cvs commit: jakarta-tomcat-catalina/webapps/docs/config valve.xml
markt 2005/01/07 02:06:38 Modified:catalina/src/share/org/apache/catalina/authenticator FormAuthenticator.java catalina/src/share/org/apache/catalina/realm RealmBase.java webapps/docs changelog.xml realm-howto.xml webapps/docs/config valve.xml Log: Fix bug 31198. Support non-ASCII user names and passwords in FORM and DIGEST authentication. - Ported from TC4. Revision ChangesPath 1.15 +27 -1 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/FormAuthenticator.java Index: FormAuthenticator.java === RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/FormAuthenticator.java,v retrieving revision 1.14 retrieving revision 1.15 diff -u -r1.14 -r1.15 --- FormAuthenticator.java27 Aug 2004 23:56:11 - 1.14 +++ FormAuthenticator.java7 Jan 2005 10:06:38 - 1.15 @@ -65,6 +65,13 @@ protected static final String info = "org.apache.catalina.authenticator.FormAuthenticator/1.0"; +/** + * Character encoding to use to read the username and password parameters + * from the request. If not set, the encoding of the request body will be + * used. + */ +protected String characterEncoding = null; + // - Properties @@ -79,6 +86,22 @@ } +/** + * Return the character encoding to use to read the username and password. + */ +public String getCharacterEncoding() { +return characterEncoding; +} + + +/** + * Set the character encoding to be used to read the username and password. + */ +public void setCharacterEncoding(String encoding) { +characterEncoding = encoding; +} + + // - Public Methods @@ -223,6 +246,9 @@ // Yes -- Validate the specified credentials and redirect // to the error page if they are not correct Realm realm = context.getRealm(); +if (characterEncoding != null) { +request.setCharacterEncoding(characterEncoding); +} String username = request.getParameter(Constants.FORM_USERNAME); String password = request.getParameter(Constants.FORM_PASSWORD); if (log.isDebugEnabled()) 1.45 +21 -7 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java Index: RealmBase.java === RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java,v retrieving revision 1.44 retrieving revision 1.45 diff -u -r1.44 -r1.45 --- RealmBase.java9 Dec 2004 13:56:35 - 1.44 +++ RealmBase.java7 Jan 2005 10:06:38 - 1.45 @@ -1135,8 +1135,10 @@ * @param credentials Password or other credentials to use in * authenticating this username * @param algorithm Algorithm used to do the digest + * @param encoding Character encoding of the string to digest */ -public final static String Digest(String credentials, String algorithm) { +public final static String Digest(String credentials, String algorithm, + String encoding) { try { // Obtain a new message digest with "digest" encryption @@ -1145,7 +1147,11 @@ // encode the credentials // Should use the digestEncoding, but that's not a static field -md.update(credentials.getBytes()); +if (encoding == null) { +md.update(credentials.getBytes()); +} else { +md.update(credentials.getBytes(encoding)); +} // Digest the credentials and return as hexadecimal return (HexUtils.convert(md.digest())); @@ -1164,14 +1170,22 @@ */ public static void main(String args[]) { -if(args.length > 2 && args[0].equalsIgnoreCase("-a")) { -for(int i=2; i < args.length ; i++){ +String encoding = null; +int firstCredentialArg = 2; + +if (args.length > 4 && args[2].equalsIgnoreCase("-e")) { +encoding = args[3]; +firstCredentialArg = 4; +} + +if(args.length > firstCredentialArg && args[0].equalsIgnoreCase("-a")) { +for(int i=firstCredentialArg; i < args.length ; i++){ System.out.print(args[i]+":"); -System.out.println(Digest(args[i], args[1])); +Sy
cvs commit: jakarta-tomcat-catalina/webapps/docs/config valve.xml
markt 2004/04/15 14:35:15 Modified:webapps/docs/config valve.xml Log: - Fix bug 19521. Add warning to RequestDumperValve docs to make users aware of possible side effects. - Ported from TC4. Revision ChangesPath 1.8 +6 -0 jakarta-tomcat-catalina/webapps/docs/config/valve.xml Index: valve.xml === RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/config/valve.xml,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- valve.xml 6 Mar 2004 10:58:39 - 1.7 +++ valve.xml 15 Apr 2004 21:35:15 - 1.8 @@ -308,6 +308,12 @@ or Context to be logged to the Logger that corresponds to that container. +WARNING: Using this valve has side-effects. The +output from this valve includes any parameters included with the request. +The parameters will be decoded using the default platform encoding. Any +subsequent calls to request.setCharacterEncoding() within +the web application will have no effect. + - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/webapps/docs/config valve.xml
