buildbot success in ASF Buildbot on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/1400 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1686013 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1686028 - /tomcat/trunk/test/org/apache/coyote/http2/
Author: markt
Date: Wed Jun 17 14:45:36 2015
New Revision: 1686028
URL: http://svn.apache.org/r1686028
Log:
Add a unit test for a simple request with a body
Added:
tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_6_1.java (with
props)
Modified:
tomcat/trunk/test/org/apache/coyote/http2/Http2TestBase.java
tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_4_1.java
tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_4_3.java
tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_1.java
tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_2.java
tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_3.java
tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java
Modified: tomcat/trunk/test/org/apache/coyote/http2/Http2TestBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/coyote/http2/Http2TestBase.java?rev=1686028&r1=1686027&r2=1686028&view=diff
==
--- tomcat/trunk/test/org/apache/coyote/http2/Http2TestBase.java (original)
+++ tomcat/trunk/test/org/apache/coyote/http2/Http2TestBase.java Wed Jun 17
14:45:36 2015
@@ -16,6 +16,8 @@
*/
package org.apache.coyote.http2;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
@@ -37,6 +39,7 @@ import org.apache.catalina.LifecycleExce
import org.apache.catalina.connector.Connector;
import org.apache.catalina.startup.Tomcat;
import org.apache.catalina.startup.TomcatBaseTest;
+import org.apache.catalina.util.IOTools;
import org.apache.coyote.http2.HpackDecoder.HeaderEmitter;
import org.apache.coyote.http2.Http2Parser.Input;
import org.apache.coyote.http2.Http2Parser.Output;
@@ -105,35 +108,35 @@ public abstract class Http2TestBase exte
}
-protected void sendSimpleRequest(int streamId) throws IOException {
+protected void sendSimpleGetRequest(int streamId) throws IOException {
byte[] frameHeader = new byte[9];
ByteBuffer headersPayload = ByteBuffer.allocate(128);
-buildSimpleRequest(frameHeader, headersPayload, streamId);
+buildSimpleGetRequest(frameHeader, headersPayload, streamId);
writeFrame(frameHeader, headersPayload);
}
-protected void sendLargeRequest(int streamId) throws IOException {
+protected void sendLargeGetRequest(int streamId) throws IOException {
byte[] frameHeader = new byte[9];
ByteBuffer headersPayload = ByteBuffer.allocate(128);
-buildLargeRequest(frameHeader, headersPayload, streamId);
+buildLargeGetRequest(frameHeader, headersPayload, streamId);
writeFrame(frameHeader, headersPayload);
}
-protected void buildSimpleRequest(byte[] frameHeader, ByteBuffer
headersPayload, int streamId) {
-buildRequest(frameHeader, headersPayload, streamId, "/simple");
+protected void buildSimpleGetRequest(byte[] frameHeader, ByteBuffer
headersPayload, int streamId) {
+buildGetRequest(frameHeader, headersPayload, streamId, "/simple");
}
-protected void buildLargeRequest(byte[] frameHeader, ByteBuffer
headersPayload, int streamId) {
-buildRequest(frameHeader, headersPayload, streamId, "/large");
+protected void buildLargeGetRequest(byte[] frameHeader, ByteBuffer
headersPayload, int streamId) {
+buildGetRequest(frameHeader, headersPayload, streamId, "/large");
}
-protected void buildRequest(byte[] frameHeader, ByteBuffer headersPayload,
int streamId,
+protected void buildGetRequest(byte[] frameHeader, ByteBuffer
headersPayload, int streamId,
String url) {
MimeHeaders headers = new MimeHeaders();
headers.addValue(":method").setString("GET");
@@ -153,7 +156,7 @@ public abstract class Http2TestBase exte
}
-protected void buildSimpleRequestPart1(byte[] frameHeader, ByteBuffer
headersPayload,
+protected void buildSimpleGetRequestPart1(byte[] frameHeader, ByteBuffer
headersPayload,
int streamId) {
MimeHeaders headers = new MimeHeaders();
headers.addValue(":method").setString("GET");
@@ -172,7 +175,7 @@ public abstract class Http2TestBase exte
}
-protected void buildSimpleRequestPart2(byte[] frameHeader, ByteBuffer
headersPayload,
+protected void buildSimpleGetRequestPart2(byte[] frameHeader, ByteBuffer
headersPayload,
int streamId) {
MimeHeaders headers = new MimeHeaders();
headers.addValue(":authority").setString("localhost:" + getPort());
@@ -190,6 +193,51 @@ public abstract class Http2TestBase exte
}
+protected void sendSimplePostRequest(int streamId) throws IOException {
+byte[] headersFrameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+byte[] dataFrameHeader =
svn commit: r1686024 - /tomcat/trunk/java/org/apache/coyote/http2/Stream.java
Author: markt
Date: Wed Jun 17 14:44:14 2015
New Revision: 1686024
URL: http://svn.apache.org/r1686024
Log:
Fix inverted logic in reading HTTP/2 input streams
Modified:
tomcat/trunk/java/org/apache/coyote/http2/Stream.java
Modified: tomcat/trunk/java/org/apache/coyote/http2/Stream.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Stream.java?rev=1686024&r1=1686023&r2=1686024&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http2/Stream.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/Stream.java Wed Jun 17 14:44:14
2015
@@ -422,7 +422,7 @@ public class Stream extends AbstractStre
// Ensure that only one thread accesses inBuffer at a time
synchronized (inBuffer) {
-while (inBuffer.position() == 0 &&
!state.isFrameTypePermitted(FrameType.DATA)) {
+while (inBuffer.position() == 0 &&
state.isFrameTypePermitted(FrameType.DATA)) {
// Need to block until some data is written
try {
inBuffer.wait();
@@ -437,7 +437,7 @@ public class Stream extends AbstractStre
written = inBuffer.remaining();
inBuffer.get(outBuffer, 0, written);
inBuffer.clear();
-} else if (state.isFrameTypePermitted(FrameType.DATA)) {
+} else if (!state.isFrameTypePermitted(FrameType.DATA)) {
return -1;
} else {
// TODO Should never happen
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in ASF Buildbot on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/1399 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1686004 Blamelist: markt BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1686013 - /tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java
Author: markt
Date: Wed Jun 17 13:56:44 2015
New Revision: 1686013
URL: http://svn.apache.org/r1686013
Log:
Don't swallow unknown payload in the parser. That is up to the Output to handle.
