tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From billbar...@apache.org
Subject cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm LocalStrings.properties LocalStrings_es.properties LocalStrings_fr.properties LocalStrings_ja.properties RealmBase.java UserDatabaseRealm.java
Date Sat, 03 Jul 2004 04:16:41 GMT
billbarker    2004/07/02 21:16:41

  Modified:    catalina/src/share/org/apache/catalina/realm
                        LocalStrings.properties LocalStrings_es.properties
                        LocalStrings_fr.properties
                        LocalStrings_ja.properties RealmBase.java
                        UserDatabaseRealm.java
  Log:
  Fixing UDBRealm to work with Digest and Client-Cert.
  
  Also fixing authenticate(String, String) in RealmBase to handle digested passwords correctly.
  
  Revision  Changes    Path
  1.6       +3 -3      jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings.properties
  
  Index: LocalStrings.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings.properties,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- LocalStrings.properties	12 Dec 2003 22:37:58 -0000	1.5
  +++ LocalStrings.properties	3 Jul 2004 04:16:41 -0000	1.6
  @@ -33,9 +33,9 @@
   realmBase.hasRoleSuccess=Username {0} has role {1}
   realmBase.notAuthenticated=Configuration error:  Cannot perform access control without
an authenticated principal
   realmBase.notStarted=This Realm has not yet been started
  +realmBase.authenticateFailure=Username {0} NOT successfully authenticated
  +realmBase.authenticateSuccess=Username {0} successfully authenticated
   userDatabaseRealm.authenticateError=Login configuration error authenticating username {0}
  -userDatabaseRealm.authenticateFailure=Username {0} NOT successfully authenticated
  -userDatabaseRealm.authenticateSuccess=Username {0} successfully authenticated
   userDatabaseRealm.lookup=Exception looking up UserDatabase under key {0}
   userDatabaseRealm.noDatabase=No UserDatabase component found under key {0}
   userDatabaseRealm.noEngine=No Engine component found in container hierarchy
  
  
  
  1.6       +3 -3      jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings_es.properties
  
  Index: LocalStrings_es.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings_es.properties,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- LocalStrings_es.properties	17 Jan 2004 01:43:58 -0000	1.5
  +++ LocalStrings_es.properties	3 Jul 2004 04:16:41 -0000	1.6
  @@ -33,9 +33,9 @@
   realmBase.hasRoleSuccess=El usuario {0} desempeña el papel de {1}
   realmBase.notAuthenticated=Error de Configuración: No se pueden realizar funciones de control
de acceso sin un principal autentificado
   realmBase.notStarted=Este dominio aún no ha sido inicializado
  +realmBase.authenticateFailure=Nombre de usuario {0} NO autenticado con éxito
  +realmBase.authenticateSuccess=Nombre de usuario {0} autenticado con éxito
   userDatabaseRealm.authenticateError=Error de configuración de Login autenticando nombre
de usuario {0}
  -userDatabaseRealm.authenticateFailure=Nombre de usuario {0} NO autenticado con éxito
  -userDatabaseRealm.authenticateSuccess=Nombre de usuario {0} autenticado con éxito
   userDatabaseRealm.lookup=Excepción buscando en Base de datos de Usuario mediante la clave
{0}
   userDatabaseRealm.noDatabase=No se ha hallado componente de Base de datos de Usuario mediante
la clave {0}
   userDatabaseRealm.noEngine=No se ha hallado componente de Motor en jerarquía de contenedor
  
  
  
  1.3       +3 -3      jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings_fr.properties
  
  Index: LocalStrings_fr.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings_fr.properties,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- LocalStrings_fr.properties	12 Dec 2003 22:37:58 -0000	1.2
  +++ LocalStrings_fr.properties	3 Jul 2004 04:16:41 -0000	1.3
  @@ -32,9 +32,9 @@
   realmBase.hasRoleSuccess=Le nom d''utilisateur {0} a pour rôle {1}
   realmBase.notAuthenticated=Erreur de configuration:  Impossible de conduire un contrôle
d''accès sans un authentifié principal (authenticated principal)
   realmBase.notStarted=Ce royaume (Realm) n''a pas encore été démarré
  +realmBase.authenticateFailure=Le nom d''utilisateur {0} N''A PAS été authentifié
  +realmBase.authenticateSuccess=Le nom d''utilisateur {0} a été authentifié avec succès
   userDatabaseRealm.authenticateError=Erreur de configuration du contrôle d''accès (login)
lors de l''authentification du nom d''utilisateur {0}
  -userDatabaseRealm.authenticateFailure=Le nom d''utilisateur {0} N''A PAS été authentifié
  -userDatabaseRealm.authenticateSuccess=Le nom d''utilisateur {0} a été authentifié avec
succès
   userDatabaseRealm.lookup=Exception lors de la recherche dans la base de données utilisateurs
avec la clef {0}
   userDatabaseRealm.noDatabase=Aucun composant base de données utilisateurs trouvé pour la
clef {0}
   userDatabaseRealm.noEngine=Aucun composant moteur (engine component) trouvé dans la hiérarchie
des conteneurs
  
