Return-Path: Delivered-To: apmail-jakarta-tomcat-dev-archive@jakarta.apache.org Received: (qmail 65437 invoked by uid 500); 8 May 2001 21:22:48 -0000 Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: Reply-To: tomcat-dev@jakarta.apache.org Delivered-To: mailing list tomcat-dev@jakarta.apache.org Received: (qmail 65256 invoked by uid 500); 8 May 2001 21:22:42 -0000 Delivered-To: apmail-jakarta-tomcat-4.0-cvs@apache.org Date: 8 May 2001 21:22:40 -0000 Message-ID: <20010508212240.65169.qmail@apache.org> From: craigmcc@apache.org To: jakarta-tomcat-4.0-cvs@apache.org Subject: cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup Authenticators.properties ContextConfig.java craigmcc 01/05/08 14:22:40 Modified: catalina/src/share/org/apache/catalina/deploy LoginConfig.java catalina/src/share/org/apache/catalina/startup Authenticators.properties ContextConfig.java Added: catalina/src/share/org/apache/catalina/authenticator NonLoginAuthenticator.java Log: If the only security constraint defined for a web application imposes only limits not related to authentication (such as only a ), install a special Authenticator that imposes the remaining constraints. Previously, these constraints were being ignored unless there was a element defined. Submitted by: QingQing Ouyang Revision Changes Path 1.1 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/NonLoginAuthenticator.java Index: NonLoginAuthenticator.java =================================================================== /* * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/NonLoginAuthenticator.java,v 1.1 2001/05/08 21:22:29 craigmcc Exp $ * $Revision: 1.1 $ * $Date: 2001/05/08 21:22:29 $ * * ==================================================================== * * The Apache Software License, Version 1.1 * * Copyright (c) 1999 The Apache Software Foundation. All rights * reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The end-user documentation included with the redistribution, if * any, must include the following acknowlegement: * "This product includes software developed by the * Apache Software Foundation (http://www.apache.org/)." * Alternately, this acknowlegement may appear in the software itself, * if and wherever such third-party acknowlegements normally appear. * * 4. The names "The Jakarta Project", "Tomcat", and "Apache Software * Foundation" must not be used to endorse or promote products derived * from this software without prior written permission. For written * permission, please contact apache@apache.org. * * 5. Products derived from this software may not be called "Apache" * nor may "Apache" appear in their names without prior written * permission of the Apache Group. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * . * * [Additional notices, if required by prior licensing conditions] * */ package org.apache.catalina.authenticator; import java.io.IOException; import java.security.Principal; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.catalina.HttpRequest; import org.apache.catalina.HttpResponse; import org.apache.catalina.Realm; import org.apache.catalina.Session; import org.apache.catalina.deploy.LoginConfig; /** * An Authenticator and Valve implementation that checks * only security constraints not involving user authentication. * * @author Craig R. McClanahan * @version $Revision: 1.1 $ $Date: 2001/05/08 21:22:29 $ */ public final class NonLoginAuthenticator extends AuthenticatorBase { // ----------------------------------------------------- Instance Variables /** * Descriptive information about this implementation. */ private static final String info = "org.apache.catalina.authenticator.NonLoginAuthenticator/1.0"; // ------------------------------------------------------------- Properties /** * Return descriptive information about this Valve implementation. */ public String getInfo() { return (this.info); } // --------------------------------------------------------- Public Methods /** * Authenticate the user making this request, based on the specified * login configuration. Return true if any specified * constraint has been satisfied, or false if we have * created a response challenge already. * * @param request Request we are processing * @param response Response we are creating * @param login Login configuration describing how authentication * should be performed * * @exception IOException if an input/output error occurs */ public boolean authenticate(HttpRequest request, HttpResponse response, LoginConfig config) throws IOException { if (debug >= 1) log("User authentication is not required"); return (true); } } 1.5 +37 -4 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/LoginConfig.java Index: LoginConfig.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/LoginConfig.java,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- LoginConfig.java 2000/11/25 00:57:25 1.4 +++ LoginConfig.java 2001/05/08 21:22:32 1.5 @@ -1,7 +1,7 @@ /* - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/LoginConfig.java,v 1.4 2000/11/25 00:57:25 craigmcc Exp $ - * $Revision: 1.4 $ - * $Date: 2000/11/25 00:57:25 $ + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/LoginConfig.java,v 1.5 2001/05/08 21:22:32 craigmcc Exp $ + * $Revision: 1.5 $ + * $Date: 2001/05/08 21:22:32 $ * * ==================================================================== * @@ -74,10 +74,43 @@ * deployment descriptor. * * @author Craig R. McClanahan - * @version $Revision: 1.4 $ $Date: 2000/11/25 00:57:25 $ + * @version $Revision: 1.5 $ $Date: 2001/05/08 21:22:32 $ */ public final class LoginConfig { + + + // ----------------------------------------------------------- Constructors + + + /** + * Construct a new LoginConfig with default properties. + */ + public LoginConfig() { + + super(); + + } + + + /** + * Construct a new LoginConfig with the specified properties. + * + * @param authMethod The authentication method + * @param realmName The realm name + * @param loginPage The login page URI + * @param errorPage The error page URI + */ + public LoginConfig(String authMethod, String realmName, + String loginPage, String errorPage) { + + super(); + setAuthMethod(authMethod); + setRealmName(realmName); + setLoginPage(loginPage); + setErrorPage(errorPage); + + } // ------------------------------------------------------------- Properties 1.4 +1 -0 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Authenticators.properties Index: Authenticators.properties =================================================================== RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Authenticators.properties,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- Authenticators.properties 2000/09/12 00:10:12 1.3 +++ Authenticators.properties 2001/05/08 21:22:35 1.4 @@ -2,3 +2,4 @@ CLIENT-CERT=org.apache.catalina.authenticator.SSLAuthenticator DIGEST=org.apache.catalina.authenticator.DigestAuthenticator FORM=org.apache.catalina.authenticator.FormAuthenticator +NONE=org.apache.catalina.authenticator.NonLoginAuthenticator 1.45 +8 -6 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java Index: ContextConfig.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java,v retrieving revision 1.44 retrieving revision 1.45 diff -u -r1.44 -r1.45 --- ContextConfig.java 2001/04/18 18:59:23 1.44 +++ ContextConfig.java 2001/05/08 21:22:36 1.45 @@ -1,7 +1,7 @@ /* - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java,v 1.44 2001/04/18 18:59:23 craigmcc Exp $ - * $Revision: 1.44 $ - * $Date: 2001/04/18 18:59:23 $ + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java,v 1.45 2001/05/08 21:22:36 craigmcc Exp $ + * $Revision: 1.45 $ + * $Date: 2001/05/08 21:22:36 $ * * ==================================================================== * @@ -121,7 +121,7 @@ * of that Context, and the associated defined servlets. * * @author Craig R. McClanahan - * @version $Revision: 1.44 $ $Date: 2001/04/18 18:59:23 $ + * @version $Revision: 1.45 $ $Date: 2001/05/08 21:22:36 $ */ public final class ContextConfig @@ -280,8 +280,10 @@ if ((constraints == null) || (constraints.length == 0)) return; LoginConfig loginConfig = context.getLoginConfig(); - if (loginConfig == null) - return; + if (loginConfig == null) { + loginConfig = new LoginConfig("NONE", null, null, null); + context.setLoginConfig(loginConfig); + } // Has an authenticator been configured already? if (context instanceof Authenticator)