tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From amy...@apache.org
Subject cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm Constants.java JAASMemoryLoginModule.java LocalStrings.properties LocalStrings_es.properties LocalStrings_ja.properties RealmBase.java
Date Wed, 07 Aug 2002 20:51:44 GMT
amyroh      2002/08/07 13:51:44

  Modified:    catalina/src/conf tomcat-users.xml
               catalina/src/share/org/apache/catalina Realm.java
               catalina/src/share/org/apache/catalina/authenticator
                        AuthenticatorBase.java
               catalina/src/share/org/apache/catalina/realm Constants.java
                        JAASMemoryLoginModule.java LocalStrings.properties
                        LocalStrings_es.properties
                        LocalStrings_ja.properties RealmBase.java
  Log:
  Refactor o.a.c.authenticator.AuthenticatorBase and o.a.c.RealmBase.
  
  Patch submitted by Jean-francois Arcand.
  
  Revision  Changes    Path
  1.2       +1 -1      jakarta-tomcat-catalina/catalina/src/conf/tomcat-users.xml
  
  Index: tomcat-users.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/conf/tomcat-users.xml,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- tomcat-users.xml	18 Jul 2002 16:48:14 -0000	1.1
  +++ tomcat-users.xml	7 Aug 2002 20:51:44 -0000	1.2
  @@ -4,7 +4,7 @@
     you must define such a user - the username and password are arbitrary.
   -->
   <tomcat-users>
  -  <user name="tomcat" password="tomcat" roles="tomcat" />
  +  <user name="tomcat" password="tomcat,admin" roles="tomcat,admin" />
     <user name="role1"  password="tomcat" roles="role1"  />
     <user name="both"   password="tomcat" roles="tomcat,role1" />
   </tomcat-users>
  
  
  
  1.2       +27 -7     jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/Realm.java
  
  Index: Realm.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/Realm.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- Realm.java	18 Jul 2002 16:47:38 -0000	1.1
  +++ Realm.java	7 Aug 2002 20:51:44 -0000	1.2
  @@ -66,10 +66,11 @@
   
   
   import java.beans.PropertyChangeListener;
  +import java.io.IOException;
   import java.security.Principal;
   import java.security.cert.X509Certificate;
   
  -
  +import org.apache.catalina.deploy.SecurityConstraint;
   /**
    * A <b>Realm</b> is a read-only facade for an underlying security realm
    * used to authenticate individual users, and identify the security roles
  @@ -111,7 +112,7 @@
   
       // --------------------------------------------------------- Public Methods
   
  -
  +    
       /**
        * Add a property change listener to this component.
        *
  @@ -169,8 +170,27 @@
        *  the array being the certificate of the client itself.
        */
       public Principal authenticate(X509Certificate certs[]);
  +    
   
  -
  +    /**
  +     * Perform access control based on the specified authorization constraint.
  +     * Return <code>true</code> if this constraint is satisfied and processing
  +     * should continue, or <code>false</code> otherwise.
  +     *
  +     * @param request Request we are processing
  +     * @param response Response we are creating
  +     * @param constraint Security constraint we are enforcing
  +     * @param The Context to which client of this class is attached.
  +     *
  +     * @exception IOException if an input/output error occurs
  +     */
  +    public boolean hasResourceAccess(HttpRequest request,
  +                                     HttpResponse response,
  +                                     SecurityConstraint constraint,
  +                                     Context context)
  +        throws IOException;
  +    
  +    
       /**
        * Return <code>true</code> if the specified Principal has the specified
        * security role, within the context of this Realm; otherwise return
  
  
  
  1.2       +5 -87     jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
  
  Index: AuthenticatorBase.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- AuthenticatorBase.java	18 Jul 2002 16:48:02 -0000	1.1
  +++ AuthenticatorBase.java	7 Aug 2002 20:51:44 -0000	1.2
  @@ -512,7 +512,7 @@
           if (constraint.getAuthConstraint()) {
               if (debug >= 1)
                   log(" Calling accessControl()");
  -            if (!accessControl(hrequest, hresponse, constraint)) {
  +            if (!this.context.getRealm().hasResourceAccess(hrequest, hresponse, constraint,
this.context)) {
                   if (debug >= 1)
                       log(" Failed accessControl() test");
                   // ASSERT: AccessControl method has already set the appropriate
  @@ -532,88 +532,6 @@
       // ------------------------------------------------------ Protected Methods
   
