tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonathan_Pie...@seagram.com (Jonathan Pierce)
Subject Fix for AJP13 Connector Authentication Bug !!!
Date Fri, 15 Feb 2002 00:39:43 GMT

I've confirmed the fix for the AJP13 Connector / Authentication problem in
4.0.2.
This solves high priority bugs 5647 and 6219.

Please have one of the committers confirm the fix and check it in to cvs. 

The issue was reported in Bug 6219.

I tested the following modification and it seems to resolve the problem.

The problem is in org.apache.ajp.tomcat4.Ajp13Request.setAjpRequest The fix is
below:
Replace from line 115:

// String remoteUser = ajp.remoteUser().toString();
 // if(remoteUser != null)
 //   setUserPrincipal(new Ajp13Principal(remoteUser));

String remoteUser = ajp.remoteUser().toString();
if ((remoteUser != null) && (! remoteUser.equals ("")))
        {
            setUserPrincipal(new Ajp13Principal(remoteUser));
        }
        else
        {
         setUserPrincipal(null);
    }

After making this modification, I am able to successfully serve the protected
example url through the IIS connector and get properly challenged by the login
screen and am able to login and logout as expected.

http://localhost/examples/jsp/security/protected/index.jsp

-Jonathan

************************************************************************
This email and any files transmitted with it are for the named person's use
only.  It may contain confidential, proprietary or legally privileged
information.  No confidentiality or privilege is waived or lost by any
mistransmission.  If you receive this message in error, please immediately
delete it and all copies of it from your system, destroy any hard copies
of it and notify the sender.  You must not, directly or indirectly, use,
disclose, distribute, print, or copy any part of this message if you
are not the intended recipient.

This email message has been swept by a virus software product for the
presence of computer viruses.
*************************************************************************

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message