  
  
  1.7       +3 -3      jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings_ja.properties
  
  Index: LocalStrings_ja.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/LocalStrings_ja.properties,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- LocalStrings_ja.properties	12 Dec 2003 22:37:58 -0000	1.6
  +++ LocalStrings_ja.properties	3 Jul 2004 04:16:41 -0000	1.7
  @@ -33,9 +33,9 @@
   realmBase.hasRoleSuccess=\u30e6\u30fc\u30b6\u540d {0} \u306f\u30ed\u30fc\u30eb {1} \u3092\u6301\u3063\u3066\u3044\u307e\u3059
   realmBase.notAuthenticated=\u8a2d\u5b9a\u30a8\u30e9\u30fc:  \u8a8d\u8a3c\u3055\u308c\u305f\u4e3b\u4f53\u306a\u3057\u3067\u306f\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u304c\u5b9f\u884c\u3067\u304d\u307e\u305b\u3093
   realmBase.notStarted=\u3053\u306e\u30ec\u30eb\u30e0\u306f\u307e\u3060\u8d77\u52d5\u3055\u308c\u3066\u3044\u307e\u305b\u3093
  +realmBase.authenticateFailure=\u30e6\u30fc\u30b6\u540d {0} \u306f\u8a8d\u8a3c\u306b\u5931\u6557\u3057\u307e\u3057\u305f
  +realmBase.authenticateSuccess=\u30e6\u30fc\u30b6\u540d {0} \u306f\u8a8d\u8a3c\u306b\u6210\u529f\u3057\u307e\u3057\u305f
   userDatabaseRealm.authenticateError=\u30e6\u30fc\u30b6\u540d {0} \u3092\u8a8d\u8a3c\u4e2d\u306b\u30ed\u30b0\u30a4\u30f3\u8a2d\u5b9a\u30a8\u30e9\u30fc\u304c\u767a\u751f\u3057\u307e\u3057\u305f
  -userDatabaseRealm.authenticateFailure=\u30e6\u30fc\u30b6\u540d {0} \u306f\u8a8d\u8a3c\u306b\u5931\u6557\u3057\u307e\u3057\u305f
  -userDatabaseRealm.authenticateSuccess=\u30e6\u30fc\u30b6\u540d {0} \u306f\u8a8d\u8a3c\u306b\u6210\u529f\u3057\u307e\u3057\u305f
   userDatabaseRealm.lookup=\u30ad\u30fc {0} \u3067\u30e6\u30fc\u30b6\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u3092\u691c\u7d22\u4e2d\u306e\u4f8b\u5916\u3067\u3059
   userDatabaseRealm.noDatabase=\u30ad\u30fc {0} \u3067\u30e6\u30fc\u30b6\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u304c\u898b\u3064\u304b\u308a\u307e\u305b\u3093
   userDatabaseRealm.noEngine=\u30b3\u30f3\u30c6\u30ca\u968e\u5c64\u4e2d\u306b\u30a8\u30f3\u30b8\u30f3\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u304c\u898b\u3064\u304b\u308a\u307e\u305b\u3093
  
  
  
  1.36      +21 -4     jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java
  
  Index: RealmBase.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java,v
  retrieving revision 1.35
  retrieving revision 1.36
  diff -u -r1.35 -r1.36
  --- RealmBase.java	23 Jun 2004 13:51:37 -0000	1.35
  +++ RealmBase.java	3 Jul 2004 04:16:41 -0000	1.36
  @@ -250,12 +250,29 @@
   
           String serverCredentials = getPassword(username);
   
