Hi Tomcat Developers,
I have updated the patch from http://markmail.org/message/qrmrubh3gfrz5yo5 to
match up with the current source release for tomcat 6.0.18. I am interested
in getting this patch applied to the code base. So, I am curious if anything
else needs to be done?
Thanks,
William Beene
Accenture
Associate Consultant, TACF
407 S Pennsylvania, Suite 201
Joplin, MO 64804
417-626-6528
[EMAIL PROTECTED]
This message is for the designated recipient only and may contain privileged,
proprietary, or otherwise private information. If you have received it in
error, please notify the sender immediately and delete the original. Any other
use of the email by you is prohibited.
--- JNDIRealm.java.old 2008-09-12 11:42:10.000000000 -0500
+++ JNDIRealm.java 2008-09-12 10:43:04.000000000 -0500
@@ -913,7 +913,7 @@
curUserPattern < userPatternFormatArray.length;
curUserPattern++) {
// Retrieve user information
- User user = getUser(context, username);
+ User user = getUser(context, username, credentials);
if (user != null) {
try {
// Check the user's credentials
@@ -938,7 +938,7 @@
return null;
} else {
// Retrieve user information
- User user = getUser(context, username);
+ User user = getUser(context, username, credentials);
if (user == null)
return (null);
@@ -971,7 +971,7 @@
*
* @exception NamingException if a directory server error occurs
*/
- protected User getUser(DirContext context, String username)
+ protected User getUser(DirContext context, String username, String credentials)
throws NamingException {
User user = null;
@@ -987,7 +987,7 @@
// Use pattern or search for user entry
if (userPatternFormatArray != null) {
- user = getUserByPattern(context, username, attrIds);
+ user = getUserByPattern(context, username, credentials, attrIds);
} else {
user = getUserBySearch(context, username, attrIds);
}
@@ -1011,6 +1011,7 @@
*/
protected User getUserByPattern(DirContext context,
String username,
+ String credentials,
String[] attrIds)
throws NamingException {
@@ -1026,6 +1027,32 @@
attrs = context.getAttributes(dn, attrIds);
} catch (NameNotFoundException e) {
return (null);
+ } catch (NamingException e) {
+ // If the getAttributes() call fails, try it again with the
+ // credentials of the user that we're searching for
+ try {
+ // Set up security environment to bind as the user
+ context.addToEnvironment(Context.SECURITY_PRINCIPAL, dn);
+ context.addToEnvironment(Context.SECURITY_CREDENTIALS, credentials);
+
+ attrs = context.getAttributes(dn, attrIds);
+ } finally {
+ // Restore the original security environment
+ if (connectionName != null) {
+ context.addToEnvironment(Context.SECURITY_PRINCIPAL,
+ connectionName);
+ } else {
+ context.removeFromEnvironment(Context.SECURITY_PRINCIPAL);
+ }
+
+ if (connectionPassword != null) {
+ context.addToEnvironment(Context.SECURITY_CREDENTIALS,
+ connectionPassword);
+ }
+ else {
+ context.removeFromEnvironment(Context.SECURITY_CREDENTIALS);
+ }
+ }
}
if (attrs == null)
return (null);
@@ -1598,7 +1625,7 @@
String username)
throws NamingException {
- User user = getUser(context, username);
+ User user = getUser(context, username, null);
return new GenericPrincipal(this, user.username, user.password ,
getRoles(context, user));
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
