cvs commit: jakarta-tomcat-catalina/webapps/docs/config valve.xml
markt 2005/01/07 02:06:38
Modified:catalina/src/share/org/apache/catalina/authenticator
FormAuthenticator.java
catalina/src/share/org/apache/catalina/realm RealmBase.java
webapps/docs changelog.xml realm-howto.xml
webapps/docs/config valve.xml
Log:
Fix bug 31198. Support non-ASCII user names and passwords in FORM and
DIGEST authentication.
- Ported from TC4.
Revision ChangesPath
1.15 +27 -1
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/FormAuthenticator.java
Index: FormAuthenticator.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/FormAuthenticator.java,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- FormAuthenticator.java27 Aug 2004 23:56:11 - 1.14
+++ FormAuthenticator.java7 Jan 2005 10:06:38 - 1.15
@@ -65,6 +65,13 @@
protected static final String info =
"org.apache.catalina.authenticator.FormAuthenticator/1.0";
+/**
+ * Character encoding to use to read the username and password parameters
+ * from the request. If not set, the encoding of the request body will be
+ * used.
+ */
+protected String characterEncoding = null;
+
// -
Properties
@@ -79,6 +86,22 @@
}
+/**
+ * Return the character encoding to use to read the username and
password.
+ */
+public String getCharacterEncoding() {
+return characterEncoding;
+}
+
+
+/**
+ * Set the character encoding to be used to read the username and
password.
+ */
+public void setCharacterEncoding(String encoding) {
+characterEncoding = encoding;
+}
+
+
// - Public
Methods
@@ -223,6 +246,9 @@
// Yes -- Validate the specified credentials and redirect
// to the error page if they are not correct
Realm realm = context.getRealm();
+if (characterEncoding != null) {
+request.setCharacterEncoding(characterEncoding);
+}
String username = request.getParameter(Constants.FORM_USERNAME);
String password = request.getParameter(Constants.FORM_PASSWORD);
if (log.isDebugEnabled())
1.45 +21 -7
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java
Index: RealmBase.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- RealmBase.java9 Dec 2004 13:56:35 - 1.44
+++ RealmBase.java7 Jan 2005 10:06:38 - 1.45
@@ -1135,8 +1135,10 @@
* @param credentials Password or other credentials to use in
* authenticating this username
* @param algorithm Algorithm used to do the digest
+ * @param encoding Character encoding of the string to digest
*/
-public final static String Digest(String credentials, String algorithm) {
+public final static String Digest(String credentials, String algorithm,
+ String encoding) {
try {
// Obtain a new message digest with "digest" encryption
@@ -1145,7 +1147,11 @@
// encode the credentials
// Should use the digestEncoding, but that's not a static field
-md.update(credentials.getBytes());
+if (encoding == null) {
+md.update(credentials.getBytes());
+} else {
+md.update(credentials.getBytes(encoding));
+}
// Digest the credentials and return as hexadecimal
return (HexUtils.convert(md.digest()));
@@ -1164,14 +1170,22 @@
*/
public static void main(String args[]) {
-if(args.length > 2 && args[0].equalsIgnoreCase("-a")) {
-for(int i=2; i < args.length ; i++){
+String encoding = null;
+int firstCredentialArg = 2;
+
+if (args.length > 4 && args[2].equalsIgnoreCase("-e")) {
+encoding = args[3];
+firstCredentialArg = 4;
+}
+
+if(args.length > firstCredentialArg &&
args[0].equalsIgnoreCase("-a")) {
+for(int i=firstCredentialArg; i < args.length ; i++){
System.out.print(args[i]+":");
-System.out.println(Digest(args[i], args[1]));
+Sy
cvs commit: jakarta-tomcat-catalina/webapps/docs/config valve.xml
markt 2004/04/15 14:35:15 Modified:webapps/docs/config valve.xml Log: - Fix bug 19521. Add warning to RequestDumperValve docs to make users aware of possible side effects. - Ported from TC4. Revision ChangesPath 1.8 +6 -0 jakarta-tomcat-catalina/webapps/docs/config/valve.xml Index: valve.xml === RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/config/valve.xml,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- valve.xml 6 Mar 2004 10:58:39 - 1.7 +++ valve.xml 15 Apr 2004 21:35:15 - 1.8 @@ -308,6 +308,12 @@ or Context to be logged to the Logger that corresponds to that container. +WARNING: Using this valve has side-effects. The +output from this valve includes any parameters included with the request. +The parameters will be decoded using the default platform encoding. Any +subsequent calls to request.setCharacterEncoding() within +the web application will have no effect. + - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/webapps/docs/config valve.xml
