costin 00/12/27 11:52:57
Modified: . changes3.3
src/etc server.xml
src/share/org/apache/tomcat/request AccessInterceptor.java
JDBCRealm.java SimpleRealm.java
src/share/org/apache/tomcat/startup EmbededTomcat.java
src/share/org/apache/tomcat/task StopTomcat.java
src/share/org/apache/tomcat/util Base64.java
Added: src/share/org/apache/tomcat/request
CredentialsInterceptor.java
Removed: src/share/org/apache/tomcat/helper HostConfig.java
SecurityTools.java SessionUtil.java
src/share/org/apache/tomcat/startup HostConfig.java
Log:
Improvement in authentication code.
- use request notes to store user/password ( instead of creating Hashtable )
- transform SecurityTools in CredentialInterceptor. It's role is to
extract user/pass from FORM and BASIC and set them as notes.
- this makes the Realm independent of the authentication mechanism ( as
long as it's user/password - for other mechanisms a different realm is
needed. Both JDBC and File realms are specific to user/password schemes )
- moved the "authorize" code back to AccessInterceptor, realms no longer have
to worry about that.
- A "user-based" realm will use the 2 notes and set userRoles.
- removed more dead code.
Revision Changes Path
1.4 +5 -0 jakarta-tomcat/changes3.3
Index: changes3.3
===================================================================
RCS file: /home/cvs/jakarta-tomcat/changes3.3,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- changes3.3 2000/12/07 18:40:53 1.3
+++ changes3.3 2000/12/27 19:52:49 1.4
@@ -1,5 +1,10 @@
-------------------- CORE --------------------
+- improved authentication - a bit of performance and more flexibility
+ (CredentialInterceptor)
+
+- sealed the facade
+
- refactoring of MessageBytes
- refactoring of AJP1.3 ( Dan Milstein )
1.56 +6 -0 jakarta-tomcat/src/etc/server.xml
Index: server.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/etc/server.xml,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- server.xml 2000/12/27 17:15:00 1.55
+++ server.xml 2000/12/27 19:52:50 1.56
@@ -187,6 +187,12 @@
className="org.apache.tomcat.request.AccessInterceptor"
debug="0" />
+ <!-- Implements BASIC and FORM autorization
+ -->
+ <RequestInterceptor
+ className="org.apache.tomcat.request.CredentialsInterceptor"
+ debug="0" />
+
<!-- Check permissions using the simple xml file. You can
plug more advanced authentication modules.
uncomment below to have a global tomcat Realm.
1.29 +35 -11
jakarta-tomcat/src/share/org/apache/tomcat/request/AccessInterceptor.java
Index: AccessInterceptor.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/AccessInterceptor.java,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- AccessInterceptor.java 2000/12/26 23:35:35 1.28
+++ AccessInterceptor.java 2000/12/27 19:52:52 1.29
@@ -107,18 +107,13 @@
this.cm=cm;
// set-up a per/container note for maps
- try {
- secMapNote = cm.getNoteId( ContextManager.CONTAINER_NOTE,
- "map.security");
- // Used for inter-module communication - required role, tr
- reqRolesNote = cm.getNoteId( ContextManager.REQUEST_NOTE,
- "required.roles");
- reqTransportNote = cm.getNoteId( ContextManager.REQUEST_NOTE,
+ secMapNote = cm.getNoteId( ContextManager.CONTAINER_NOTE,
+ "map.security");
+ // Used for inter-module communication - required role, tr
+ reqRolesNote = cm.getNoteId( ContextManager.REQUEST_NOTE,
+ "required.roles");
+ reqTransportNote = cm.getNoteId( ContextManager.REQUEST_NOTE,
"required.transport");
- } catch( TomcatException ex ) {
- log("engineInit(" + cm + ")", ex); // necessary?
