Author: markt
Date: Tue May 18 17:46:46 2010
New Revision: 945787
URL: http://svn.apache.org/viewvc?rev=945787&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48589
Make JNDIRealm easier to extend
Based on a patch by Candid Dauth
Modified:
tomcat/tc6.0.x/trunk/ (props changed)
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc6.0.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue May 18 17:46:46 2010
@@ -1 +1 @@
-/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,666232,673796,673820,677910,683969,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,713953,714002,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,752323,753039,757335,757774,758249,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,77
0809,770876,772872,776921,776924,776935,776945,777464,777466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985,789389,790405,791041,791184,791194,791224,791243,791326,791328,791789,792740,793372,793757,793882,793981,794082,794673,794822,795043,795152,795210,795457,795466,797168,797425,797596,797607,802727,802940,804462,804544,804734,805153,809131,809603,810916,810977,812125,812137,812432,813001,813013,813866,814180,814708,814876,815972,816252,817442,817822,819339,819361,820110,820132,820874,820954,821397,828196,828201,828210,828225,828759,830378-830379,830999,831106,831774,831785,831828,831850,831860,832214,832218,833121,833545,834047,835036,835336,836405,881396,881412,883130,883134,883146,883165,883177,883362,883565,884341,885038,885231,885241,885260,885901,885991,886019,888072,889363,889606,889716,8901
39,890265,890349-890350,890417,891185-891187,891583,892198,892341,892415,892464,892555,892812,892814,892817,892843,892887,893321,893493,894580,894586,894805,894831,895013,895045,895057,895191,895392,895703,896370,896384,897380-897381,897776,898126,898256,898468,898527,898555,898558,898718,898836,898906,899284,899348,899420,899653,899769-899770,899783,899788,899792,899916,899918-899919,899935,899949,903916,905020,905151,905722,905728,905735,907311,907513,907538,907652,907819,907825,907864,908002,908721,908754,908759,909097,909206,909212,909525,909636,909869,909875,909887,910266,910370,910442,910471,910974,915226,915737,915861,916097,916141,916157,916170,917598,917633,918093,918594,918684,918787,918792,918799,918885,919851,919914,920025,920055,920298,920449,920596,920840,921444,926716,927062,927621,928482,928695,928798,931709,932967,941356,941463,944409,944416
+/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,666232,673796,673820,677910,683969,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,713953,714002,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,752323,753039,757335,757774,758249,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,77
0809,770876,772872,776921,776924,776935,776945,777464,777466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985,789389,790405,791041,791184,791194,791224,791243,791326,791328,791789,792740,793372,793757,793882,793981,794082,794673,794822,795043,795152,795210,795457,795466,797168,797425,797596,797607,802727,802940,804462,804544,804734,805153,809131,809603,810916,810977,812125,812137,812432,813001,813013,813866,814180,814708,814876,815972,816252,817442,817822,819339,819361,820110,820132,820874,820954,821397,828196,828201,828210,828225,828759,830378-830379,830999,831106,831774,831785,831828,831850,831860,832214,832218,833121,833545,834047,835036,835336,836405,881396,881412,883130,883134,883146,883165,883177,883362,883565,884341,885038,885231,885241,885260,885901,885991,886019,888072,889363,889606,889716,8901
39,890265,890349-890350,890417,891185-891187,891583,892198,892341,892415,892464,892555,892812,892814,892817,892843,892887,893321,893493,894580,894586,894805,894831,895013,895045,895057,895191,895392,895703,896370,896384,897380-897381,897776,898126,898256,898468,898527,898555,898558,898718,898836,898906,899284,899348,899420,899653,899769-899770,899783,899788,899792,899916,899918-899919,899935,899949,903916,905020,905151,905722,905728,905735,907311,907513,907538,907652,907819,907825,907864,908002,908721,908754,908759,909097,909206,909212,909525,909636,909869,909875,909887,910266,910370,910442,910471,910485,910974,915226,915737,915861,916097,916141,916157,916170,917598,917633,918093,918489,918594,918684,918787,918792,918799,918803,918885,919851,919914,920025,920055,920298,920449,920596,920840,921444,926716,927062,927621,928482,928695,928798,931709,932357,932967,935983,941356,941463,944409,944416
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=945787&r1=945786&r2=945787&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue May 18 17:46:46 2010
@@ -50,37 +50,17 @@ PATCHES PROPOSED TO BACKPORT:
markt: It shouldn't break existing configs. JSSE allows trust stores to
be
read without providing the password
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48589
- Make JNDIRealm easier to extend
- Based on a patch by Candid Dauth
- http://svn.apache.org/viewvc?rev=910485&view=rev
- http://svn.apache.org/viewvc?rev=918489&view=rev (review feedback)
- http://svn.apache.org/viewvc?rev=918803&view=rev (additional patch)
- +1: markt, kkolinko, rjung
- -1:
-
- Additional patch:
- http://svn.apache.org/viewvc?view=revision&revision=932357
- +1: markt, kkolinko, rjung
- -1:
-
- Additional patch:
- http://svn.apache.org/viewvc?rev=935983&view=rev
- +1: kkolinko, markt, rjung
- -1:
-
- rjung: It seems we add roles to the user's role list in
- getRoles(DirContext context, User user) every time it is
- being called, if either commonRole is used or roleFormat / roleName?
