Author: violetagg Date: Fri Aug 16 05:58:50 2013 New Revision: 1514589 URL: http://svn.apache.org/r1514589 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55354 Merged revision 1514470 from tomcat/trunk: Restore the context environment parameters after associating the Principle with the given user. Based on patch provided by Richard Begg.
Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ ------------------------------------------------------------------------------ Merged /tomcat/trunk:r1514470 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java?rev=1514589&r1=1514588&r2=1514589&view=diff ============================================================================== --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java Fri Aug 16 05:58:50 2013 @@ -2070,9 +2070,12 @@ public class JNDIRealm extends RealmBase User user = null; List<String> roles = null; + Hashtable<?, ?> preservedEnvironment = null; try { if (gssCredential != null && isUseDelegatedCredential()) { + // Preserve the current context environment parameters + preservedEnvironment = context.getEnvironment(); // Set up context context.addToEnvironment( Context.SECURITY_AUTHENTICATION, "GSSAPI"); @@ -2088,24 +2091,12 @@ public class JNDIRealm extends RealmBase roles = getRoles(context, user); } } finally { - try { - context.removeFromEnvironment( - Context.SECURITY_AUTHENTICATION); - } catch (NamingException e) { - // Ignore - } - try { - context.removeFromEnvironment( - "javax.security.sasl.server.authentication"); - } catch (NamingException e) { - // Ignore - } - try { - context.removeFromEnvironment( - "javax.security.sasl.qop"); - } catch (NamingException e) { - // Ignore - } + restoreEnvironmentParameter(context, + Context.SECURITY_AUTHENTICATION, preservedEnvironment); + restoreEnvironmentParameter(context, + "javax.security.sasl.server.authentication", preservedEnvironment); + restoreEnvironmentParameter(context, "javax.security.sasl.qop", + preservedEnvironment); } if (user != null) { @@ -2116,6 +2107,19 @@ public class JNDIRealm extends RealmBase return null; } + private void restoreEnvironmentParameter(DirContext context, + String parameterName, Hashtable<?, ?> preservedEnvironment) { + try { + context.removeFromEnvironment(parameterName); + if (preservedEnvironment != null && preservedEnvironment.containsKey(parameterName)) { + context.addToEnvironment(parameterName, + preservedEnvironment.get(parameterName)); + } + } catch (NamingException e) { + // Ignore + } + } + /** * Open (if necessary) and return a connection to the configured * directory server for this Realm. Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1514589&r1=1514588&r2=1514589&view=diff ============================================================================== --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Fri Aug 16 05:58:50 2013 @@ -108,6 +108,11 @@ ServletContext. (markt) </fix> <fix> + <bug>55354</bug>: Ensure that the naming context environment parameters + are restored after associating the Principle with the user name. Based + on patch provided by Richard Begg. (violetagg) + </fix> + <fix> <bug>55357</bug>: Ensure the web application class loader is set as a thread context class loader during session deserialization. (violetagg) </fix> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org