   
  -    /**
  -     * Perform access control based on the specified authorization constraint.
  -     * Return <code>true</code> if this constraint is satisfied and processing
  -     * should continue, or <code>false</code> otherwise.
  -     *
  -     * @param request Request we are processing
  -     * @param response Response we are creating
  -     * @param constraint Security constraint we are enforcing
  -     *
  -     * @exception IOException if an input/output error occurs
  -     */
  -    protected boolean accessControl(HttpRequest request,
  -                                    HttpResponse response,
  -                                    SecurityConstraint constraint)
  -        throws IOException {
  -
  -        if (constraint == null)
  -            return (true);
  -
  -        // Specifically allow access to the form login and form error pages
  -        // and the "j_security_check" action
  -        LoginConfig config = context.getLoginConfig();
  -        if ((config != null) &&
  -            (Constants.FORM_METHOD.equals(config.getAuthMethod()))) {
  -            String requestURI = request.getDecodedRequestURI();
  -            String loginPage = context.getPath() + config.getLoginPage();
  -            if (loginPage.equals(requestURI)) {
  -                if (debug >= 1)
  -                    log(" Allow access to login page " + loginPage);
  -                return (true);
  -            }
  -            String errorPage = context.getPath() + config.getErrorPage();
  -            if (errorPage.equals(requestURI)) {
  -                if (debug >= 1)
  -                    log(" Allow access to error page " + errorPage);
  -                return (true);
  -            }
  -            if (requestURI.endsWith(Constants.FORM_ACTION)) {
  -                if (debug >= 1)
  -                    log(" Allow access to username/password submission");
  -                return (true);
  -            }
  -        }
  -
  -        // Which user principal have we already authenticated?
  -        Principal principal =
  -            ((HttpServletRequest) request.getRequest()).getUserPrincipal();
  -        if (principal == null) {
  -            if (debug >= 2)
  -                log("  No user authenticated, cannot grant access");
  -            ((HttpServletResponse) response.getResponse()).sendError
  -                (HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
  -                 sm.getString("authenticator.notAuthenticated"));
  -            return (false);
  -        }
  -
  -        // Check each role included in this constraint
  -        Realm realm = context.getRealm();
  -        String roles[] = constraint.findAuthRoles();
  -        if (roles == null)
  -            roles = new String[0];
  -
  -        if (constraint.getAllRoles())
  -            return (true);
  -        if ((roles.length == 0) && (constraint.getAuthConstraint())) {
  -            ((HttpServletResponse) response.getResponse()).sendError
  -                (HttpServletResponse.SC_FORBIDDEN,
  -                 sm.getString("authenticator.forbidden"));
  -            return (false); // No listed roles means no access at all
  -        }
  -        for (int i = 0; i < roles.length; i++) {
  -            if (realm.hasRole(principal, roles[i]))
  -                return (true);
  -        }
  -
  -        // Return a "Forbidden" message denying access to this resource
  -        ((HttpServletResponse) response.getResponse()).sendError
  -            (HttpServletResponse.SC_FORBIDDEN,
  -             sm.getString("authenticator.forbidden"));
  -        return (false);
  -
  -    }
   
   
       /**
  
  
  
  1.2       +11 -4     jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/Constants.java
  
  Index: Constants.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/Constants.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- Constants.java	18 Jul 2002 16:47:54 -0000	1.1
  +++ Constants.java	7 Aug 2002 20:51:44 -0000	1.2
  @@ -76,5 +76,12 @@
   public final class Constants {
   
       public static final String Package = "org.apache.catalina.realm";
  +    
  +        // Authentication methods for login configuration
  +    public static final String FORM_METHOD = "FORM";
  +
  +    // Form based authentication constants
  +    public static final String FORM_ACTION = "/j_security_check";
  +
   
   }
  
  
  
  1.2       +104 -4    jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JAASMemoryLoginModule.java
  
  Index: JAASMemoryLoginModule.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JAASMemoryLoginModule.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- JAASMemoryLoginModule.java	18 Jul 2002 16:47:54 -0000	1.1
  +++ JAASMemoryLoginModule.java	7 Aug 2002 20:51:44 -0000	1.2
  @@ -70,6 +70,7 @@
   import java.util.ArrayList;
   import java.util.HashMap;
   import java.util.Map;
  +
   import java.security.Principal;
   import java.security.cert.X509Certificate;
   import javax.security.auth.Subject;
  @@ -81,8 +82,18 @@
   import javax.security.auth.login.FailedLoginException;
   import javax.security.auth.login.LoginException;
   import javax.security.auth.spi.LoginModule;
  +
  +import javax.servlet.http.HttpServletRequest;
  +import javax.servlet.http.HttpServletResponse;
  +
   import org.apache.catalina.Container;
  +import org.apache.catalina.Context;
  +import org.apache.catalina.HttpRequest;
  +import org.apache.catalina.HttpResponse;
   import org.apache.catalina.Realm;
  +import org.apache.catalina.deploy.LoginConfig;
  +import org.apache.catalina.deploy.SecurityConstraint;
  +import org.apache.catalina.util.StringManager;
   import org.apache.commons.digester.Digester;
   