- throw new RuntimeException( "Invalid state");
- }
}
public void contextInit( Context ctx)
@@ -284,6 +279,35 @@
}
}
return 0;
+ }
+
+ public int authorize( Request req, Response response, String roles[] )
+ {
+ if( roles==null || roles.length==0 ) {
+ // request doesn't need authentication
+ return 0;
+ }
+
+ // will call authenticate() hooks to get the user
+ String user=req.getRemoteUser();
+ if( user==null )
+ return 401;
+
+ if( debug > 0 ) log( "Controled access for " + user + " " +
+ req + " " + req.getContainer() );
+
+ String userRoles[]= req.getUserRoles();
+ if ( userRoles == null )
+ return 401;
+
+ for( int i=0; i< userRoles.length; i ++ ) {
+ for( int j=0; j< roles.length; i ++ )
+ if( userRoles[i]!=null && userRoles[i].equals( roles[j] ))
+ return 0;
+ }
+
+ if( debug > 0 ) log( "UnAuthorized " + roles[0] );
+ return 401;
}
/** Find if a pattern is matched by a container
1.26 +23 -51
jakarta-tomcat/src/share/org/apache/tomcat/request/JDBCRealm.java
Index: JDBCRealm.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/JDBCRealm.java,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- JDBCRealm.java 2000/12/03 22:29:39 1.25
+++ JDBCRealm.java 2000/12/27 19:52:52 1.26
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/JDBCRealm.java,v 1.25
2000/12/03 22:29:39 nacho Exp $
- * $Revision: 1.25 $
- * $Date: 2000/12/03 22:29:39 $
+ * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/JDBCRealm.java,v 1.26
2000/12/27 19:52:52 costin Exp $
+ * $Revision: 1.26 $
+ * $Date: 2000/12/27 19:52:52 $
*
* The Apache Software License, Version 1.1
*
@@ -102,6 +102,8 @@
ContextManager cm;
int reqRolesNote;
int reqRealmSignNote;
+ int userNote;
+ int passwordNote;
// ----------------------------------------------------- Instance Variables
/**
@@ -467,6 +469,7 @@
return null;
}
+ // -------------------- Tomcat hooks --------------------
public void contextInit(Context ctx)
throws org.apache.tomcat.core.TomcatException {
@@ -495,63 +498,28 @@
public int authenticate( Request req, Response response ) {
- // Extract the credentials
- Hashtable cred=new Hashtable();
- SecurityTools.credentials( req, cred );
- // This realm will use only username and password callbacks
- String user=(String)cred.get("username");
- String password=(String)cred.get("password");
-
+ String user=(String)req.getNote( userNote );
+ String password=(String)req.getNote( passwordNote );
+ if( user==null) return 0;
+
if( checkPassword( user, password ) ) {
if( debug > 0 ) log( "Auth ok, user=" + user );
Context ctx = req.getContext();
if (ctx != null)
req.setAuthType(ctx.getAuthMethod());
- req.setRemoteUser( user );
- req.setNote(reqRealmSignNote,this);
+ if( user!=null) {
+ req.setRemoteUser( user );
+ req.setNote(reqRealmSignNote,this);
+ String userRoles[] = getUserRoles( user );
+ req.setUserRoles( userRoles );
+ }
}
return 0;
}
-
- public int authorize( Request req, Response response, String roles[] )
- {
- if( roles==null ) {
- // request doesn't need authentication
- return 0;
- }
-
- Context ctx=req.getContext();
-
- String userRoles[]=null;
-
- String user=req.getRemoteUser();
-
- if( user==null )
- return 401; //HttpServletResponse.SC_UNAUTHORIZED
-
- if( this.equals(req.getNote(reqRealmSignNote)) ){
- return 0;
- }
-
- if( debug > 0 )
- log( "Controled access for " + user + " " + req + " "
- + req.getContainer() );
-
- userRoles = getUserRoles( user );
- if( userRoles == null )
- return 0;
- req.setUserRoles( userRoles );
-
- if( debug > 0 ) log( "Auth ok, first role=" + userRoles[0] );
-
- if( SecurityTools.haveRole( userRoles, roles ))
- return 0;
-
- if( debug > 0 ) log( "UnAuthorized " + roles[0] );
- return 401; //HttpServletResponse.SC_UNAUTHORIZED
- // XXX check transport
- }
+ // XXX XXX XXX Nacho, I think Digest should be part of the Credential
+ // module, so it's used by all Realms.
+
/**
* Digest password using the algorithm especificied and
* convert the result to a corresponding hex string.
