On 13/10/2015 21:22, Felix Schumacher wrote: > Am 13.10.2015 um 22:17 schrieb fschumac...@apache.org: >> Author: fschumacher >> Date: Tue Oct 13 20:17:50 2015 >> New Revision: 1708505 >> >> URL: http://svn.apache.org/viewvc?rev=1708505&view=rev >> Log: >> javadoc: Add missing parameter and describe the >> parameters for the newer RFC 2617, which is used for digest >> authentication >> and replaces RFC 2069. >> >> Modified: >> tomcat/trunk/java/org/apache/catalina/Realm.java >> tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java > ... >> Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java >> URL: >> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1708505&r1=1708504&r2=1708505&view=diff >> >> ============================================================================== >> >> --- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original) >> +++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Tue Oct >> 13 20:17:50 2015 >> @@ -329,19 +329,23 @@ public abstract class RealmBase extends >> return getPrincipal(username); >> } >> - >> /** >> - * Return the Principal associated with the specified username, >> which >> + * Try to authenticate with the specified username, which >> * matches the digest calculated using the given parameters >> using the >> - * method described in RFC 2069; otherwise return <code>null</code>. >> + * method described in RFC 2617 (which is a superset of RFC 2069). >> * >> * @param username Username of the Principal to look up >> - * @param clientDigest Digest which has been submitted by the client >> + * @param digest Digest which has been submitted by the client >> * @param nonce Unique (or supposedly unique) token which has >> been used >> * for this request >> + * @param nc the nonce counter >> + * @param cnonce the client chosen nonce >> + * @param qop the "quality of protection" (<code>nc</code> and >> <code>cnonce</code> >> + * will only be used, if <code>qop</code> is not >> <code>null</code>). >> * @param realm Realm name >> * @param md5a2 Second MD5 digest used to calculate the digest : >> * MD5(Method + ":" + uri) >> + * @return the associated principal, or <code>null</code> if >> there is none. >> */ >> @Override >> public Principal authenticate(String username, String clientDigest, > The javadoc on the methods in RealmBase that override the Realm methods > is just duplication. > > Should we really keep them? They would have to be corrected to the same > extend as the ones in Realm and javadoc is intelligent enough to show > the javadoc of the overriden method.
I'd remove the duplication from RealmBase. As you say, it really isn't necessary. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