   
  @@ -163,6 +174,11 @@
        */
       protected HashMap principals = new HashMap();
   
  +    /**
  +     * The string manager for this package.
  +     */
  +    protected static StringManager sm =
  +        StringManager.getManager(Constants.Package);
   
       /**
        * The state information that is shared with other configured
  @@ -561,6 +577,90 @@
           exception.printStackTrace(System.out);
   
       }
  +    
  +    /**
  +     * Perform access control based on the specified authorization constraint.
  +     * Return <code>true</code> if this constraint is satisfied and processing
  +     * should continue, or <code>false</code> otherwise.
  +     *
  +     * @param request Request we are processing
  +     * @param response Response we are creating
  +     * @param constraint Security constraint we are enforcing
  +     * @param The Context to which client of this class is attached.
  +     *
  +     * @exception IOException if an input/output error occurs
  +     */
  +    public boolean hasResourceAccess(HttpRequest request,
  +                                     HttpResponse response,
  +                                     SecurityConstraint constraint,
  +                                     Context context)
  +        throws IOException {
  +
  +        if (constraint == null)
  +            return (true);
  +
  +        // Specifically allow access to the form login and form error pages
  +        // and the "j_security_check" action
  +        LoginConfig config = context.getLoginConfig();
  +        if ((config != null) &&
  +            (Constants.FORM_METHOD.equals(config.getAuthMethod()))) {
  +            String requestURI = request.getDecodedRequestURI();
  +            String loginPage = context.getPath() + config.getLoginPage();
  +            if (loginPage.equals(requestURI)) {
  +                if (debug)
  +                    log(" Allow access to login page " + loginPage);
  +                return (true);
  +            }
  +            String errorPage = context.getPath() + config.getErrorPage();
  +            if (errorPage.equals(requestURI)) {
  +                if (debug)
  +                    log(" Allow access to error page " + errorPage);
  +                return (true);
  +            }
  +            if (requestURI.endsWith(Constants.FORM_ACTION)) {
  +                if (debug)
  +                    log(" Allow access to username/password submission");
  +                return (true);
  +            }
  +        }
  +
  +        // Which user principal have we already authenticated?
  +        Principal principal =
  +            ((HttpServletRequest) request.getRequest()).getUserPrincipal();
  +        if (principal == null) {
  +            if (debug)
  +                log("  No user authenticated, cannot grant access");
  +            ((HttpServletResponse) response.getResponse()).sendError
  +                (HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
  +                 sm.getString("realmBase.notAuthenticated"));
  +            return (false);
  +        }
  +
  +        String roles[] = constraint.findAuthRoles();
  +        if (roles == null)
  +            roles = new String[0];
  +
  +        if (constraint.getAllRoles())
  +            return (true);
  +        if ((roles.length == 0) && (constraint.getAuthConstraint())) {
  +            ((HttpServletResponse) response.getResponse()).sendError
  +                (HttpServletResponse.SC_FORBIDDEN,
  +                 sm.getString("realmBase.forbidden"));
  +            return (false); // No listed roles means no access at all
  +        }
  +        for (int i = 0; i < roles.length; i++) {
  +            if (hasRole(principal, roles[i]))
  +                return (true);
  +        }
  +
  +        // Return a "Forbidden" message denying access to this resource
  +        ((HttpServletResponse) response.getResponse()).sendError
  +            (HttpServletResponse.SC_FORBIDDEN,
  +             sm.getString("realmBase.forbidden"));
  +        return (false);
  +
  +    } 
  +    
   
   
   }
  
  
  
  1.2       +4 -1      jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings.properties
  