@@ -611,6 +579,10 @@
, "required.roles");
reqRealmSignNote = cm.getNoteId( ContextManager.REQUEST_NOTE
, "realm.sign");
+ userNote=cm.getNoteId( ContextManager.REQUEST_NOTE,
+ "credentials.user");
+ passwordNote=cm.getNoteId( ContextManager.REQUEST_NOTE,
+ "credentials.password");
}
catch( TomcatException ex ) {
log("setting up note for " + cm, ex);
1.16 +66 -91
jakarta-tomcat/src/share/org/apache/tomcat/request/SimpleRealm.java
Index: SimpleRealm.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/SimpleRealm.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- SimpleRealm.java 2000/12/04 01:15:03 1.15
+++ SimpleRealm.java 2000/12/27 19:52:53 1.16
@@ -72,98 +72,35 @@
import org.xml.sax.*;
/**
- * Memory based realm - will authenticate and check the permissions
- * for a request using a simple, in-memory list of users.
- * This is for "demo" purpose only, to allow auth in standalone tomcat
- * for developers.
+ * Memory based realm - will authenticate an user and password against
+ * an xml file. The file is fully read in memory when the context is
+ * initialized.
*
- * There are no restrictions or rules on how to authenticate - you have
- * full control over the process.
+ * The default file is TOMCAT_HOME/conf/tomcat-users.xml. You can
+ * change it, and you can also set this module as a per context
+ * interceptor, so that each module have it's own realm.
*
+ * The module will use "credentials.user" and "credentials.password"
+ * request notes. It's role is to verify those notes, other module is
+ * specialized in extracting the information from the request.
+ *
*/
public class SimpleRealm extends BaseInterceptor {
MemoryRealm memoryRealm;
+
int reqRolesNote=-1;
int reqRealmSignNote=-1;
- String filename;
- public SimpleRealm() {
- }
-
- public void contextInit(Context ctx)
- throws TomcatException
- {
- setContextManager(ctx.getContextManager());
- init(cm,ctx);
- try {
- // XXX make the name a "global" static -
- reqRolesNote = cm.getNoteId( ContextManager.REQUEST_NOTE,
- "required.roles");
- reqRealmSignNote = cm.getNoteId( ContextManager.REQUEST_NOTE
- , "realm.sign");
- } catch( TomcatException ex ) {
- log("getting note for " + cm, ex);
- throw new RuntimeException( "Invalid state ");
- }
- }
-
- public int authenticate( Request req, Response response )
- {
- // Extract the credentials
- Hashtable cred=new Hashtable();
- SecurityTools.credentials( req, cred );
-
- // This realm will use only username and password callbacks
- String user=(String)cred.get("username");
- String password=(String)cred.get("password");
-
- if( debug > 0 ) log( "Verify user=" + user + " pass=" + password );
- if( memoryRealm.checkPassword( user, password ) ) {
- if( debug > 0 ) log( "Auth ok, user=" + user );
- Context ctx = req.getContext();
- if (ctx != null)
- req.setAuthType(ctx.getAuthMethod());
- req.setRemoteUser( user );
- req.setNote(reqRealmSignNote,this);
- }
- return 0;
- }
-
- public int authorize( Request req, Response response, String roles[] )
- {
- if( roles==null || roles.length==0 ) {
- // request doesn't need authentication
- return 0;
- }
-
- Context ctx=req.getContext();
+ int userNote=-1;
+ int passwordNote=-1;
- String userRoles[]=null;
- String user=req.getRemoteUser();
- if( user==null )
- return 401;
+ String filename="/conf/tomcat-users.xml";
- if( ! this.equals(req.getNote(reqRealmSignNote)) ){
- return 0;
- }
-
-
-
- if( debug > 0 ) log( "Controled access for " + user + " " +
- req + " " + req.getContainer() );
-
- userRoles = memoryRealm.getUserRoles( user );
- if ( userRoles == null )
- return 0;
- req.setUserRoles( userRoles );
-
- if( SecurityTools.haveRole( userRoles, roles ))
- return 0;
-
- if( debug > 0 ) log( "UnAuthorized " + roles[0] );
- return 401;
+