- I think we shouldn't change the original list, but instead a copy?
-
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48729
Return roles defined by both userRoleName and roleName mechanisms
Patch provided by 'eric'
http://svn.apache.org/viewvc?view=revision&revision=920824
+1: markt, kkolinko
-1:
- rjung: see comment to the proposal above.
+
+ rjung: It seems we add roles to the user's role list in
+ getRoles(DirContext context, User user) every time it is
+ being called, if either commonRole is used or roleFormat / roleName?
+ I think we shouldn't change the original list, but instead a copy?
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48701
Take account of TagVariableInfo when implementing the rules of JSP.5.3
Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java?rev=945787&r1=945786&r2=945787&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java Tue May
18 17:46:46 2010
@@ -25,7 +25,6 @@ import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
-import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
@@ -1423,10 +1422,10 @@ public class JNDIRealm extends RealmBase
if (containerLog.isTraceEnabled()) {
if (validated) {
containerLog.trace(sm.getString("jndiRealm.authenticateSuccess",
- user.username));
+ user.getUserName()));
} else {
containerLog.trace(sm.getString("jndiRealm.authenticateFailure",
- user.username));
+ user.getUserName()));
}
}
return (validated);
@@ -1452,7 +1451,7 @@ public class JNDIRealm extends RealmBase
if (info == null || credentials == null)
return (false);
- String password = info.password;
+ String password = info.getPassword();
if (password == null)
return (false);
@@ -1542,7 +1541,7 @@ public class JNDIRealm extends RealmBase
if (credentials == null || user == null)
return (false);
- String dn = user.dn;
+ String dn = user.getDN();
if (dn == null)
return (false);
@@ -1606,8 +1605,8 @@ public class JNDIRealm extends RealmBase
if (user == null)
return (null);
- String dn = user.dn;
- String username = user.username;
+ String dn = user.getDN();
+ String username = user.getUserName();
if (dn == null || username == null)
return (null);
@@ -1616,7 +1615,7 @@ public class JNDIRealm extends RealmBase
containerLog.trace(" getRoles(" + dn + ")");
// Start with roles retrieved from the user entry
- ArrayList<String> list = user.roles;
+ List<String> list = user.getRoles();
if (list == null) {
list = new ArrayList<String>();
}
@@ -1927,8 +1926,8 @@ public class JNDIRealm extends RealmBase
User user = getUser(context, username);
if (user != null) {
- return new GenericPrincipal(this, user.username, user.password,
- getRoles(context, user));
+ return new GenericPrincipal(this, user.getUserName(),
+ user.getPassword(), getRoles(context, user));
}
return null;
@@ -2209,26 +2208,43 @@ public class JNDIRealm extends RealmBase
}
+ // ------------------------------------------------------ Private Classes
+
+ /**
+ * A protected class representing a User
+ */
+ protected static class User {
+
+ final private String username;
+ final private String dn;
+ final private String password;
+ final private List<String> roles = new ArrayList<String>();
+
+ public User(String username, String dn, String password,
+ List<String> roles) {
+ this.username = username;
+ this.dn = dn;
+ this.password = password;
+ if (roles != null) {
+ this.roles.addAll(roles);
+ }
+ }
+
+ public String getUserName() {
+ return username;
+ }
+
+ public String getDN() {
+ return dn;
+ }
+
+ public String getPassword() {
+ return password;
+ }
+
+ public List<String> getRoles() {
+ return roles;
+ }
+ }
}
-// ------------------------------------------------------ Private Classes
-
-/**
- * A private class representing a User
- */
-class User {
- String username = null;
- String dn = null;
- String password = null;
- ArrayList<String> roles = null;
-
-
- User(String username, String dn, String password,
- ArrayList<String> roles) {
- this.username = username;
- this.dn = dn;
- this.password = password;
- this.roles = roles;
- }
-
-}
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=945787&r1=945786&r2=945787&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Tue May 18 17:46:46 2010
@@ -54,9 +54,6 @@
address via the HTTP WWW-Authenticate header when using BASIC or DIGEST
authentication. (markt)
</fix>
- <fix>
- <bug>48903</bug>: Fix deadlock in webapp class loader. (rjung)
- </fix>
<add>
Include context name when reporting memory leaks to aid root cause
identification. (markt)
@@ -66,6 +63,10 @@
identifying the root cause of <bug>48007</bug>. (kkolinko)
</fix>
<fix>
+ <bug>48589</bug>: Make JNDIRealm easier to extend. Based on a patch by
+ Candid Dauth. (markt/kkolinko)
+ </fix>
+ <fix>
<bug>48629</bug>: Allow user names as well as DNs to be used with the
nested role search. Add roleNested to the documentation. Patch provided
by Felix Schumacher. (markt)
@@ -94,6 +95,9 @@
process of clearing them is not thread-safe. (markt)
</fix>
<fix>
+ <bug>48903</bug>: Fix deadlock in webapp class loader. (rjung)
+ </fix>
+ <fix>
<bug>48983</bug>: Improve debug logging for situations when
<code>RemoteIpValve</code> is bypassed. Patch provided by Cyrille Le
Clerc. (markt)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
