tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevin Seguin" <seg...@motive.com>
Subject RE: Fix for AJP13 Connector Authentication Bug !!!
Date Fri, 15 Feb 2002 02:31:19 GMT
i've tested the patch remy checked in and it's now working for me too.  very cool.  thanks
guys :)

> -----Original Message-----
> From: Jonathan Pierce [mailto:Jonathan_Pierce@seagram.com]
> Sent: Thursday, February 14, 2002 6:40 PM
> To: tomcat-dev@jakarta.apache.org
> Subject: Fix for AJP13 Connector Authentication Bug !!!
> 
> 
> 
> I've confirmed the fix for the AJP13 Connector / 
> Authentication problem in
> 4.0.2.
> This solves high priority bugs 5647 and 6219.
> 
> Please have one of the committers confirm the fix and check 
> it in to cvs. 
> 
> The issue was reported in Bug 6219.
> 
> I tested the following modification and it seems to resolve 
> the problem.
> 
> The problem is in 
> org.apache.ajp.tomcat4.Ajp13Request.setAjpRequest The fix is
> below:
> Replace from line 115:
> 
> // String remoteUser = ajp.remoteUser().toString();
>  // if(remoteUser != null)
>  //   setUserPrincipal(new Ajp13Principal(remoteUser));
> 
> String remoteUser = ajp.remoteUser().toString();
> if ((remoteUser != null) && (! remoteUser.equals ("")))
>         {
>             setUserPrincipal(new Ajp13Principal(remoteUser));
>         }
>         else
>         {
>          setUserPrincipal(null);
>     }
> 
> After making this modification, I am able to successfully 
> serve the protected
> example url through the IIS connector and get properly 
> challenged by the login
> screen and am able to login and logout as expected.
> 
> http://localhost/examples/jsp/security/protected/index.jsp
> 
> -Jonathan
> 
> **************************************************************
> **********
> This email and any files transmitted with it are for the 
> named person's use
> only.  It may contain confidential, proprietary or legally privileged
> information.  No confidentiality or privilege is waived or lost by any
> mistransmission.  If you receive this message in error, 
> please immediately
> delete it and all copies of it from your system, destroy any 
> hard copies
> of it and notify the sender.  You must not, directly or 
> indirectly, use,
> disclose, distribute, print, or copy any part of this message if you
> are not the intended recipient.
> 
> This email message has been swept by a virus software product for the
> presence of computer viruses.
> **************************************************************
> ***********
> 
> --
> To unsubscribe, e-mail:   
<mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message