Modified:
tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java
Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java?rev=1686013&r1=1686012&r2=1686013&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java Wed Jun 17
13:56:44 2015
@@ -387,7 +387,6 @@ class Http2Parser {
private void readUnknownFrame(int streamId, FrameType frameType, int
flags, int payloadSize)
throws IOException {
output.swallow(streamId, frameType, flags, payloadSize);
-swallow(payloadSize);
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57799] MessageCreationException: Couldn't create SOAP message with Nio2 connector protocol
https://bz.apache.org/bugzilla/show_bug.cgi?id=57799 --- Comment #18 from Justin --- > Without a test case this is going to sit in the NEEDINFO state. Understandable. Regardless of whether there is a test case, there is a bug causing exceptions in Tomcat 8 latest. I may not be the only one who can contribute to its resolution. You're asking me to search through an unfamiliar codebase for a closed-source commercial client which likely uses Windows and SOAP API's that I'm also unfamiliar with, and extract a test case that I feel comfortable sharing. Sadly I have little desire to learn much about this client. I do wish to help the Tomcat community and will try to find the time. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57799] MessageCreationException: Couldn't create SOAP message with Nio2 connector protocol
https://bz.apache.org/bugzilla/show_bug.cgi?id=57799 --- Comment #17 from Mark Thomas --- (In reply to Remy Maucherat from comment #16) > Without a relatively simple test case, I think this should be closed for the > time being. There has to be some concurrency involved and the framework > really gets in the way. That is effectively what the NEEDINFO state does. When I do a release I aim to fix all the open bugs that affect that version excluding any in the NEEDINFO state. I'd prefer a simple test case but right now I'd take any test case that reproduced this issue fairly reliably. Without a test case this is going to sit in the NEEDINFO state. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58031] Posting data exceeding maxPostSize should result in HTTP 413.
https://bz.apache.org/bugzilla/show_bug.cgi?id=58031 --- Comment #8 from Mark Thomas --- (In reply to Konstantin Kolinko from comment #7) > (In reply to Mark Thomas from comment #5) > > I was thinking a using the existing attribute to trigger a 400 response and > > a new attribute to trigger a 413 response. That should cover all the current > > possibilities for parameter/part issues. > > -1. Fair enough. How about using a second attribute to set the response code? If set use the defined code. If not set, use 400. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1686004 - /tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java
Author: markt
Date: Wed Jun 17 12:55:45 2015
New Revision: 1686004
URL: http://svn.apache.org/r1686004
Log:
Add unit tests for section 5.5
Added:
tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java (with
props)
Added: tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java?rev=1686004&view=auto
==
--- tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java (added)
+++ tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java Wed Jun
17 12:55:45 2015
@@ -0,0 +1,101 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.coyote.http2;
+
+import java.nio.ByteBuffer;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+/**
+ * Unit tests for Section 5.5 of
+ * https://tools.ietf.org/html/rfc7540";>RFC 7540.
+ *
+ * The order of tests in this class is aligned with the order of the
+ * requirements in the RFC.
+ */
+public class TestHttp2Section_5_5 extends Http2TestBase {
+
+private static final byte[] UNKNOWN_FRAME;
+
+static {
+// Unknown frame type
+UNKNOWN_FRAME = new byte[29];
+// Frame header
+ByteUtil.setThreeBytes(UNKNOWN_FRAME, 0, 20);
+// Type
+UNKNOWN_FRAME[3] = (byte) 0x80;
+// No flags
+// Stream
+ByteUtil.set31Bits(UNKNOWN_FRAME, 5, 5);
+// zero payload
+}
+
+
+// Section 5.5
+
+@Test
+public void testUnknownSetting() throws Exception {
+http2Connect();
+
+// Unknown setting (should be ack'd)
+sendSetting(1 << 15, 0);
+
+parser.readFrame(true);
+
+Assert.assertEquals("0-Settings-Ack\n", output.getTrace());
+}
+
+
+@Test
+public void testUnknownFrame() throws Exception {
+http2Connect();
+
+os.write(UNKNOWN_FRAME);
+os.flush();
+
+// Ping
+sendPing();
+
+parser.readFrame(true);
+
+Assert.assertEquals("0-Ping-Ack\n", output.getTrace());
+}
+
+
+@Test
+public void testNonContiguousHeaderWithUnknownFrame() throws Exception {
+// HTTP2 upgrade
+http2Connect();
+
+// Part 1
+byte[] frameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+buildSimpleRequestPart1(frameHeader, headersPayload, 3);
+writeFrame(frameHeader, headersPayload);
+
+os.write(UNKNOWN_FRAME);
+os.flush();
+
+// Read GOAWAY frame
+parser.readFrame(true);
+
+Assert.assertTrue(output.getTrace(), output.getTrace().startsWith(
+"0-Goaway-[1]-[" + Http2Error.COMPRESSION_ERROR.getCode() +
"]-["));
+}
+
+}
Propchange: tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java
--
svn:eol-style = native
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685992 - /tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java
Author: markt
Date: Wed Jun 17 11:03:16 2015
New Revision: 1685992
URL: http://svn.apache.org/r1685992
Log:
Correct logic error in handling of ping frames
Modified:
tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java
Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java?rev=1685992&r1=1685991&r2=1685992&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java Wed Jun 17
11:03:16 2015
@@ -281,12 +281,12 @@ class Http2Parser {
private void readPingFrame(int flags) throws IOException {
if (Flags.isAck(flags)) {
+output.pingAck();
+} else {
// Read the payload
byte[] payload = new byte[8];
input.fill(true, payload);
output.pingReceive(payload);
-} else {
-output.pingAck();
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in ASF Buildbot on tomcat-8-trunk
The Buildbot has detected a restored build on builder tomcat-8-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-8-trunk/builds/298 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' triggered this build Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1685937 Blamelist: kfujino Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: JASPIC Implementation pointers
