tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java
Date Sat, 03 Nov 2001 06:52:05 GMT
remm        01/11/02 22:52:05

  Modified:    catalina/src/share/org/apache/catalina/authenticator
                        AuthenticatorBase.java
  Log:
  - Fix a problem with auth constraints, where roles wouldn't get processed right.
    For example, this would be failing:
      <auth-constraint>
        <role-name>foo</role-name>
        <role-name>foo2</role-name>
        <role-name>*</role-name>
      </auth-constraint>
    (Of course, 'foo' and 'foo2' really don't add anything, but it should still work).
  
  Revision  Changes    Path
  1.24      +12 -13    jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
  
  Index: AuthenticatorBase.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
  retrieving revision 1.23
  retrieving revision 1.24
  diff -u -r1.23 -r1.24
  --- AuthenticatorBase.java	2001/08/03 22:39:33	1.23
  +++ AuthenticatorBase.java	2001/11/03 06:52:05	1.24
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.23 2001/08/03 22:39:33 craigmcc Exp $
  - * $Revision: 1.23 $
  - * $Date: 2001/08/03 22:39:33 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.24 2001/11/03 06:52:05 remm Exp $
  + * $Revision: 1.24 $
  + * $Date: 2001/11/03 06:52:05 $
    *
    * ====================================================================
    *
  @@ -121,7 +121,7 @@
    * requests.  Requests of any other type will simply be passed through.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.23 $ $Date: 2001/08/03 22:39:33 $
  + * @version $Revision: 1.24 $ $Date: 2001/11/03 06:52:05 $
    */
   
   
  @@ -585,15 +585,14 @@
           String roles[] = constraint.findAuthRoles();
           if (roles == null)
               roles = new String[0];
  -        if (roles.length == 0) {
  -            if (constraint.getAuthConstraint() &&
  -                !constraint.getAllRoles()) {
  -                ((HttpServletResponse) response.getResponse()).sendError
  -                    (HttpServletResponse.SC_FORBIDDEN,
  -                     sm.getString("authenticator.forbidden"));
  -                return (false); // No listed roles means no access at all
  -            } else
  -                return (true);  // Authenticated user is sufficient
  +
  +        if (constraint.getAllRoles())
  +            return (true);
  +        if ((roles.length == 0) && (constraint.getAuthConstraint())) {
  +            ((HttpServletResponse) response.getResponse()).sendError
  +                (HttpServletResponse.SC_FORBIDDEN,
  +                 sm.getString("authenticator.forbidden"));
  +            return (false); // No listed roles means no access at all
           }
           for (int i = 0; i < roles.length; i++) {
               if (realm.hasRole(principal, roles[i]))
  
  
  

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message