svn commit: r1837520 - in /tomcat/trunk: java/org/apache/catalina/authenticator/AuthenticatorBase.java webapps/docs/changelog.xml

[markt]

Author: markt
Date: Mon Aug  6 13:35:41 2018
New Revision: 1837520

URL: http://svn.apache.org/viewvc?rev=1837520&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62547
JASPIC cleanSubject() was not called on logout when the authenticator was 
configured to cache the authenticated Principal.
Patch provided by Guillermo González de Agüero.
This closes #116

Modified:
    tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
    tomcat/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java?rev=1837520&r1=1837519&r2=1837520&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java 
Mon Aug  6 13:35:41 2018
@@ -810,7 +810,6 @@ public abstract class AuthenticatorBase
                     
!principal.getUserPrincipal().equals(request.getUserPrincipal())) {
                 // Skip registration if authentication credentials were
                 // cached and the Principal did not change.
-                request.setNote(Constants.REQ_JASPIC_SUBJECT_NOTE, client);
                 @SuppressWarnings("rawtypes")// JASPIC API uses raw types
                 Map map = state.messageInfo.getMap();
                 if (map != null && 
map.containsKey("javax.servlet.http.registerSession")) {
@@ -819,6 +818,7 @@ public abstract class AuthenticatorBase
                     register(request, response, principal, "JASPIC", null, 
null);
                 }
             }
+            request.setNote(Constants.REQ_JASPIC_SUBJECT_NOTE, client);
             return true;
         }
         return false;

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1837520&r1=1837519&r2=1837520&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Mon Aug  6 13:35:41 2018
@@ -86,6 +86,11 @@
         Make logout more robust if JASPIC subject is unexpectedly unavailable.
         (markt)
       </add>
+      <fix>
+        <bug>62547</bug>: JASPIC <code>cleanSubject()</code> was not called on
+        logout when the authenticator was configured to cache the authenticated
+        Principal. Patch provided by Guillermo González de Agüero. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org