On 17/06/2015 08:32, Fjodor Vershinin wrote: > Could you provide me your eclipse config files for this project? I think it > would be most convenient way to fix such kind issues. This is something that would have been covered during community bonding. http://svn.apache.org/viewvc/tomcat/trunk/res/ide-support/ > I added some Javadocs, however current implementation is not that stable, > so I'll continue commenting code when code will be more solid. Comments in the code are just as importantas the Javadoc. I'm not too bothered about ensuring every public method is fully documented with Javadoc. The important thing is that there are enough comments for someone to understand the code. >> All user messages, exception messages etc. should use i18n (StringManager). > Fixed. Only "not implemented" exceptions had left, but they will be > removed after some time, so I think it's not mandatory to translate them. Yes, that is fine. No need to use i18n for temporary code. Do make sure there is a TODO marker there so nothing gets missed. >> In JaspicAuthenticator.authenticate() request.getLocalName() is not the > way to get a unique name for the web application (assuming that is what is > required). > > Has been fixed. Now I get unique name in JASPIC 1.1 style. That is better but it is still not unique. It is rare but Tomcat instances can be configured with multiple services and those services may have host names and contexts paths duplicated between them. You really need to find a way to include the engine name as well. You can't use the address:port since there may be multiple connectors with different addresses and/or ports. I'd ignore the request and use the fact that Valves have a Container and that that Container will have a reference to its ancestors. The > All ThreadLocal logic has been replaced with creation of a new instance > every time. I'm not sure about performance, but for now it's more > convenient. I'm not sure about performance either. My general approach is to focus on functional correctness and worry about performance once I have something that is working. Tuning a working implementation is a lot easier than fixing a tuned but broken implementation. I do try to avoid any obvious performance pitfalls as I go along but the bulk of tuning will happen latter. Premature optimisation nearly always causes more problems than it solves. >> In JaspicCallbackHandler how is the PrincipalGroupCallback associated > with the authenticated Principal? > > What do you mean under authenticated Principal? Currently, I merge two > callback's info into tomcat GenericPrincipal, which contains user > principal, user name and roles. Then this GenericPrincipal can be used in > Tomcat's internals. I am not sure how to deal with already authenticated > Principal's, I need to do some research. What I mean is how is this linked in to the Realm (which is currently unused) since it is the Realm that creates the Pincipal. I am encouraged by the most recent round of patches. Progress is being made and I can see the direction development is heading in. I look forward to the next set of patches. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685968 - in /tomcat/trunk/test/org/apache/catalina/authenticator/jaspic: ./ sam/
Author: markt
Date: Wed Jun 17 09:17:49 2015
New Revision: 1685968
URL: http://svn.apache.org/r1685968
Log:
Review JASPIC unit tests
- Line spacing
- Renaming to avoid failures when running via the build script
Added:
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TesterAuthConfig.java
- copied, changed from r1685958,
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthConfig.java
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TesterAuthConfigProvider.java
- copied, changed from r1685958,
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthConfigProvider.java
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TesterAuthModule.java
- copied, changed from r1685958,
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthModule.java
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TesterServerAuthContext.java
- copied, changed from r1685958,
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestServerAuthContext.java
Removed:
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthConfig.java
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthConfigProvider.java
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthModule.java
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestServerAuthContext.java
Modified:
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicCallbackHandler.java
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestPrincipalGroupCallback.java
Modified:
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java?rev=1685968&r1=1685967&r2=1685968&view=diff
==
---
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java
(original)
+++
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java
Wed Jun 17 09:17:49 2015
@@ -29,7 +29,7 @@ import static org.junit.Assert.assertEqu
import org.junit.Test;
import org.apache.catalina.Context;
-import org.apache.catalina.authenticator.jaspic.sam.TestAuthConfigProvider;
+import org.apache.catalina.authenticator.jaspic.sam.TesterAuthConfigProvider;
import org.apache.catalina.startup.TesterServlet;
import org.apache.catalina.startup.Tomcat;
import org.apache.catalina.startup.TomcatBaseTest;
@@ -45,6 +45,7 @@ public class TestJaspicAuthenticator ext
private static final String ROLE = "group";
private Context context;
+
@Override
public void setUp() throws Exception {
super.setUp();
@@ -53,8 +54,8 @@ public class TestJaspicAuthenticator ext
this.context = tomcat.addContext(CONTEXT_PATH, null);
// Add protected servlet
-Tomcat.addServlet(context, "TesterServlet3", new TesterServlet());
-context.addServletMapping(URI_PROTECTED, "TesterServlet3");
+Tomcat.addServlet(context, "TesterServlet", new TesterServlet());
+context.addServletMapping(URI_PROTECTED, "TesterServlet");
SecurityCollection collection = new SecurityCollection();
collection.addPattern(URI_PROTECTED);
@@ -70,11 +71,12 @@ public class TestJaspicAuthenticator ext
context.getPipeline().addValve(new JaspicAuthenticator());
