Hi Tomcat Developers, I have updated the patch from http://markmail.org/message/qrmrubh3gfrz5yo5 to match up with the current source release for tomcat 6.0.18. I am interested in getting this patch applied to the code base. So, I am curious if anything else needs to be done?
Thanks, William Beene Accenture Associate Consultant, TACF 407 S Pennsylvania, Suite 201 Joplin, MO 64804 417-626-6528 [EMAIL PROTECTED] This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited.
--- JNDIRealm.java.old 2008-09-12 11:42:10.000000000 -0500 +++ JNDIRealm.java 2008-09-12 10:43:04.000000000 -0500 @@ -913,7 +913,7 @@ curUserPattern < userPatternFormatArray.length; curUserPattern++) { // Retrieve user information - User user = getUser(context, username); + User user = getUser(context, username, credentials); if (user != null) { try { // Check the user's credentials @@ -938,7 +938,7 @@ return null; } else { // Retrieve user information - User user = getUser(context, username); + User user = getUser(context, username, credentials); if (user == null) return (null); @@ -971,7 +971,7 @@ * * @exception NamingException if a directory server error occurs */ - protected User getUser(DirContext context, String username) + protected User getUser(DirContext context, String username, String credentials) throws NamingException { User user = null; @@ -987,7 +987,7 @@ // Use pattern or search for user entry if (userPatternFormatArray != null) { - user = getUserByPattern(context, username, attrIds); + user = getUserByPattern(context, username, credentials, attrIds); } else { user = getUserBySearch(context, username, attrIds); } @@ -1011,6 +1011,7 @@ */ protected User getUserByPattern(DirContext context, String username, + String credentials, String[] attrIds) throws NamingException { @@ -1026,6 +1027,32 @@ attrs = context.getAttributes(dn, attrIds); } catch (NameNotFoundException e) { return (null); + } catch (NamingException e) { + // If the getAttributes() call fails, try it again with the + // credentials of the user that we're searching for + try { + // Set up security environment to bind as the user + context.addToEnvironment(Context.SECURITY_PRINCIPAL, dn); + context.addToEnvironment(Context.SECURITY_CREDENTIALS, credentials); + + attrs = context.getAttributes(dn, attrIds); + } finally { + // Restore the original security environment + if (connectionName != null) { + context.addToEnvironment(Context.SECURITY_PRINCIPAL, + connectionName); + } else { + context.removeFromEnvironment(Context.SECURITY_PRINCIPAL); + } + + if (connectionPassword != null) { + context.addToEnvironment(Context.SECURITY_CREDENTIALS, + connectionPassword); + } + else { + context.removeFromEnvironment(Context.SECURITY_CREDENTIALS); + } + } } if (attrs == null) return (null); @@ -1598,7 +1625,7 @@ String username) throws NamingException { - User user = getUser(context, username); + User user = getUser(context, username, null); return new GenericPrincipal(this, user.username, user.password , getRoles(context, user));
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]