svn commit: r1685954 - in /tomcat/trunk/java/org/apache/catalina/authenticator: LocalStrings.properties jaspic/JaspicAuthenticator.java jaspic/JaspicCallbackHandler.java jaspic/LocalStrings.properties jaspic/PrincipalGroupCallback.java

Wed, 17 Jun 2015 02:01:44 -0700 

Author: markt
Date: Wed Jun 17 09:01:11 2015
New Revision: 1685954

URL: http://svn.apache.org/r1685954
Log:
Fix issues with previous patch to remove use of ThreadLocal

Modified:
    tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
    
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java
    
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
    
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties
    
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/PrincipalGroupCallback.java

Modified: 
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties?rev=1685954&r1=1685953&r2=1685954&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties 
(original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties 
Wed Jun 17 09:01:11 2015
@@ -26,7 +26,6 @@ authenticator.noAuthHeader=No authorizat
 authenticator.notContext=Configuration error:  Must be attached to a Context
 authenticator.requestBodyTooBig=The request body was too large to be cached 
during the authentication process
 authenticator.sessionExpired=The time allowed for the login process has been 
exceeded. If you wish to continue you must either click back twice and re-click 
the link you requested or close and re-open your browser
-authenticator.unauthorized=Cannot authenticate with the provided credentials
 
 digestAuthenticator.cacheRemove=A valid entry has been removed from client 
nonce cache to make room for new entries. A replay attack is now possible. To 
prevent the possibility of replay attacks, reduce nonceValidity or increase 
cnonceCacheSize. Further warnings of this type will be suppressed for 5 minutes.
 

Modified: 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java?rev=1685954&r1=1685953&r2=1685954&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java
 (original)
+++ 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java
 Wed Jun 17 09:01:11 2015
@@ -38,9 +38,7 @@ import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 
 /**
- * Security valve which implements JASPIC authentication
- * @author Fjodor Vershinin
- *
+ * Security valve which implements JASPIC authentication.
  */
 public class JaspicAuthenticator extends AuthenticatorBase {
 
@@ -54,12 +52,14 @@ public class JaspicAuthenticator extends
     @SuppressWarnings("rawtypes")
     private Map authProperties = null;
 
+
     @Override
     protected synchronized void startInternal() throws LifecycleException {
         super.startInternal();
         serviceSubject = new Subject();
     }
 
+
     @Override
     public boolean authenticate(Request request, HttpServletResponse response) 
throws IOException {
         MessageInfo messageInfo = new MessageInfoImpl(request, response, true);
@@ -98,31 +98,38 @@ public class JaspicAuthenticator extends
         return false;
     }
 
+
     @Override
     public void login(String userName, String password, Request request) 
throws ServletException {
         throw new IllegalStateException("not implemented yet!");
     }
 
+
     @Override
     public void logout(Request request) {
         throw new IllegalStateException("not implemented yet!");
     }
 
+
     private void handleUnauthorizedRequest(HttpServletResponse response, 
AuthException e)
             throws IOException {
-        log.error(sm.getString("authenticator.unauthorized"), e);
-        response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
-                sm.getString("authenticator.unauthorized"));
+        response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+        if (log.isDebugEnabled()) {
+            log.debug(sm.getString("authenticator.jaspic.unauthorized"), e);
+        }
     }
 
+
     private String getAppContextId(Request request) {
         return request.getServletContext().getVirtualServerName() + " " + 
request.getContextPath();
     }
 
+
     private JaspicCallbackHandler getJaspicCallbackHandler() {
         return new JaspicCallbackHandler(container.getRealm());
     }
 
+
     @Override
     protected String getAuthMethod() {
         return AUTH_TYPE;

Modified: 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java?rev=1685954&r1=1685953&r2=1685954&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
 (original)
+++ 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
 Wed Jun 17 09:01:11 2015
@@ -32,9 +32,7 @@ import org.apache.catalina.realm.Generic
 import org.apache.tomcat.util.res.StringManager;
 