AuthConfigFactory factory = AuthConfigFactory.getFactory();
-factory.registerConfigProvider(new TestAuthConfigProvider(),
"HttpServlet", null,
+factory.registerConfigProvider(new TesterAuthConfigProvider(),
"HttpServlet", null,
"Description");
getTomcatInstance().start();
}
+
@Test
public void shouldAuthenticateUsingRegistredJaspicProvider() throws
Exception {
// given
@@ -89,6 +91,7 @@ public class TestJaspicAuthenticator ext
assertEquals("OK", byteChunk.toString());
}
+
@Test
public void shouldFailAuthenticationUsingRegistredJaspicProvider() throws
Exception {
// given
@@ -102,8 +105,8 @@ public class TestJaspicAuthenticator ext
assertEquals(HttpServletResponse.SC_FORBIDDEN, result);
}
+
private String getUrl() throws MalformedURLException {
return new URL("http", "localhost", getPort(),
CONTEXT_PATH).toString();
}
-
}
Modified:
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicCallbackHandler.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicCallbackHandler.java?rev=1685968&r1=1685967&r2=1685968&view=diff
=
svn commit: r1685958 - in /tomcat/trunk/test/org/apache/catalina/authenticator/jaspic: ./ sam/
Author: markt
Date: Wed Jun 17 09:04:26 2015
New Revision: 1685958
URL: http://svn.apache.org/r1685958
Log:
Add initial JASPIC unit tests
Patch by fjodorver
Added:
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java
(with props)
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicCallbackHandler.java
(with props)
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestPrincipalGroupCallback.java
(with props)
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthConfig.java
(with props)
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthConfigProvider.java
(with props)
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthModule.java
(with props)
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestServerAuthContext.java
(with props)
Added:
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java?rev=1685958&view=auto
==
---
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java
(added)
+++
tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java
Wed Jun 17 09:04:26 2015
@@ -0,0 +1,109 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.authenticator.jaspic;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.List;
+
+import javax.security.auth.message.config.AuthConfigFactory;
+import javax.servlet.http.HttpServletResponse;
+
+import static org.junit.Assert.assertEquals;
+
+import org.junit.Test;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.authenticator.jaspic.sam.TestAuthConfigProvider;
+import org.apache.catalina.startup.TesterServlet;
+import org.apache.catalina.startup.Tomcat;
+import org.apache.catalina.startup.TomcatBaseTest;
+import org.apache.tomcat.util.buf.ByteChunk;
+import org.apache.tomcat.util.descriptor.web.LoginConfig;
+import org.apache.tomcat.util.descriptor.web.SecurityCollection;
+import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
+
+public class TestJaspicAuthenticator extends TomcatBaseTest {
+
+private static String CONTEXT_PATH = "/foo";
+private static final String URI_PROTECTED = "/protected";
+private static final String ROLE = "group";
+private Context context;
+
+@Override
+public void setUp() throws Exception {
+super.setUp();
+
+Tomcat tomcat = getTomcatInstance();
+this.context = tomcat.addContext(CONTEXT_PATH, null);
+
+// Add protected servlet
+Tomcat.addServlet(context, "TesterServlet3", new TesterServlet());
+context.addServletMapping(URI_PROTECTED, "TesterServlet3");
+SecurityCollection collection = new SecurityCollection();
+collection.addPattern(URI_PROTECTED);
+
+SecurityConstraint constraint = new SecurityConstraint();
+constraint.addAuthRole(ROLE);
+constraint.addCollection(collection);
+context.addConstraint(constraint);
+
+// Configure the authenticator
+LoginConfig loginConfig = new LoginConfig();
+loginConfig.setAuthMethod("JASPIC-BASIC");
+context.setLoginConfig(loginConfig);
+context.getPipeline().addValve(new JaspicAuthenticator());
+
+AuthConfigFactory factory = AuthConfigFactory.getFactory();
+factory.registerConfigProvider(new TestAuthConfigProvider(),
"HttpServlet", null,
+"Description");
+getTomcatInstance().start();
+}
+
+@Test
+public void shouldAuthenticateUsingRegistredJaspicProvider() throws
Exception {
+// given
+String url = getUrl() + URI_PROTECTED + "?doLogin=true";
+ByteChunk byteChunk = new ByteChunk();
+
+//
svn commit: r1685954 - in /tomcat/trunk/java/org/apache/catalina/authenticator: LocalStrings.properties jaspic/JaspicAuthenticator.java jaspic/JaspicCallbackHandler.java jaspic/LocalStrings.properties
Author: markt
Date: Wed Jun 17 09:01:11 2015
New Revision: 1685954
URL: http://svn.apache.org/r1685954
Log:
Fix issues with previous patch to remove use of ThreadLocal
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/PrincipalGroupCallback.java
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties?rev=1685954&r1=1685953&r2=1685954&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
Wed Jun 17 09:01:11 2015
@@ -26,7 +26,6 @@ authenticator.noAuthHeader=No authorizat
authenticator.notContext=Configuration error: Must be attached to a Context
authenticator.requestBodyTooBig=The request body was too large to be cached
during the authentication process
authenticator.sessionExpired=The time allowed for the login process has been
exceeded. If you wish to continue you must either click back twice and re-click
the link you requested or close and re-open your browser
-authenticator.unauthorized=Cannot authenticate with the provided credentials
digestAuthenticator.cacheRemove=A valid entry has been removed from client
nonce cache to make room for new entries. A replay attack is now possible. To
prevent the possibility of replay attacks, reduce nonceValidity or increase
cnonceCacheSize. Further warnings of this type will be suppressed for 5 minutes.
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java?rev=1685954&r1=1685953&r2=1685954&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java
Wed Jun 17 09:01:11 2015
@@ -38,9 +38,7 @@ import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
/**
- * Security valve which implements JASPIC authentication
- * @author Fjodor Vershinin
- *
+ * Security valve which implements JASPIC authentication.
