On 14/10/2015 13:00, Arjan Tijms wrote: > Hi there, > > Haven't seen updates for some time here. Wonder what the current > status is and what exactly happened in the last months. Last commits > in the Tomcat repo are from 3 months ago.
The GSoC student took the money and ran at the mid-term evaluation. I should have gone with my first instinct which was to fail them at the mid-term due to lack of effort. Getting back to this is on my TODO list for Tomcat 9. I plan to remove the GSoC work and start again from scratch. While that might seem excessive I simply do not trust the refactoring that Fjodor completed is secure. It will be quicker to re-do the work myself than it will be to check the refactoring line by line. Mark > > Kind regards, > Arjan Tijms > > > > On Thu, Jun 11, 2015 at 10:39 AM, markt [via Tomcat] > <ml-node+s10n5035913...@n6.nabble.com> wrote: >> On 10/06/2015 16:43, Arjan Tijms wrote: >> >>> Hi, >>> >>> On Wed, Jun 10, 2015 at 3:28 PM, markt [via Tomcat] < >>> [hidden email]> wrote: >>> >>>> I don't really understand what the requirement is here. Can you expand / >>>> point me to the part of the spec? >>>> >>> >>> It's simply that from within a SAM you can forward/include to a Servlet >>> using a dispatcher, such that the output of that Servlet is inserted in >>> the >>> response. >> >> Thanks for the clarification. You can do that easily from a Valve in a >> couple of lines of code. No need for extra internal plumbing that I can see. >> >> Mark >> >>> >>> It's in section 3.8.3.4 of the JASPIC spec: >>> >>> >>> "3.8.3.4 >>> Forwards and Includes by Server Authentication Modules >>> >>> The message processing runtime must support the acquisition and use of >>> RequestDispatcher objects by authentication modules within their >>> processing >>> of validateRequest. >>> >>> Under the constraints defined by RequestDispatcher, authentication modules >>> must be able to forward and include using the request and response objects >>> passed in MessageInfo. In particular, an authentication module must be >>> able >>> to acquire a RequestDispatcher from the request obtained from MessageInfo, >>> and uses it to forward the request (and response) to a login form. >>> Authentication modules should catch and rethrow as an AuthException any >>> exception thrown by these methods." >>> >>> >>> A test/example showing this in practice is the following: >>> >>> >>> https://github.com/javaee-samples/javaee7-samples/tree/master/jaspic/dispatching >>> >>> Specifically, this code shows both an include and a forward done by a SAM: >>> >>> public AuthStatus validateRequest(MessageInfo messageInfo, Subject >>> clientSubject, Subject serviceSubject) throws AuthException { >>> try { >>> HttpServletRequest request = (HttpServletRequest) >>> messageInfo.getRequestMessage(); >>> HttpServletResponse response = (HttpServletResponse) >>> messageInfo.getResponseMessage(); >>> >>> if ("include".equals(request.getParameter("dispatch"))) { >>> request.getRequestDispatcher("/includedServlet") >>> .include(request, response); >>> >>> // "Do nothing", required protocol when returning SUCCESS >>> handler.handle(new Callback[] { new >>> CallerPrincipalCallback(clientSubject, (Principal) null) }); >>> >>> // When using includes, the response stays open and the >>> main >>> // resource can also write to the response >>> return SUCCESS; >>> >>> } else { >>> request.getRequestDispatcher("/forwardedServlet") >>> .forward(request, response); >>> >>> // MUST NOT invoke the resource, so CAN NOT return SUCCESS >>> here. >>> return SEND_CONTINUE; >>> } >>> >>> } catch (IOException | ServletException | >>> UnsupportedCallbackException e) { >>> throw (AuthException) new AuthException().initCause(e); >>> } >>> } >>> >>> >>> Sounds good. Thanks for the tip. >>>> >>> >>> You're welcome ;) >>> >>> Kind regards, >>> Arjan Tijms >>> >>> >>> >>> >>>> >>>> Cheers, >>>> >>>> mark >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [hidden email] >>>> <http:///user/SendEmail.jtp?type=node&node=5035887&i=0> >>>> For additional commands, e-mail: [hidden email] >>>> <http:///user/SendEmail.jtp?type=node&node=5035887&i=1> >>>> >>>> >>>> >>>> ------------------------------ >>>> If you reply to this email, your message will be added to the discussion >>>> below: >>>> >>>> >>>> http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5035887.html >>>> To unsubscribe from Consider support for the Servlet profile of JSR 196 >>>> (JASPIC) in Tomcat 7.0.x, click here >>>> < >>>> . >>>> NAML >>>> >>>> <http://tomcat.10.x6.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> >>>> >>> >>> >>> >>> >>> -- >>> View this message in context: >>> http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5035891.html >>> Sent from the Tomcat - Dev mailing list archive at Nabble.com. >>> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [hidden email] >> For additional commands, e-mail: [hidden email] >> >> >> >> ________________________________ >> If you reply to this email, your message will be added to the discussion >> below: >> http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5035913.html >> To unsubscribe from Consider support for the Servlet profile of JSR 196 >> (JASPIC) in Tomcat 7.0.x, click here. >> NAML > > > > > -- > View this message in context: > http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5040745.html > Sent from the Tomcat - Dev mailing list archive at Nabble.com. > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
