tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From craig...@apache.org
Subject cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy SecurityConstraint.java
Date Thu, 10 May 2001 23:53:55 GMT
craigmcc    01/05/10 16:53:55

  Modified:    catalina/src/share/org/apache/catalina/authenticator
                        AuthenticatorBase.java
               catalina/src/share/org/apache/catalina/deploy
                        SecurityConstraint.java
  Log:
  Update access control logic to correctly process authentication
  constraints with a "*" <role-name> element, which means that all roles are
  allowed.
  
  Submitted by:	Tony Ng <Tony.Ng@eng.sun.com>
  
  Revision  Changes    Path
  1.13      +11 -5     jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
  
  Index: AuthenticatorBase.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- AuthenticatorBase.java	2001/05/10 19:47:09	1.12
  +++ AuthenticatorBase.java	2001/05/10 23:53:53	1.13
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.12 2001/05/10 19:47:09 craigmcc Exp $
  - * $Revision: 1.12 $
  - * $Date: 2001/05/10 19:47:09 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.13 2001/05/10 23:53:53 craigmcc Exp $
  + * $Revision: 1.13 $
  + * $Date: 2001/05/10 23:53:53 $
    *
    * ====================================================================
    *
  @@ -95,6 +95,7 @@
   import org.apache.catalina.Session;
   import org.apache.catalina.Valve;
   import org.apache.catalina.ValveContext;
  +import org.apache.catalina.core.StandardContext;
   import org.apache.catalina.deploy.LoginConfig;
   import org.apache.catalina.deploy.SecurityConstraint;
   import org.apache.catalina.util.LifecycleSupport;
  @@ -120,7 +121,7 @@
    * requests.  Requests of any other type will simply be passed through.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.12 $ $Date: 2001/05/10 19:47:09 $
  + * @version $Revision: 1.13 $ $Date: 2001/05/10 23:53:53 $
    */
   
   
  @@ -570,6 +571,8 @@
   	Principal principal =
   	    ((HttpServletRequest) request.getRequest()).getUserPrincipal();
   	if (principal == null) {
  +            if (debug >= 2)
  +                log("  No user authenticated, cannot grant access");
   	    ((HttpServletResponse) response.getResponse()).sendError
   		(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
   		 sm.getString("authenticator.notAuthenticated"));
  @@ -582,7 +585,8 @@
   	if (roles == null)
   	    roles = new String[0];
   	if (roles.length == 0) {
  -            if (constraint.getAuthConstraint()) {
  +            if (constraint.getAuthConstraint() &&
  +                !constraint.getAllRoles()) {
                   ((HttpServletResponse) response.getResponse()).sendError
                       (HttpServletResponse.SC_FORBIDDEN,
                        sm.getString("authenticator.forbidden"));
  @@ -1014,6 +1018,8 @@
   	    throw new LifecycleException
   		(sm.getString("authenticator.alreadyStarted"));
   	lifecycle.fireLifecycleEvent(START_EVENT, null);
  +        if (context instanceof StandardContext)
  +            setDebug(((StandardContext) context).getDebug());
   	started = true;
   
           // Look up the SingleSignOn implementation in our request processing
  
  
  
  1.4       +8 -6      jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/SecurityConstraint.java
  
  Index: SecurityConstraint.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/SecurityConstraint.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- SecurityConstraint.java	2000/10/29 00:35:05	1.3
  +++ SecurityConstraint.java	2001/05/10 23:53:54	1.4
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/SecurityConstraint.java,v
1.3 2000/10/29 00:35:05 craigmcc Exp $
  - * $Revision: 1.3 $
  - * $Date: 2000/10/29 00:35:05 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/SecurityConstraint.java,v
1.4 2001/05/10 23:53:54 craigmcc Exp $
  + * $Revision: 1.4 $
  + * $Date: 2001/05/10 23:53:54 $
    *
    * ====================================================================
    *
  @@ -77,7 +77,7 @@
    * this class is synchronized.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.3 $ $Date: 2000/10/29 00:35:05 $
  + * @version $Revision: 1.4 $ $Date: 2001/05/10 23:53:54 $
    */
   
   public final class SecurityConstraint {
  @@ -234,14 +234,16 @@
   
   	if (authRole == null)
   	    return;
  +        if ("*".equals(authRole)) {
  +            allRoles = true;
  +            return;
  +        }
   	String results[] = new String[authRoles.length + 1];
   	for (int i = 0; i < authRoles.length; i++)
   	    results[i] = authRoles[i];
   	results[authRoles.length] = authRole;
   	authRoles = results;
           authConstraint = true;
  -        if ("*".equals(authRole))
  -            allRoles = true;
   
       }
   
  
  
  

Mime
View raw message