realm: DataSourceRealm.java JDBCRealm.java MemoryRealm.java RealmBase.java

schultz Sat, 27 Aug 2016 04:47:56 -0700

Author: schultz
Date: Sat Aug 27 11:47:09 2016
New Revision: 1757997

URL: http://svn.apache.org/viewvc?rev=1757997&view=rev
Log:
Align Realm.authenticate(String,String) code to work the same way across all 
appropriate realms: logging, order of operations, code comments, etc.


Modified:
    tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java
    tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java
    tomcat/trunk/java/org/apache/catalina/realm/MemoryRealm.java
    tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java

Modified: tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java?rev=1757997&r1=1757996&r2=1757997&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java Sat Aug 27 
11:47:09 2016
@@ -287,16 +287,26 @@ public class DataSourceRealm extends Rea
      * @return the associated principal, or <code>null</code> if there is none.
      */
     protected Principal authenticate(Connection dbConnection,
-                                               String username,
-                                               String credentials) {
+                                     String username,
+                                     String credentials) {
+        // No user or no credentials
+        // Can't possibly authenticate, don't bother the database then
+        if (username == null || credentials == null) {
+            if (containerLog.isTraceEnabled())
+                
containerLog.trace(sm.getString("dataSourceRealm.authenticateFailure",
+                                                username));
+            return null;
+        }
 
+        // Look up the user's credentials
         String dbCredentials = getPassword(dbConnection, username);
 
-        if (credentials == null || dbCredentials == null) {
+        if(dbCredentials == null) {
+            // User was not found in the database.
+
             if (containerLog.isTraceEnabled())
-                containerLog.trace(
-                    sm.getString("dataSourceRealm.authenticateFailure",
-                                 username));
+                
containerLog.trace(sm.getString("dataSourceRealm.authenticateFailure",
+                                                username));
             return null;
         }
 
@@ -305,15 +315,13 @@ public class DataSourceRealm extends Rea
 
         if (validated) {
             if (containerLog.isTraceEnabled())
-                containerLog.trace(
-                    sm.getString("dataSourceRealm.authenticateSuccess",
-                                 username));
+                
containerLog.trace(sm.getString("dataSourceRealm.authenticateSuccess",
+                                                username));
         } else {
             if (containerLog.isTraceEnabled())
-                containerLog.trace(
-                    sm.getString("dataSourceRealm.authenticateFailure",
-                                 username));
-            return (null);
+                
containerLog.trace(sm.getString("dataSourceRealm.authenticateFailure",
+                                                username));
+            return null;
         }
 
         ArrayList<String> list = getRoles(dbConnection, username);

Modified: tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java?rev=1757997&r1=1757996&r2=1757997&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java Sat Aug 27 
11:47:09 2016
@@ -370,10 +370,12 @@ public class JDBCRealm
     public synchronized Principal authenticate(Connection dbConnection,
                                                String username,
                                                String credentials) {
-
         // No user or no credentials
         // Can't possibly authenticate, don't bother the database then
         if (username == null || credentials == null) {
+            if (containerLog.isTraceEnabled())
+                
containerLog.trace(sm.getString("jdbcRealm.authenticateFailure",
+                                                username));
             return null;
         }
 
@@ -381,6 +383,8 @@ public class JDBCRealm
         String dbCredentials = getPassword(username);
 
         if (dbCredentials == null) {
+            // User was not found in the database.
+
             if (containerLog.isTraceEnabled())
                 
containerLog.trace(sm.getString("jdbcRealm.authenticateFailure",
                                                 username));
@@ -398,14 +402,13 @@ public class JDBCRealm
             if (containerLog.isTraceEnabled())
                 
containerLog.trace(sm.getString("jdbcRealm.authenticateFailure",
                                                 username));
-            return (null);
+            return null;
         }
 
         ArrayList<String> roles = getRoles(username);
 