*/
public class JaspicAuthenticator extends AuthenticatorBase {
@@ -54,12 +52,14 @@ public class JaspicAuthenticator extends
@SuppressWarnings("rawtypes")
private Map authProperties = null;
+
@Override
protected synchronized void startInternal() throws LifecycleException {
super.startInternal();
serviceSubject = new Subject();
}
+
@Override
public boolean authenticate(Request request, HttpServletResponse response)
throws IOException {
MessageInfo messageInfo = new MessageInfoImpl(request, response, true);
@@ -98,31 +98,38 @@ public class JaspicAuthenticator extends
return false;
}
+
@Override
public void login(String userName, String password, Request request)
throws ServletException {
throw new IllegalStateException("not implemented yet!");
}
+
@Override
public void logout(Request request) {
throw new IllegalStateException("not implemented yet!");
}
+
private void handleUnauthorizedRequest(HttpServletResponse response,
AuthException e)
throws IOException {
-log.error(sm.getString("authenticator.unauthorized"), e);
-response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
-sm.getString("authenticator.unauthorized"));
+response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+if (log.isDebugEnabled()) {
+log.debug(sm.getString("authenticator.jaspic.unauthorized"), e);
+}
}
+
private String getAppContextId(Request request) {
return request.getServletContext().getVirtualServerName() + " " +
request.getContextPath();
}
+
private JaspicCallbackHandler getJaspicCallbackHandler() {
return new JaspicCallbackHandler(container.getRealm());
}
+
@Override
protected String getAuthMethod() {
return AUTH_TYPE;
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java?rev=1685954&r1=1685953&r2=1685954&view=diff
==
svn commit: r1685947 - in /tomcat/trunk/java/org/apache/catalina/authenticator/jaspic: JaspicAuthenticator.java JaspicCallbackHandler.java PrincipalGroupCallback.java
Author: markt
Date: Wed Jun 17 08:47:03 2015
New Revision: 1685947
URL: http://svn.apache.org/r1685947
Log:
Removed use of ThreadLocal. Added some Javadoc comments.
Patch provided by fjodorver.
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/PrincipalGroupCallback.java
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java?rev=1685947&r1=1685946&r2=1685947&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java
Wed Jun 17 08:47:03 2015
@@ -34,10 +34,14 @@ import javax.servlet.http.HttpServletRes
import org.apache.catalina.LifecycleException;
import org.apache.catalina.authenticator.AuthenticatorBase;
import org.apache.catalina.connector.Request;
-
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
+/**
+ * Security valve which implements JASPIC authentication
+ * @author Fjodor Vershinin
+ *
+ */
public class JaspicAuthenticator extends AuthenticatorBase {
private static final Log log =
LogFactory.getLog(JaspicAuthenticator.class);
@@ -45,35 +49,44 @@ public class JaspicAuthenticator extends
private static final String AUTH_TYPE = "JASPIC";
private static final String MESSAGE_LAYER = "HttpServlet";
-private JaspicCallbackHandler callbackHandler;
private Subject serviceSubject;
@SuppressWarnings("rawtypes")
private Map authProperties = null;
-
@Override
protected synchronized void startInternal() throws LifecycleException {
super.startInternal();
-callbackHandler = new JaspicCallbackHandler(container.getRealm());
serviceSubject = new Subject();
}
-
@Override
public boolean authenticate(Request request, HttpServletResponse response)
throws IOException {
MessageInfo messageInfo = new MessageInfoImpl(request, response, true);
+JaspicCallbackHandler callbackHandler = getJaspicCallbackHandler();
+
AuthConfigFactory factory = AuthConfigFactory.getFactory();
-String appContext = request.getLocalName() + " " +
request.getContextPath();
+String appContext = getAppContextId(request);
-AuthConfigProvider configProvider =
-factory.getConfigProvider(MESSAGE_LAYER, appContext, null);
-ServerAuthConfig authConfig = getAuthConfig(appContext,
configProvider);
-String authContextId = authConfig.getAuthContextID(messageInfo);
-
-ServerAuthContext authContext = null;
-authContext = getAuthContext(authConfig, authContextId,
authProperties, authContext);
-AuthStatus authStatus = validateRequest(messageInfo, authContext);
+AuthConfigProvider configProvider =
factory.getConfigProvider(MESSAGE_LAYER, appContext,
+null);
+if (configProvider == null) {
+handleUnauthorizedRequest(response, null);
+return false;
+}
+
+AuthStatus authStatus;
+try {
+ServerAuthConfig authConfig =
configProvider.getServerAuthConfig(MESSAGE_LAYER,
+appContext, callbackHandler);
+String messageAuthContextId =
authConfig.getAuthContextID(messageInfo);
+ServerAuthContext authContext =
authConfig.getAuthContext(messageAuthContextId,
+serviceSubject, authProperties);
+authStatus = authContext.validateRequest(messageInfo, new
Subject(), serviceSubject);
+} catch (AuthException e) {
+handleUnauthorizedRequest(response, e);
+return false;
+}
if (authStatus == AuthStatus.SUCCESS) {
Principal principal = callbackHandler.getPrincipal();
@@ -82,52 +95,33 @@ public class JaspicAuthenticator extends
}
return true;
}
-
return false;
}
-
-private AuthStatus validateRequest(MessageInfo messageInfo,
ServerAuthContext authContext) {
-Subject clientSubject = new Subject();
-try {
-return authContext.validateRequest(messageInfo, clientSubject,
serviceSubject);
-} catch (AuthException e) {
-throw new IllegalStateException(e);
-}
-}
-
-
-@SuppressWarnings("rawtypes")
-private ServerAuthContext getAuthContext(ServerAuthConfig authConfig,
String authContextId,
-Map authProperties, ServerAuthContext authContext) {
-try {
-return authConfig.getAuthContext(authContextId, servi
svn commit: r1685946 - in /tomcat/trunk/java/org/apache/catalina/authenticator: LocalStrings.properties jaspic/JaspicCallbackHandler.java jaspic/LocalStrings.properties
Author: markt
Date: Wed Jun 17 08:42:56 2015
New Revision: 1685946
URL: http://svn.apache.org/r1685946
Log:
Fix issues with previous patch to use an i18n error message
Added:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties
(with props)
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties?rev=1685946&r1=1685945&r2=1685946&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
Wed Jun 17 08:42:56 2015
@@ -27,7 +27,6 @@ authenticator.notContext=Configuration e
authenticator.requestBodyTooBig=The request body was too large to be cached
during the authentication process
authenticator.sessionExpired=The time allowed for the login process has been
exceeded. If you wish to continue you must either click back twice and re-click
the link you requested or close and re-open your browser
authenticator.unauthorized=Cannot authenticate with the provided credentials
-authenticator.jaspic.unknownCallback=Unknown JASPIC callback: {0}
digestAuthenticator.cacheRemove=A valid entry has been removed from client
nonce cache to make room for new entries. A replay attack is now possible. To
prevent the possibility of replay attacks, reduce nonceValidity or increase
cnonceCacheSize. Further warnings of this type will be suppressed for 5 minutes.
