tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kkoli...@apache.org
Subject svn commit: r1381035 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/realm/RealmBase.java webapps/docs/changelog.xml
Date Wed, 05 Sep 2012 07:10:10 GMT
Author: kkolinko
Date: Wed Sep  5 07:10:10 2012
New Revision: 1381035

URL: http://svn.apache.org/viewvc?rev=1381035&view=rev
Log:
Backport revision 1377887 from tomcat/trunk:
Remove unneeded handling of FORM authentication in RealmBase.

Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt
    tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java
    tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1381035&r1=1381034&r2=1381035&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Wed Sep  5 07:10:10 2012
@@ -142,12 +142,6 @@ PATCHES PROPOSED TO BACKPORT:
   +1: kkolinko, kfujino, jfclere
   -1:
 
-* Remove unneeded handling of FORM authentication in RealmBase
-  http://svn.apache.org/viewvc?rev=1377887&view=rev
-  (r1377892 in 7.0)
-  +1: kkolinko, kfujino, jfclere
-  -1:
-
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53793
   Change links on the list of applications in the Manager to point to
   '/appname/' instead of '/appname'.

Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1381035&r1=1381034&r2=1381035&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java Wed Sep  5 07:10:10
2012
@@ -45,7 +45,6 @@ import org.apache.catalina.Realm;
 import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
 import org.apache.catalina.core.ContainerBase;
-import org.apache.catalina.deploy.LoginConfig;
 import org.apache.catalina.deploy.SecurityConstraint;
 import org.apache.catalina.deploy.SecurityCollection;
 import org.apache.catalina.util.HexUtils;
@@ -766,31 +765,6 @@ public abstract class RealmBase
         if (constraints == null || constraints.length == 0)
             return (true);
 
-        // Specifically allow access to the form login and form error pages
-        // and the "j_security_check" action
-        LoginConfig config = context.getLoginConfig();
-        if ((config != null) &&
-            (Constants.FORM_METHOD.equals(config.getAuthMethod()))) {
-            String requestURI = request.getRequestPathMB().toString();
-            String loginPage = config.getLoginPage();
-            if (loginPage.equals(requestURI)) {
-                if (log.isDebugEnabled())
-                    log.debug(" Allow access to login page " + loginPage);
-                return (true);
-            }
-            String errorPage = config.getErrorPage();
-            if (errorPage.equals(requestURI)) {
-                if (log.isDebugEnabled())
-                    log.debug(" Allow access to error page " + errorPage);
-                return (true);
-            }
-            if (requestURI.endsWith(Constants.FORM_ACTION)) {
-                if (log.isDebugEnabled())
-                    log.debug(" Allow access to username/password submission");
-                return (true);
-            }
-        }
-
         // Which user principal have we already authenticated?
         Principal principal = request.getPrincipal();
         boolean status = false;

Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1381035&r1=1381034&r2=1381035&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Wed Sep  5 07:10:10 2012
@@ -198,6 +198,9 @@
         session by default, tracking server rather than client nonces and better
         handling of stale nonce values. (markt)
       </fix>
+      <fix>
+        Remove unneeded handling of FORM authentication in RealmBase. (kkolinko)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message