markt 2004/03/06 02:58:39 Modified:webapps/docs/config valve.xml Log: Fix bug 16507. Update valve docs to provide pointer to the Jakarta Regexp docs. - Reported by Paul Ramirez. - Ported from TC4. Revision ChangesPath 1.7 +12 -0 jakarta-tomcat-catalina/webapps/docs/config/valve.xml Index: valve.xml === RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/config/valve.xml,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- valve.xml 16 Dec 2003 07:22:14 - 1.6 +++ valve.xml 6 Mar 2004 10:58:39 - 1.7 @@ -195,6 +195,12 @@ Context), and must accept any request presented to this container for processing before it will be passed on. +The syntax for regular expressions is different than that for +'standard' wildcard matching. Tomcat uses the +http://jakarta.apache.org/regexp/";>Jakarta Regexp library. +Please consult the Regexp documentation for details of the expressions +supported. + @@ -245,6 +251,12 @@ (Engine, Host, or Context), and must accept any request presented to this container for processing before it will be passed on. + +The syntax for regular expressions is different than that for +'standard' wildcard matching. Tomcat uses the +http://jakarta.apache.org/regexp/";>Jakarta Regexp library. +Please consult the Regexp documentation for details of the expressions +supported. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/webapps/docs/config valve.xml
billbarker2003/12/15 23:22:14 Modified:webapps/docs/config valve.xml Log: Updating SSO docs. Fix for Bug #2 Submitted by: Brian Stansberry [EMAIL PROTECTED] Revision ChangesPath 1.6 +11 -0 jakarta-tomcat-catalina/webapps/docs/config/valve.xml Index: valve.xml === RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/config/valve.xml,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- valve.xml 4 Nov 2003 17:58:46 - 1.5 +++ valve.xml 16 Dec 2003 07:22:14 - 1.6 @@ -350,6 +350,17 @@ Detail level of debugging messages created by this component. By default, this is set to zero (0), which means no debug output. + + +Default false. Flag to determine whether each request needs to be +reauthenticated to the security Realm. If "true", this +Valve uses cached security credentials (username and password) to +reauthenticate to the Realm each request associated +with an SSO session. If "false", the Valve can itself authenticate +requests based on the presence of a valid SSO cookie, without +rechecking with the Realm. + + - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/webapps/docs/config valve.xml
yoavs 2003/11/04 09:58:46 Modified:webapps/docs/config valve.xml Log: Fixed typo in "component." Revision ChangesPath 1.5 +1 -1 jakarta-tomcat-catalina/webapps/docs/config/valve.xml Index: valve.xml === RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/config/valve.xml,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- valve.xml 24 Jul 2003 12:52:55 - 1.4 +++ valve.xml 4 Nov 2003 17:58:46 - 1.5 @@ -16,7 +16,7 @@ - A Valve element represents a comonent that will be + A Valve element represents a component that will be inserted into the request processing pipeline for the associated Catalina container (Engine, Host, or Context). - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/webapps/docs/config valve.xml
funkman 2003/07/24 05:52:55 Modified:webapps/docs/config valve.xml Log: Update for AccessLogValve Revision ChangesPath 1.4 +41 -0 jakarta-tomcat-catalina/webapps/docs/config/valve.xml Index: valve.xml === RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/config/valve.xml,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- valve.xml 15 Jan 2003 03:40:44 - 1.3 +++ valve.xml 24 Jul 2003 12:52:55 - 1.4 @@ -99,6 +99,32 @@ use a zero-length string. + +Deafult true. Flag to determine if log rotation should occur. + If set to false, then this file is never rotated and + fileDateFormat is ignored. Use with caution! + + + + +Turns on conditional logging. If set, requests will be + logged only if ServletRequest.getAttribute() is + null. For example, if this value is set to + junk, then a particular request will only be logged + if ServletRequest.getAttribute("junk") == null. + The use of Filters is an easy way to set/unset the attribute + in the ServletRequest on many different requests. + + + + +Allows a customized date format in the access log file name. + The date format also decides how often the file is rotated. + If you wish to rotate every hour, then set this value + to: -MM-dd.HH + + + Values for the pattern attribute are made up of literal @@ -126,7 +152,22 @@ %u - Remote user that was authenticated (if any), else '-' %U - Requested URL path %v - Local server name +%D - Time taken to process the request, in millis +%T - Time taken to process the request, in seconds + + +There is also support to write information from the cookie, incoming +header, the Session or something else in the ServletRequest. +It is modeled after the apache syntax: + +%{xxx}i for incoming headers +%{xxx}c for a specific cookie +%{xxx}r xxx is an attribute in the ServletRequest +%{xxx}s xxx is an attribute in the HttpSession + + + The shorthand pattern name common (which is also the default) corresponds to %h %l %u %t "%r" %s %b". - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]