  -        if ( (serverCredentials == null)
  -             || (!serverCredentials.equals(credentials)) )
  +        boolean validated ;
  +        if ( serverCredentials == null ) {
  +            validated = false;
  +        } else if(hasMessageDigest()) {
  +            validated = serverCredentials.equalsIgnoreCase(digest(credentials));
  +        } else {
  +            validated = serverCredentials.equals(credentials);
  +        }
  +        if(! validated ) {
  +            if (container.getLogger().isTraceEnabled()) {
  +                container.getLogger().
  +                    trace(sm.getString("realmBase.authenticateFailure",
  +                                 username));
  +            }
               return null;
  +        }
  +        if (container.getLogger().isTraceEnabled()) {
  +            container.getLogger().
  +                trace(sm.getString("realmBase.authenticateSuccess",
  +                             username));
  +        }
   
           return getPrincipal(username);
  -
       }
   
   
  
  
  
  1.7       +31 -60    jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/UserDatabaseRealm.java
  
  Index: UserDatabaseRealm.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/UserDatabaseRealm.java,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- UserDatabaseRealm.java	23 Jun 2004 13:51:37 -0000	1.6
  +++ UserDatabaseRealm.java	3 Jul 2004 04:16:41 -0000	1.7
  @@ -130,72 +130,43 @@
   
   
       /**
  -     * Return the Principal associated with the specified username and
  -     * credentials, if there is one; otherwise return <code>null</code>.
  +     * Return <code>true</code> if the specified Principal has the specified
  +     * security role, within the context of this Realm; otherwise return
  +     * <code>false</code>. This implementation returns <code>true</code>
  +     * if the <code>User</code> has the role, or if any <code>Group</code>
  +     * that the <code>User</code> is a member of has the role. 
        *
  -     * @param username Username of the Principal to look up
  -     * @param credentials Password or other credentials to use in
  -     *  authenticating this username
  +     * @param principal Principal for whom the role is to be checked
  +     * @param role Security role to be checked
        */
  -    public Principal authenticate(String username, String credentials) {
  -
  -        // Does a user with this username exist?
  -        User user = database.findUser(username);
  -        if (user == null) {
  -            return (null);
  +    public boolean hasRole(Principal principal, String role) {
  +        if(! (principal instanceof User) ) {
  +            //Play nice with SSO and mixed Realms
  +            return super.hasRole(principal, role);
  +        }
  +        if("*".equals(role)) {
  +            return true;
  +        } else if(role == null) {
  +            return false;
  +        }
  +        User user = (User)principal;
  +        Role dbrole = database.findRole(role);
  +        if(dbrole == null) {
  +            return false; 
           }
  -
  -        // Do the credentials specified by the user match?
  -        // FIXME - Update all realms to support encoded passwords
  -        boolean validated = false;
  -        if (hasMessageDigest()) {
  -            // Hex hashes should be compared case-insensitive
  -            validated = (digest(credentials)
  -                         .equalsIgnoreCase(user.getPassword()));
  -        } else {
  -            validated =
  -                (digest(credentials).equals(user.getPassword()));
  -        }
  -        if (!validated) {
  -            if (container.getLogger().isTraceEnabled()) {
  -                container.getLogger().trace(sm.getString("userDatabaseRealm.authenticateFailure",
  -                                 username));
  -            }
  -            return (null);
  -        }
  -
  -        // Construct a GenericPrincipal that represents this user
  -        if (container.getLogger().isTraceEnabled()) {
  -            container.getLogger().trace(sm.getString("userDatabaseRealm.authenticateSuccess",
  -                             username));
  -        }
  -        ArrayList combined = new ArrayList();
  -        Iterator roles = user.getRoles();
  -        while (roles.hasNext()) {
  -            Role role = (Role) roles.next();
  -            String rolename = role.getRolename();
  -            if (!combined.contains(rolename)) {
  -                combined.add(rolename);
  -            }
  +        if(user.isInRole(dbrole)) {
  +            return true;
           }
           Iterator groups = user.getGroups();
  -        while (groups.hasNext()) {
  -            Group group = (Group) groups.next();
  -            roles = group.getRoles();
  -            while (roles.hasNext()) {
  -                Role role = (Role) roles.next();
  -                String rolename = role.getRolename();
  -                if (!combined.contains(rolename)) {
  -                    combined.add(rolename);
  -                }
  +        while(groups.hasNext()) {
  +            Group group = (Group)groups.next();
  +            if(group.isInRole(dbrole)) {
  +                return true;
               }
           }
  -        return (new GenericPrincipal(this, user.getUsername(),
  -                                     user.getPassword(), combined));
  -
  +        return false;
       }
  -
  -
  +		
       // ------------------------------------------------------ Protected Methods
   
   
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message