Author: violetagg Date: Thu Aug 15 20:31:48 2013 New Revision: 1514470 URL: http://svn.apache.org/r1514470 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55354 Restore the context environment parameters after associating the Principle with the given user. Based on patch provided by Richard Begg.
Modified: tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java Modified: tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java?rev=1514470&r1=1514469&r2=1514470&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java (original) +++ tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java Thu Aug 15 20:31:48 2013 @@ -2050,9 +2050,12 @@ public class JNDIRealm extends RealmBase User user = null; List<String> roles = null; + Hashtable<?, ?> preservedEnvironment = null; try { if (gssCredential != null && isUseDelegatedCredential()) { + // Preserve the current context environment parameters + preservedEnvironment = context.getEnvironment(); // Set up context context.addToEnvironment( Context.SECURITY_AUTHENTICATION, "GSSAPI"); @@ -2068,24 +2071,12 @@ public class JNDIRealm extends RealmBase roles = getRoles(context, user); } } finally { - try { - context.removeFromEnvironment( - Context.SECURITY_AUTHENTICATION); - } catch (NamingException e) { - // Ignore - } - try { - context.removeFromEnvironment( - "javax.security.sasl.server.authentication"); - } catch (NamingException e) { - // Ignore - } - try { - context.removeFromEnvironment( - "javax.security.sasl.qop"); - } catch (NamingException e) { - // Ignore - } + restoreEnvironmentParameter(context, + Context.SECURITY_AUTHENTICATION, preservedEnvironment); + restoreEnvironmentParameter(context, + "javax.security.sasl.server.authentication", preservedEnvironment); + restoreEnvironmentParameter(context, "javax.security.sasl.qop", + preservedEnvironment); } if (user != null) { @@ -2096,6 +2087,19 @@ public class JNDIRealm extends RealmBase return null; } + private void restoreEnvironmentParameter(DirContext context, + String parameterName, Hashtable<?, ?> preservedEnvironment) { + try { + context.removeFromEnvironment(parameterName); + if (preservedEnvironment != null && preservedEnvironment.containsKey(parameterName)) { + context.addToEnvironment(parameterName, + preservedEnvironment.get(parameterName)); + } + } catch (NamingException e) { + // Ignore + } + } + /** * Open (if necessary) and return a connection to the configured * directory server for this Realm. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org