  Index: LocalStrings.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings.properties,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- LocalStrings.properties	18 Jul 2002 16:47:54 -0000	1.1
  +++ LocalStrings.properties	7 Aug 2002 20:51:44 -0000	1.2
  @@ -27,8 +27,10 @@
   realmBase.algorithm=Invalid message digest algorithm {0} specified
   realmBase.alreadyStarted=This Realm has already been started
   realmBase.digest=Error digesting user credentials
  +realmBase.forbidden=Access to the requested resource has been denied
   realmBase.hasRoleFailure=Username {0} does NOT have role {1}
   realmBase.hasRoleSuccess=Username {0} has role {1}
  +realmBase.notAuthenticated=Configuration error:  Cannot perform access control without
an authenticated principal
   realmBase.notStarted=This Realm has not yet been started
   userDatabaseRealm.authenticateError=Login configuration error authenticating username {0}
   userDatabaseRealm.authenticateFailure=Username {0} NOT successfully authenticated
  @@ -37,3 +39,4 @@
   userDatabaseRealm.noDatabase=No UserDatabase component found under key {0}
   userDatabaseRealm.noEngine=No Engine component found in container hierarchy
   userDatabaseRealm.noGlobal=No global JNDI resources context found
  +
  
  
  
  1.2       +3 -1      jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings_es.properties
  
  Index: LocalStrings_es.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings_es.properties,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- LocalStrings_es.properties	18 Jul 2002 16:47:54 -0000	1.1
  +++ LocalStrings_es.properties	7 Aug 2002 20:51:44 -0000	1.2
  @@ -28,7 +28,9 @@
   realmBase.algorithm=El algoritmo digest {0} es invalido
   realmBase.alreadyStarted=Este dominio ya ha sido inicializado
   realmBase.digest=Error procesando las credenciales del usuario
  +realmBase.forbidden=El acceso al recurso pedido ha sido denegado
   realmBase.hasRoleFailure=El usuario {0} NO tiene el rol {1}
   realmBase.hasRoleSuccess=El usuario {0} tiene el rol {1}
  +realmBase.notAuthenticated=Error de Configuracion: No se puede realizar funciones de control
de acceso sin un principal autentificado
   realmBase.notStarted=Este dominio aśn no ha sido inicializado
   
  
  
  
  1.2       +3 -1      jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings_ja.properties
  
  Index: LocalStrings_ja.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings_ja.properties,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- LocalStrings_ja.properties	18 Jul 2002 16:47:54 -0000	1.1
  +++ LocalStrings_ja.properties	7 Aug 2002 20:51:44 -0000	1.2
  @@ -22,6 +22,8 @@
   realmBase.algorithm=\u7121\u52b9\u306a\u30e1\u30c3\u30bb\u30fc\u30b8\u30c0\u30a4\u30b8\u30a7\u30b9\u30c8\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0
{0} \u304c\u6307\u5b9a\u3055\u308c\u3066\u3044\u307e\u3059
   realmBase.alreadyStarted=\u3053\u306e\u30ec\u30eb\u30e0\u306f\u3059\u3067\u306b\u8d77\u52d5\u3055\u308c\u3066\u3044\u307e\u3059
   realmBase.digest=\u30e6\u30fc\u30b6\u306e\u8a3c\u660e\u66f8\u306e\u8981\u7d04\u30a8\u30e9\u30fc
  +realmBase.forbidden=\u30ea\u30af\u30a8\u30b9\u30c8\u3055\u308c\u305f\u30ea\u30bd\u30fc\u30b9\u3078\u306e\u30a2\u30af\u30bb\u30b9\u304c\u62d2\u5426\u3055\u308c\u307e\u3057\u305f
   realmBase.hasRoleFailure=\u30e6\u30fc\u30b6\u540d {0} \u306f\u3001\u30ed\u30fc\u30eb {1}
\u3092\u6301\u3063\u3066\u3044\u307e\u305b\u3093
   realmBase.hasRoleSuccess=\u30e6\u30fc\u30b6\u540d {0} \u306f\u3001\u30ed\u30fc\u30eb {1}
\u3092\u6301\u3063\u3066\u3044\u307e\u3059
  +realmBase.notAuthenticated=\u8a2d\u5b9a\u30a8\u30e9\u30fc:  \u8a3c\u660e\u3055\u308c\u305f\u4e3b\u4f53\u306a\u3057\u306b\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u3092\u5b9f\u884c\u3067\u304d\u307e\u305b\u3093
   realmBase.notStarted=\u3053\u306e\u30ec\u30eb\u30e0\u306f\u307e\u3060\u8d77\u52d5\u3055\u308c\u3066\u3044\u307e\u305b\u3093
  
  
  