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java?rev=1685946&r1=1685945&r2=1685946&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
Wed Jun 17 08:42:56 2015
@@ -63,7 +63,8 @@ public class JaspicCallbackHandler imple
} else if (callback instanceof PasswordValidationCallback) {
handlePasswordValidationCallback((PasswordValidationCallback)
callback);
} else {
-throw new
IllegalStateException(sm.getString("authenticator.jaspic.unknownCallback",
callback.getClass()));
+throw new IllegalStateException(
+sm.getString("authenticator.jaspic.unknownCallback",
callback.getClass()));
}
}
Added:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties?rev=1685946&view=auto
==
---
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties
(added)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties
Wed Jun 17 08:42:56 2015
@@ -0,0 +1,16 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+authenticator.jaspic.unknownCallback=Unknown JASPIC callback: [{0}]
Propchange:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties
--
svn:eol-style = native
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685943 - in /tomcat/trunk/java/org/apache/catalina/authenticator: LocalStrings.properties jaspic/JaspicCallbackHandler.java
Author: markt
Date: Wed Jun 17 08:37:52 2015
New Revision: 1685943
URL: http://svn.apache.org/r1685943
Log:
Use i18n for error message
Patch provided by fjodorver
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties?rev=1685943&r1=1685942&r2=1685943&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
Wed Jun 17 08:37:52 2015
@@ -27,6 +27,7 @@ authenticator.notContext=Configuration e
authenticator.requestBodyTooBig=The request body was too large to be cached
during the authentication process
authenticator.sessionExpired=The time allowed for the login process has been
exceeded. If you wish to continue you must either click back twice and re-click
the link you requested or close and re-open your browser
authenticator.unauthorized=Cannot authenticate with the provided credentials
+authenticator.jaspic.unknownCallback=Unknown JASPIC callback: {0}
digestAuthenticator.cacheRemove=A valid entry has been removed from client
nonce cache to make room for new entries. A replay attack is now possible. To
prevent the possibility of replay attacks, reduce nonceValidity or increase
cnonceCacheSize. Further warnings of this type will be suppressed for 5 minutes.
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java?rev=1685943&r1=1685942&r2=1685943&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java
Wed Jun 17 08:37:52 2015
@@ -30,8 +30,10 @@ import javax.security.auth.message.callb
import org.apache.catalina.Realm;
import org.apache.catalina.realm.GenericPrincipal;
+import org.apache.tomcat.util.res.StringManager;
public class JaspicCallbackHandler implements CallbackHandler {
+protected static final StringManager sm =
StringManager.getManager(JaspicCallbackHandler.class);
private Realm realm;
@@ -61,7 +63,7 @@ public class JaspicCallbackHandler imple
} else if (callback instanceof PasswordValidationCallback) {
handlePasswordValidationCallback((PasswordValidationCallback)
callback);
} else {
-throw new IllegalStateException("Unknown callback!");
+throw new
IllegalStateException(sm.getString("authenticator.jaspic.unknownCallback",
callback.getClass()));
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685941 - /tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
Author: markt
Date: Wed Jun 17 08:37:10 2015
New Revision: 1685941
URL: http://svn.apache.org/r1685941
Log:
Whitespace police
Modified:
tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
Modified: tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java?rev=1685941&r1=1685940&r2=1685941&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java Wed
Jun 17 08:37:10 2015
@@ -136,7 +136,6 @@ public class ReplicatedMap extends
if (backup == null || backup.length == 0) return null;
try {
-
//publish the data out to all nodes
MapMessage msg = new MapMessage(getMapContextName(),
MapMessage.MSG_COPY, false,
(Serializable) key, (Serializable) value,
null,channel.getLocalMember(false), backup);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685938 - in /tomcat/tc7.0.x/trunk: java/org/apache/catalina/tribes/tipis/ReplicatedMap.java webapps/docs/changelog.xml
Author: kfujino
Date: Wed Jun 17 08:30:46 2015
New Revision: 1685938
URL: http://svn.apache.org/r1685938
Log:
When failed to replication, rather than all member is handled as a failed
member, exclude the failure members from backup members.
