tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r365362 - /tomcat/container/branches/tc4.1.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
Date Mon, 02 Jan 2006 15:40:12 GMT
Author: markt
Date: Mon Jan  2 07:40:09 2006
New Revision: 365362

URL: http://svn.apache.org/viewcvs?rev=365362&view=rev
Log:
Fix bug 15570. Magic role of * was interpreted as all authenticated
users rather than as all roles defined in web.xml

Modified:
    tomcat/container/branches/tc4.1.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java

Modified: tomcat/container/branches/tc4.1.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
URL: http://svn.apache.org/viewcvs/tomcat/container/branches/tc4.1.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java?rev=365362&r1=365361&r2=365362&view=diff
==============================================================================
--- tomcat/container/branches/tc4.1.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
(original)
+++ tomcat/container/branches/tc4.1.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
Mon Jan  2 07:40:09 2006
@@ -566,10 +566,14 @@
         }
 
         // Check each role included in this constraint
-        if (constraint.getAllRoles())
-            return (true);
+        String roles[];
+        if (constraint.getAllRoles()) {
+            // * means all roles defined in web.xml
+            roles = context.findSecurityRoles();
+        } else {
+            roles = constraint.findAuthRoles();
+        }
         
-        String roles[] = constraint.findAuthRoles();
         if (roles == null)
             roles = new String[0];
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message