  1.2       +99 -5     jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java
  
  Index: RealmBase.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- RealmBase.java	18 Jul 2002 16:47:55 -0000	1.1
  +++ RealmBase.java	7 Aug 2002 20:51:44 -0000	1.2
  @@ -72,13 +72,23 @@
   import java.security.NoSuchAlgorithmException;
   import java.security.cert.X509Certificate;
   import java.io.File;
  +import java.io.IOException;
  +
  +import javax.servlet.http.HttpServletRequest;
  +import javax.servlet.http.HttpServletResponse;
  +
   import org.apache.catalina.Container;
  +import org.apache.catalina.Context;
  +import org.apache.catalina.HttpRequest;
  +import org.apache.catalina.HttpResponse;
   import org.apache.catalina.Lifecycle;
   import org.apache.catalina.LifecycleEvent;
   import org.apache.catalina.LifecycleException;
   import org.apache.catalina.LifecycleListener;
   import org.apache.catalina.Logger;
   import org.apache.catalina.Realm;
  +import org.apache.catalina.deploy.LoginConfig;
  +import org.apache.catalina.deploy.SecurityConstraint;
   import org.apache.catalina.util.HexUtils;
   import org.apache.catalina.util.LifecycleSupport;
   import org.apache.catalina.util.StringManager;
  @@ -285,6 +295,7 @@
       // --------------------------------------------------------- Public Methods
   
   
  +    
       /**
        * Add a property change listener to this component.
        *
  @@ -418,7 +429,91 @@
   
       }
   
  +    
  +    /**
  +     * Perform access control based on the specified authorization constraint.
  +     * Return <code>true</code> if this constraint is satisfied and processing
  +     * should continue, or <code>false</code> otherwise.
  +     *
  +     * @param request Request we are processing
  +     * @param response Response we are creating
  +     * @param constraint Security constraint we are enforcing
  +     * @param The Context to which client of this class is attached.
  +     *
  +     * @exception IOException if an input/output error occurs
  +     */
  +    public boolean hasResourceAccess(HttpRequest request,
  +                                     HttpResponse response,
  +                                     SecurityConstraint constraint,
  +                                     Context context)
  +        throws IOException {
  +
  +        if (constraint == null)
  +            return (true);
  +
  +        // Specifically allow access to the form login and form error pages
  +        // and the "j_security_check" action
  +        LoginConfig config = context.getLoginConfig();
  +        if ((config != null) &&
  +            (Constants.FORM_METHOD.equals(config.getAuthMethod()))) {
  +            String requestURI = request.getDecodedRequestURI();
  +            String loginPage = context.getPath() + config.getLoginPage();
  +            if (loginPage.equals(requestURI)) {
  +                if (debug >= 1)
  +                    log(" Allow access to login page " + loginPage);
  +                return (true);
  +            }
  +            String errorPage = context.getPath() + config.getErrorPage();
  +            if (errorPage.equals(requestURI)) {
  +                if (debug >= 1)
  +                    log(" Allow access to error page " + errorPage);
  +                return (true);
  +            }
  +            if (requestURI.endsWith(Constants.FORM_ACTION)) {
  +                if (debug >= 1)
  +                    log(" Allow access to username/password submission");
  +                return (true);
  +            }
  +        }
   
  +        // Which user principal have we already authenticated?
  +        Principal principal =
  +            ((HttpServletRequest) request.getRequest()).getUserPrincipal();
  +        if (principal == null) {
  +            if (debug >= 2)
  +                log("  No user authenticated, cannot grant access");
  +            ((HttpServletResponse) response.getResponse()).sendError
  +                (HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
  +                 sm.getString("realmBase.notAuthenticated"));
  +            return (false);
  +        }
  +
  +        String roles[] = constraint.findAuthRoles();
  +        if (roles == null)
  +            roles = new String[0];
  +
  +        if (constraint.getAllRoles())
  +            return (true);
  +        if ((roles.length == 0) && (constraint.getAuthConstraint())) {
  +            ((HttpServletResponse) response.getResponse()).sendError
  +                (HttpServletResponse.SC_FORBIDDEN,
  +                 sm.getString("realmBase.forbidden"));
  +            return (false); // No listed roles means no access at all
  +        }
  +        for (int i = 0; i < roles.length; i++) {
  +            if (hasRole(principal, roles[i]))
  +                return (true);
  +        }
  +
  +        // Return a "Forbidden" message denying access to this resource
  +        ((HttpServletResponse) response.getResponse()).sendError
  +            (HttpServletResponse.SC_FORBIDDEN,
  +             sm.getString("realmBase.forbidden"));
  +        return (false);
  +
  +    }
  +    
  +    
       /**
        * Return <code>true</code> if the specified Principal has the specified
        * security role, within the context of this Realm; otherwise return
  @@ -730,6 +825,5 @@
           }
   
       }
  -
   
   }
  
  
  

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message