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java?rev=1685938&r1=1685937&r2=1685938&view=diff
==
---
tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
(original)
+++
tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
Wed Jun 17 08:30:46 2015
@@ -17,12 +17,16 @@
package org.apache.catalina.tribes.tipis;
import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Iterator;
import java.util.Map;
import org.apache.catalina.tribes.Channel;
import org.apache.catalina.tribes.ChannelException;
+import org.apache.catalina.tribes.ChannelException.FaultyMember;
import org.apache.catalina.tribes.Member;
+import org.apache.catalina.tribes.RemoteProcessException;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -132,12 +136,36 @@ public class ReplicatedMap extends
if (backup == null || backup.length == 0) return null;
-//publish the data out to all nodes
-MapMessage msg = new MapMessage(getMapContextName(),
MapMessage.MSG_COPY, false,
-(Serializable) key, (Serializable)
value, null,channel.getLocalMember(false), backup);
-
-getChannel().send(getMapMembers(), msg, getChannelSendOptions());
-
+try {
+
+//publish the data out to all nodes
+MapMessage msg = new MapMessage(getMapContextName(),
MapMessage.MSG_COPY, false,
+(Serializable) key, (Serializable) value,
null,channel.getLocalMember(false), backup);
+
+getChannel().send(getMapMembers(), msg, getChannelSendOptions());
+} catch (ChannelException e) {
+FaultyMember[] faultyMembers = e.getFaultyMembers();
+if (faultyMembers.length == 0) throw e;
+ArrayList faulty = new ArrayList();
+for (FaultyMember faultyMember : faultyMembers) {
+if (!(faultyMember.getCause() instanceof
RemoteProcessException)) {
+faulty.add(faultyMember.getMember());
+}
+}
+Member[] realFaultyMembers = faulty.toArray(new
Member[faulty.size()]);
+if (realFaultyMembers.length != 0) {
+backup = excludeFromSet(realFaultyMembers, backup);
+if (backup.length == 0) {
+throw e;
+} else {
+if (log.isWarnEnabled()) {
+log.warn("Unable to replicate backup key:" + key
++ ". Success nodes:" + Arrays.toString(backup)
++ ". Failed nodes:" +
Arrays.toString(realFaultyMembers), e);
+}
+}
+}
+}
return backup;
}
Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1685938&r1=1685937&r2=1685938&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Wed Jun 17 08:30:46 2015
@@ -189,6 +189,11 @@
Ensure that the nodes that the data has been successfully replicated
are
set to the backup node. (kfujino)
+
+When failed to replication, rather than all member is handled as a
+failed member, exclude the failure members from backup members.
+(kfujino)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685937 - in /tomcat/tc8.0.x/trunk: java/org/apache/catalina/tribes/tipis/LocalStrings.properties java/org/apache/catalina/tribes/tipis/ReplicatedMap.java webapps/docs/changelog.xml
Author: kfujino
Date: Wed Jun 17 08:27:05 2015
New Revision: 1685937
URL: http://svn.apache.org/r1685937
Log:
When failed to replication, rather than all member is handled as a failed
member, exclude the failure members from backup members.
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties?rev=1685937&r1=1685936&r2=1685937&view=diff
==
---
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties
(original)
+++
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties
Wed Jun 17 08:27:05 2015
@@ -40,4 +40,5 @@ lazyReplicatedMap.unableReplicate.backup
lazyReplicatedMap.unableReplicate.proxy=Unable to replicate proxy key:{0} to
backup:{1}. Reason:{2}
replicatedMap.member.disappeared=Member[{0}] disappeared. Related map entries
will be relocated to the new node.
replicatedMap.unable.relocate=Unable to relocate[{0}] to a new backup node
-replicatedMap.relocate.complete=Relocation of map entries was complete in {0}
ms.
\ No newline at end of file
+replicatedMap.relocate.complete=Relocation of map entries was complete in {0}
ms.
+replicatedMap.unableReplicate.completely=Unable to replicate backup key:{0}.
Success nodes:{1}. Failed nodes:{2}.
\ No newline at end of file
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java?rev=1685937&r1=1685936&r2=1685937&view=diff
==
---
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
(original)
+++
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
Wed Jun 17 08:27:05 2015
@@ -17,12 +17,16 @@
package org.apache.catalina.tribes.tipis;
import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Iterator;
import java.util.Map;
import org.apache.catalina.tribes.Channel;
import org.apache.catalina.tribes.ChannelException;
+import org.apache.catalina.tribes.ChannelException.FaultyMember;
import org.apache.catalina.tribes.Member;
+import org.apache.catalina.tribes.RemoteProcessException;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -131,12 +135,35 @@ public class ReplicatedMap extends
if (backup == null || backup.length == 0) return null;
-//publish the data out to all nodes
-MapMessage msg = new MapMessage(getMapContextName(),
MapMessage.MSG_COPY, false,
-(Serializable) key, (Serializable)
value, null,channel.getLocalMember(false), backup);
-
-getChannel().send(getMapMembers(), msg, getChannelSendOptions());
-
+try {
+
+//publish the data out to all nodes
+MapMessage msg = new MapMessage(getMapContextName(),
MapMessage.MSG_COPY, false,
+(Serializable) key, (Serializable) value,
null,channel.getLocalMember(false), backup);
+
+getChannel().send(getMapMembers(), msg, getChannelSendOptions());
+} catch (ChannelException e) {
+FaultyMember[] faultyMembers = e.getFaultyMembers();
+if (faultyMembers.length == 0) throw e;
+ArrayList faulty = new ArrayList<>();
+for (FaultyMember faultyMember : faultyMembers) {
+if (!(faultyMember.getCause() instanceof
RemoteProcessException)) {
+faulty.add(faultyMember.getMember());
+}
+}
+Member[] realFaultyMembers = faulty.toArray(new
Member[faulty.size()]);
+if (realFaultyMembers.length != 0) {
+backup = excludeFromSet(realFaultyMembers, backup);
+if (backup.length == 0) {
+throw e;
+} else {
+if (log.isWarnEnabled()) {
+
log.warn(sm.getString("replicatedMap.unableReplicate.completely", key,
+Arrays.toString(backup),
Arrays.toString(realFaultyMembers)), e);
+}
+}
+}
+}
return backup;
}
Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1685937&r1=1685936&r2=1685937&view=diff
==
svn commit: r1685936 - in /tomcat/trunk/java/org/apache/catalina/tribes/tipis: LocalStrings.properties ReplicatedMap.java
Author: kfujino
Date: Wed Jun 17 08:23:06 2015
New Revision: 1685936
URL: http://svn.apache.org/r1685936
Log:
Add warning log.
Modified:
tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties
tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
Modified:
tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties?rev=1685936&r1=1685935&r2=1685936&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties
Wed Jun 17 08:23:06 2015
@@ -40,4 +40,5 @@ lazyReplicatedMap.unableReplicate.backup
lazyReplicatedMap.unableReplicate.proxy=Unable to replicate proxy key:{0} to
backup:{1}. Reason:{2}
replicatedMap.member.disappeared=Member[{0}] disappeared. Related map entries
will be relocated to the new node.
replicatedMap.unable.relocate=Unable to relocate[{0}] to a new backup node
-replicatedMap.relocate.complete=Relocation of map entries was complete in {0}
ms.