         // Create and return a suitable Principal for this user
         return (new GenericPrincipal(username, credentials, roles));
-
     }
 
 

Modified: tomcat/trunk/java/org/apache/catalina/realm/MemoryRealm.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/MemoryRealm.java?rev=1757997&r1=1757996&r2=1757997&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/MemoryRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/MemoryRealm.java Sat Aug 27 
11:47:09 2016
@@ -114,30 +114,35 @@ public class MemoryRealm  extends RealmB
     @Override
     public Principal authenticate(String username, String credentials) {
 
+        // No user or no credentials
+        // Can't possibly authenticate, don't bother the database then
+        if (username == null || credentials == null) {
+            if (log.isDebugEnabled())
+                log.debug(sm.getString("memoryRealm.authenticateFailure", 
username));
+            return null;
+        }
+
         GenericPrincipal principal = principals.get(username);
 
-        boolean validated;
-        if (principal == null) {
-            validated = false;
-        } else {
-            if (credentials == null || principal.getPassword() == null) {
-                if (log.isDebugEnabled())
-                    log.debug(sm.getString("memoryRealm.authenticateFailure", 
username));
-                return (null);
-            }
-            validated = getCredentialHandler().matches(credentials, 
principal.getPassword());
+        if(principal == null || principal.getPassword() == null) {
+            // User was not found in the database of the password was null
+
+            if (log.isDebugEnabled())
+                log.debug(sm.getString("memoryRealm.authenticateFailure", 
username));
+            return null;
         }
 
+        boolean validated = getCredentialHandler().matches(credentials, 
principal.getPassword());
+
         if (validated) {
             if (log.isDebugEnabled())
                 log.debug(sm.getString("memoryRealm.authenticateSuccess", 
username));
-            return (principal);
+            return principal;
         } else {
             if (log.isDebugEnabled())
                 log.debug(sm.getString("memoryRealm.authenticateFailure", 
username));
-            return (null);
+            return null;
         }
-
     }
 
 

Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1757997&r1=1757996&r2=1757997&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Sat Aug 27 
11:47:09 2016
@@ -329,10 +329,22 @@ public abstract class RealmBase extends
      */
     @Override
     public Principal authenticate(String username, String credentials) {
+        // No user or no credentials
+        // Can't possibly authenticate, don't bother doing anything.
+        if(username == null || credentials == null) {
+            if (containerLog.isTraceEnabled()) {
+                
containerLog.trace(sm.getString("realmBase.authenticateFailure",
+                                                username));
+            }
+            return null;
+        }
 
+        // Look up the user's credentials
         String serverCredentials = getPassword(username);
 
-        if (credentials == null || serverCredentials == null) {
+        if (serverCredentials == null) {
+            // User was not found
+
             if (containerLog.isTraceEnabled()) {
                 
containerLog.trace(sm.getString("realmBase.authenticateFailure",
                                                 username));
@@ -341,19 +353,20 @@ public abstract class RealmBase extends
         }
 
         boolean validated = getCredentialHandler().matches(credentials, 
serverCredentials);
-        if (!validated) {
+
+        if (validated) {
+            if (containerLog.isTraceEnabled()) {
+                
containerLog.trace(sm.getString("realmBase.authenticateSuccess",
+                                                username));
+            }
+            return getPrincipal(username);
+        } else {
             if (containerLog.isTraceEnabled()) {
                 
containerLog.trace(sm.getString("realmBase.authenticateFailure",
                                                 username));
             }
             return null;
         }
-        if (containerLog.isTraceEnabled()) {
-            containerLog.trace(sm.getString("realmBase.authenticateSuccess",
-                                            username));
-        }
-
-        return getPrincipal(username);
     }
 
     /**



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

svn commit: r1757997 - in /tomcat/trunk/java/org/apache/catalina/realm: DataSourceRealm.java JDBCRealm.java MemoryRealm.java RealmBase.java

Reply via email to