tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joe Tribble" <jtrib...@mikart.com>
Subject RE: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator FormAuthenticator.java
Date Mon, 30 Aug 2004 11:56:35 GMT
UNSUBSCRIBE
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Joe R. Tribble
Manager IT Operations
 
Mikart, Inc.
1750 Chattachoochee Avenue
Atlanta, Ga 30318
404-351-4510  x124
jtribble@mikart.com
 

-----Original Message-----
From: remm@apache.org [mailto:remm@apache.org] 
Sent: Friday, August 27, 2004 7:56 PM
To: jakarta-tomcat-catalina-cvs@apache.org
Subject: cvs commit:
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authentic
ator FormAuthenticator.java

remm        2004/08/27 16:56:11

  Modified:    catalina/src/share/org/apache/catalina/authenticator
                        FormAuthenticator.java
  Log:
  - Set the notes even when caching. This is harmless from a performance
standpoint, but since the principal might not be serializable
    it would cause issues with SSO and clustering.
  - Yoav, do you agree on porting this to 5.0.x ?
  
  Revision  Changes    Path
  1.14      +10 -6
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authentic
ator/FormAuthenticator.java
  
  Index: FormAuthenticator.java
  ===================================================================
  RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina
/authenticator/FormAuthenticator.java,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -r1.13 -r1.14
  --- FormAuthenticator.java	7 Jul 2004 16:39:46 -0000	1.13
  +++ FormAuthenticator.java	27 Aug 2004 23:56:11 -0000	1.14
  @@ -171,6 +171,12 @@
               register(request, response, principal,
Constants.FORM_METHOD,
                        (String)
session.getNote(Constants.SESS_USERNAME_NOTE),
                        (String)
session.getNote(Constants.SESS_PASSWORD_NOTE));
  +            // If we're caching principals we no longer need the
username
  +            // and password in the session, so remove them
  +            if (cache) {
  +                session.removeNote(Constants.SESS_USERNAME_NOTE);
  +                session.removeNote(Constants.SESS_PASSWORD_NOTE);
  +            }
               if (restoreRequest(request, session)) {
                   if (log.isDebugEnabled())
                       log.debug("Proceed to restored request");
  @@ -250,11 +256,9 @@
           // Save the authenticated Principal in our session
           session.setNote(Constants.FORM_PRINCIPAL_NOTE, principal);
   
  -        // If we are not caching, save the username and password as
well
  -        if (!cache) {
  -            session.setNote(Constants.SESS_USERNAME_NOTE, username);
  -            session.setNote(Constants.SESS_PASSWORD_NOTE, password);
  -        }
  +        // Save the username and password as well
  +        session.setNote(Constants.SESS_USERNAME_NOTE, username);
  +        session.setNote(Constants.SESS_PASSWORD_NOTE, password);
   
           // Redirect the user to the original request URI (which will
cause
           // the original request to be restored)
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message