +    public LoginConfig(String authMethod, String realmName,
  +                       String loginPage, String errorPage) {
  +
  +        super();
  +        setAuthMethod(authMethod);
  +        setRealmName(realmName);
  +        setLoginPage(loginPage);
  +        setErrorPage(errorPage);
  +
  +    }
   
   
       // ------------------------------------------------------------- Properties
  
  
  
  1.4       +1 -0      jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Authenticators.properties
  
  Index: Authenticators.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Authenticators.properties,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- Authenticators.properties	2000/09/12 00:10:12	1.3
  +++ Authenticators.properties	2001/05/08 21:22:35	1.4
  @@ -2,3 +2,4 @@
   CLIENT-CERT=org.apache.catalina.authenticator.SSLAuthenticator
   DIGEST=org.apache.catalina.authenticator.DigestAuthenticator
   FORM=org.apache.catalina.authenticator.FormAuthenticator
  +NONE=org.apache.catalina.authenticator.NonLoginAuthenticator
  
  
  
  1.45      +8 -6      jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java
  
  Index: ContextConfig.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java,v
  retrieving revision 1.44
  retrieving revision 1.45
  diff -u -r1.44 -r1.45
  --- ContextConfig.java	2001/04/18 18:59:23	1.44
  +++ ContextConfig.java	2001/05/08 21:22:36	1.45
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java,v
1.44 2001/04/18 18:59:23 craigmcc Exp $
  - * $Revision: 1.44 $
  - * $Date: 2001/04/18 18:59:23 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java,v
1.45 2001/05/08 21:22:36 craigmcc Exp $
  + * $Revision: 1.45 $
  + * $Date: 2001/05/08 21:22:36 $
    *
    * ====================================================================
    *
  @@ -121,7 +121,7 @@
    * of that Context, and the associated defined servlets.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.44 $ $Date: 2001/04/18 18:59:23 $
  + * @version $Revision: 1.45 $ $Date: 2001/05/08 21:22:36 $
    */
   
   public final class ContextConfig
  @@ -280,8 +280,10 @@
   	if ((constraints == null) || (constraints.length == 0))
   	    return;
   	LoginConfig loginConfig = context.getLoginConfig();
  -	if (loginConfig == null)
  -	    return;
  +	if (loginConfig == null) {
  +            loginConfig = new LoginConfig("NONE", null, null, null);
  +            context.setLoginConfig(loginConfig);
  +        }
   
   	// Has an authenticator been configured already?
   	if (context instanceof Authenticator)
  
  
  

Mime
View raw message