This is an automated email from the ASF dual-hosted git repository.
rmaucher pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 6416f3e9ae Return null on a non existing principal
6416f3e9ae is described below
commit 6416f3e9ae03b7a4f311c17e3927462666d507ed
Author: remm <[email protected]>
AuthorDate: Sat May 23 15:50:19 2026 +0200
Return null on a non existing principal
This does not have a consequence in practice as getPassword is used
first, which returns null.
---
java/org/apache/catalina/users/DataSourceUserDatabase.java | 2 ++
test/org/apache/catalina/users/TestDataSourceUserDatabase.java | 1 +
webapps/docs/changelog.xml | 4 ++++
3 files changed, 7 insertions(+)
diff --git a/java/org/apache/catalina/users/DataSourceUserDatabase.java
b/java/org/apache/catalina/users/DataSourceUserDatabase.java
index 548b4de750..7842ca25ff 100644
--- a/java/org/apache/catalina/users/DataSourceUserDatabase.java
+++ b/java/org/apache/catalina/users/DataSourceUserDatabase.java
@@ -920,6 +920,8 @@ public class DataSourceUserDatabase extends
SparseUserDatabase {
if (userFullNameCol != null) {
fullName = rs.getString(2);
}
+ } else {
+ return null;
}
dbCredentials = (dbCredentials != null) ? dbCredentials.trim()
: null;
diff --git a/test/org/apache/catalina/users/TestDataSourceUserDatabase.java
b/test/org/apache/catalina/users/TestDataSourceUserDatabase.java
index 226efcd112..018a0f6083 100644
--- a/test/org/apache/catalina/users/TestDataSourceUserDatabase.java
+++ b/test/org/apache/catalina/users/TestDataSourceUserDatabase.java
@@ -158,6 +158,7 @@ public class TestDataSourceUserDatabase extends
LoggingBaseTest {
// Manager role cannot be saved, but remains valid in memory
managerRole = db.findRole("manager");
Assert.assertFalse("Unexpected role for user",
tomcatUser.isInRole(managerRole));
+ Assert.assertNull(db.findUser("foo"));
db.close();
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f3f950e10b..c0047ad8ee 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -168,6 +168,10 @@
<code>MemoryRealm</code> should not add a dummy role when none is
specified in the configuration. (remm)
</fix>
+ <fix>
+ <code>DataSourceUserDatabase</code> should return a null principal on
+ a non existing user. (remm)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