 /**
- * Callback handler which converts callbacks to realm
- * @author Fjodor Vershinin
- *
+ * Callback handler which converts callbacks to realm.
  */
 public class JaspicCallbackHandler implements CallbackHandler {
     protected static final StringManager sm = 
StringManager.getManager(JaspicCallbackHandler.class);
@@ -43,10 +41,12 @@ public class JaspicCallbackHandler imple
 
     private PrincipalGroupCallback principalGroupCallback = new 
PrincipalGroupCallback();
 
+
     public JaspicCallbackHandler(Realm realm) {
         this.realm = realm;
     }
 
+
     @Override
     public void handle(Callback[] callbacks) throws IOException, 
UnsupportedCallbackException {
         if (callbacks == null) {
@@ -57,12 +57,13 @@ public class JaspicCallbackHandler imple
         }
     }
 
+
     public GenericPrincipal getPrincipal() {
         return principalGroupCallback.getPrincipal();
     }
 
-    private void handleCallback(Callback callback) {
 
+    private void handleCallback(Callback callback) {
         if (callback instanceof CallerPrincipalCallback) {
             
principalGroupCallback.setCallerPrincipalCallback((CallerPrincipalCallback) 
callback);
         } else if (callback instanceof GroupPrincipalCallback) {
@@ -75,6 +76,7 @@ public class JaspicCallbackHandler imple
         }
     }
 
+
     private void handlePasswordValidationCallback(
             PasswordValidationCallback passwordValidationCallback) {
         Subject subject = passwordValidationCallback.getSubject();

Modified: 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties?rev=1685954&r1=1685953&r2=1685954&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties
 (original)
+++ 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties
 Wed Jun 17 09:01:11 2015
@@ -13,4 +13,5 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+authenticator.jaspic.unauthorized=Cannot authenticate with the provided 
credentials
 authenticator.jaspic.unknownCallback=Unknown JASPIC callback: [{0}]

Modified: 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/PrincipalGroupCallback.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/PrincipalGroupCallback.java?rev=1685954&r1=1685953&r2=1685954&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/PrincipalGroupCallback.java
 (original)
+++ 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/PrincipalGroupCallback.java
 Wed Jun 17 09:01:11 2015
@@ -28,22 +28,23 @@ import org.apache.catalina.realm.Generic
 
 /**
  * This class merges two principal callbacks into one tomcat's
- * {@link GenericPrincipal}
- * @author Fjodor Vershinin
- *
+ * {@link GenericPrincipal}.
  */
 public class PrincipalGroupCallback {
     private CallerPrincipalCallback callerPrincipalCallback;
     private GroupPrincipalCallback groupPrincipalCallback;
 
+
     public void setCallerPrincipalCallback(CallerPrincipalCallback 
callerPrincipalCallback) {
         this.callerPrincipalCallback = callerPrincipalCallback;
     }
 
+
     public void setCallerPrincipalCallback(GroupPrincipalCallback 
groupPrincipalCallback) {
         this.groupPrincipalCallback = groupPrincipalCallback;
     }
 
+
     /**
      * Get tomcat's principal, which contains user principal and roles
      * @return {@link GenericPrincipal}
@@ -56,6 +57,7 @@ public class PrincipalGroupCallback {
         return new GenericPrincipal(getUserName(), null, getRoles(), 
userPrincipal);
     }
 
+
     private Principal getUserPrincipal() {
         if (callerPrincipalCallback == null) {
             return null;
@@ -63,6 +65,7 @@ public class PrincipalGroupCallback {
         return callerPrincipalCallback.getPrincipal();
     }
 
+
     private List<String> getRoles() {
         if (groupPrincipalCallback == null) {
             return Collections.emptyList();
@@ -70,6 +73,7 @@ public class PrincipalGroupCallback {
         return Arrays.asList(groupPrincipalCallback.getGroups());
     }
 
+
     private String getUserName() {
         String name = null;
         if (callerPrincipalCallback != null) {
@@ -81,6 +85,7 @@ public class PrincipalGroupCallback {
         return getUserPrincipalName();
     }
 
+
     private String getUserPrincipalName() {
         Principal principal = getUserPrincipal();
         if (principal == null) {



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to