\ No newline at end of file
+replicatedMap.relocate.complete=Relocation of map entries was complete in {0}
ms.
+replicatedMap.unableReplicate.completely=Unable to replicate backup key:{0}.
Success nodes:{1}. Failed nodes:{2}.
\ No newline at end of file
Modified: tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java?rev=1685936&r1=1685935&r2=1685936&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java Wed
Jun 17 08:23:06 2015
@@ -18,6 +18,7 @@ package org.apache.catalina.tribes.tipis
import java.io.Serializable;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Iterator;
import java.util.Map;
@@ -153,7 +154,14 @@ public class ReplicatedMap extends
Member[] realFaultyMembers = faulty.toArray(new
Member[faulty.size()]);
if (realFaultyMembers.length != 0) {
backup = excludeFromSet(realFaultyMembers, backup);
-if (backup.length == 0) throw e;
+if (backup.length == 0) {
+throw e;
+} else {
+if (log.isWarnEnabled()) {
+
log.warn(sm.getString("replicatedMap.unableReplicate.completely", key,
+Arrays.toString(backup),
Arrays.toString(realFaultyMembers)), e);
+}
+}
}
}
return backup;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685935 - /tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
Author: kfujino
Date: Wed Jun 17 08:12:35 2015
New Revision: 1685935
URL: http://svn.apache.org/r1685935
Log:
When failed to replication, rather than all member is handled as a failed
member, exclude the failure members from backup members.
Modified:
tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
Modified: tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java?rev=1685935&r1=1685934&r2=1685935&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java Wed
Jun 17 08:12:35 2015
@@ -17,12 +17,15 @@
package org.apache.catalina.tribes.tipis;
import java.io.Serializable;
+import java.util.ArrayList;
import java.util.Iterator;
import java.util.Map;
import org.apache.catalina.tribes.Channel;
import org.apache.catalina.tribes.ChannelException;
+import org.apache.catalina.tribes.ChannelException.FaultyMember;
import org.apache.catalina.tribes.Member;
+import org.apache.catalina.tribes.RemoteProcessException;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -131,12 +134,28 @@ public class ReplicatedMap extends
if (backup == null || backup.length == 0) return null;
-//publish the data out to all nodes
-MapMessage msg = new MapMessage(getMapContextName(),
MapMessage.MSG_COPY, false,
-(Serializable) key, (Serializable)
value, null,channel.getLocalMember(false), backup);
-
-getChannel().send(getMapMembers(), msg, getChannelSendOptions());
-
+try {
+
+//publish the data out to all nodes
+MapMessage msg = new MapMessage(getMapContextName(),
MapMessage.MSG_COPY, false,
+(Serializable) key, (Serializable) value,
null,channel.getLocalMember(false), backup);
+
+getChannel().send(getMapMembers(), msg, getChannelSendOptions());
+} catch (ChannelException e) {
+FaultyMember[] faultyMembers = e.getFaultyMembers();
+if (faultyMembers.length == 0) throw e;
+ArrayList faulty = new ArrayList<>();
+for (FaultyMember faultyMember : faultyMembers) {
+if (!(faultyMember.getCause() instanceof
RemoteProcessException)) {
+faulty.add(faultyMember.getMember());
+}
+}
+Member[] realFaultyMembers = faulty.toArray(new
Member[faulty.size()]);
+if (realFaultyMembers.length != 0) {
+backup = excludeFromSet(realFaultyMembers, backup);
+if (backup.length == 0) throw e;
+}
+}
return backup;
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: JASPIC Implementation pointers
Hi, Mark! I'd updated my jaspic-implementation branch, where I have updated version. Thank you for your comments, almost all of this issues has been fixed. > The patch triggered a number of basic IDE warnings that should have been already fixed (use of <> and@Override) Could you provide me your eclipse config files for this project? I think it would be most convenient way to fix such kind issues. > The code is completely uncommented. While I can guess at what most of the code is meant to be doing there needs to be some comments to explain what is going on and why. Where appropriate, reference the JASPIC 1.1 spec. I added some Javadocs, however current implementation is not that stable, so I'll continue commenting code when code will be more solid. >All user messages, exception messages etc. should use i18n (StringManager). Fixed. Only "not implemented" exceptions had left, but they will be removed after some time, so I think it's not mandatory to translate them. >There are no unit tests (note most Tomcat unit tests are more like integration tests) I've prepared a couple unit tests and one integration test. >In JaspicAuthenticator.authenticate() request.getLocalName() is not the way to get a unique name for the web application (assuming that is what is required). Has been fixed. Now I get unique name in JASPIC 1.1 style. >In JaspicAuthenticator.getAuthConfig() is a single, shared call back handler the correct model? Would per request/response call back handler instances remove the need for ThreadLocals? >The use of a ThreadLocal JaspicCallbackHandler needs to be justified. Is a ThreadLocal really the only solution? If so there needs to be a very clear comment explaining why. Also, the ThreadLocal must be cleared as soon as it is no longer required. > Will JaspicCallbackHandler.handle(Callback[]) only be called once per authentication? If not, the ThreadLocal is overwritten. All ThreadLocal logic has been replaced with creation of a new instance every time. I'm not sure about performance, but for now it's more convenient. > In JaspicCallbackHandler how is the PrincipalGroupCallback associated with the authenticated Principal? What do you mean under authenticated Principal? Currently, I merge two callback's info into tomcat GenericPrincipal, which contains user principal, user name and roles. Then this GenericPrincipal can be used in Tomcat's internals. I am not sure how to deal with already authenticated Principal's, I need to do some research. >The use of instanceof in PrincipalGroupCallback.addCallback doesn't look right. Why not use separate methods? Fixed. >PrincipalGroupCallback.getPrincipal() has an empty if block. Fixed. -- Thanks, Fjodor