markt 2004/03/06 02:58:39 Modified:webapps/docs/config valve.xml Log: Fix bug 16507. Update valve docs to provide pointer to the Jakarta Regexp docs. - Reported by Paul Ramirez. - Ported from TC4. Revision ChangesPath 1.7 +12 -0 jakarta-tomcat-catalina/webapps/docs/config/valve.xml Index: valve.xml === RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/config/valve.xml,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- valve.xml 16 Dec 2003 07:22:14 - 1.6 +++ valve.xml 6 Mar 2004 10:58:39 - 1.7 @@ -195,6 +195,12 @@ Context), and must accept any request presented to this container for processing before it will be passed on. +The syntax for regular expressions is different than that for +'standard' wildcard matching. Tomcat uses the +http://jakarta.apache.org/regexp/";>Jakarta Regexp library. +Please consult the Regexp documentation for details of the expressions +supported. + @@ -245,6 +251,12 @@ (Engine, Host, or Context), and must accept any request presented to this container for processing before it will be passed on. + +The syntax for regular expressions is different than that for +'standard' wildcard matching. Tomcat uses the +http://jakarta.apache.org/regexp/";>Jakarta Regexp library. +Please consult the Regexp documentation for details of the expressions +supported. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/webapps/docs/config valve.xml
billbarker2003/12/15 23:22:14 Modified:webapps/docs/config valve.xml Log: Updating SSO docs. Fix for Bug #2 Submitted by: Brian Stansberry [EMAIL PROTECTED] Revision ChangesPath 1.6 +11 -0 jakarta-tomcat-catalina/webapps/docs/config/valve.xml Index: valve.xml === RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/config/valve.xml,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- valve.xml 4 Nov 2003 17:58:46 - 1.5 +++ valve.xml 16 Dec 2003 07:22:14 - 1.6 @@ -350,6 +350,17 @@ Detail level of debugging messages created by this component. By default, this is set to zero (0), which means no debug output. + + +Default false. Flag to determine whether each request needs to be +reauthenticated to the security Realm. If "true", this +Valve uses cached security credentials (username and password) to +reauthenticate to the Realm each request associated +with an SSO session. If "false", the Valve can itself authenticate +requests based on the presence of a valid SSO cookie, without +rechecking with the Realm. + + - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/webapps/docs/config valve.xml
yoavs 2003/11/04 09:58:46 Modified:webapps/docs/config valve.xml Log: Fixed typo in "component." Revision ChangesPath 1.5 +1 -1 jakarta-tomcat-catalina/webapps/docs/config/valve.xml Index: valve.xml === RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/config/valve.xml,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- valve.xml 24 Jul 2003 12:52:55 - 1.4 +++ valve.xml 4 Nov 2003 17:58:46 - 1.5 @@ -16,7 +16,7 @@ - A Valve element represents a comonent that will be + A Valve element represents a component that will be inserted into the request processing pipeline for the associated Catalina container (Engine, Host, or Context). - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/webapps/docs/config valve.xml
funkman 2003/07/24 05:52:55
Modified:webapps/docs/config valve.xml
Log:
Update for AccessLogValve
Revision ChangesPath
1.4 +41 -0 jakarta-tomcat-catalina/webapps/docs/config/valve.xml
Index: valve.xml
===
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/config/valve.xml,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- valve.xml 15 Jan 2003 03:40:44 - 1.3
+++ valve.xml 24 Jul 2003 12:52:55 - 1.4
@@ -99,6 +99,32 @@
use a zero-length string.
+
+Deafult true. Flag to determine if log rotation should occur.
+ If set to false, then this file is never rotated and
+ fileDateFormat is ignored. Use with caution!
+
+
+
+
+Turns on conditional logging. If set, requests will be
+ logged only if ServletRequest.getAttribute() is
+ null. For example, if this value is set to
+ junk, then a particular request will only be logged
+ if ServletRequest.getAttribute("junk") == null.
+ The use of Filters is an easy way to set/unset the attribute
+ in the ServletRequest on many different requests.
+
+
+
+
+Allows a customized date format in the access log file name.
+ The date format also decides how often the file is rotated.
+ If you wish to rotate every hour, then set this value
+ to: -MM-dd.HH
+
+
+
Values for the pattern attribute are made up of literal
@@ -126,7 +152,22 @@
%u - Remote user that was authenticated (if any), else '-'
%U - Requested URL path
%v - Local server name
+%D - Time taken to process the request, in millis
+%T - Time taken to process the request, in seconds
+
+
+There is also support to write information from the cookie, incoming
+header, the Session or something else in the ServletRequest.
+It is modeled after the apache syntax:
+
+%{xxx}i for incoming headers
+%{xxx}c for a specific cookie
+%{xxx}r xxx is an attribute in the ServletRequest
+%{xxx}s xxx is an attribute in the HttpSession
+
+
+
The shorthand pattern name common (which is also the
default) corresponds to %h %l %u %t "%r" %s %b".
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