+ public SimpleRealm() {
}
+ // -------------------- Properties --------------------
public String getFilename() {
return filename;
}
@@ -172,24 +109,59 @@
filename = newFilename;
}
- /** Called when the ContextManger is started
- */
- public void engineInit(ContextManager cm) throws TomcatException {
- init(cm,null);
+ // -------------------- Hooks --------------------
+ public void engineInit( ContextManager cm )
+ throws TomcatException
+ {
+ reqRolesNote = cm.getNoteId( ContextManager.REQUEST_NOTE,
+ "required.roles");
+ reqRealmSignNote = cm.getNoteId( ContextManager.REQUEST_NOTE,
+ "realm.sign");
+ userNote=cm.getNoteId( ContextManager.REQUEST_NOTE,
+ "credentials.user");
+ passwordNote=cm.getNoteId( ContextManager.REQUEST_NOTE,
+ "credentials.password");
}
-
- void init(ContextManager cm,Context ctx) {
+
+ public void contextInit(Context ctx)
+ throws TomcatException
+ {
+ ContextManager cm=ctx.getContextManager();
if( memoryRealm==null) {
- memoryRealm = new MemoryRealm(filename,cm.getHome());
+ memoryRealm = new MemoryRealm(filename,
+ cm.getHome());
try {
memoryRealm.readMemoryRealm();
} catch(Exception ex ) {
- log("initting " + cm, ex);
+ log("Error loading realm file " + cm.getHome() + "/" +
+ filename, ex);
memoryRealm=null;
}
}
}
+ public int authenticate( Request req, Response response )
+ {
+ // This realm will use only username and password callbacks
+ String user=(String)req.getNote( userNote );
+ String password=(String)req.getNote( passwordNote );
+ if( user==null) return 0;
+
+ if( debug > 0 ) log( "Verify user=" + user + " pass=" + password );
+ if( memoryRealm.checkPassword( user, password ) ) {
+ if( debug > 0 ) log( "Auth ok, user=" + user );
+ Context ctx = req.getContext();
+ req.setAuthType(ctx.getAuthMethod());
+ req.setRemoteUser( user );
+ req.setNote(reqRealmSignNote,this);
+ if( user!=null ) {
+ String userRoles[] = memoryRealm.getUserRoles( user );
+ req.setUserRoles( userRoles );
+ }
+ }
+ return 0;
+ }
+
class MemoryRealm {
// String user -> password
Hashtable passwords=new Hashtable();
@@ -210,7 +182,8 @@
}
public void addUser(String name, String pass, String groups ) {
- if( getDebug() > 0 ) log( "Add user " + name + " " + pass + " " +
groups );
+ if( getDebug() > 0 ) log( "Add user " + name + " " +
+ pass + " " + groups );
passwords.put( name, pass );
groups += ",";
while (true) {
@@ -240,7 +213,8 @@
public boolean checkPassword( String user, String pass ) {
if( user==null ) return false;
- if( getDebug() > 0 ) log( "check " + user+ " " + pass + " " +
passwords.get( user ));
+ if( getDebug() > 0 ) log( "check " + user+ " " +
+ pass + " " + passwords.get( user ));
return pass.equals( (String)passwords.get( user ) );
}
@@ -256,7 +230,8 @@
public boolean userInRole( String user, String role ) {
Vector users=(Vector)roles.get(role);
- if( getDebug() > 0 ) log( "check role " + user+ " " + role + " " );
+ if( getDebug() > 0 ) log( "check role " + user+ " " +
+ role + " " );
if(users==null) return false;
return users.indexOf( user ) >=0 ;
}
1.1
jakarta-tomcat/src/share/org/apache/tomcat/request/CredentialsInterceptor.java
Index: CredentialsInterceptor.java
===================================================================
/*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact [EMAIL PROTECTED]
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
* [Additional notices, if required by prior licensing conditions]
*
*/
package org.apache.tomcat.request;
import org.apache.tomcat.core.*;
import org.apache.tomcat.util.*;
import org.apache.tomcat.session.ServerSession;
import org.apache.tomcat.util.xml.*;
import java.io.*;
import java.net.*;
import java.util.*;
import org.xml.sax.*;
/**
* Extract user/password credentials from a request.
* This module is specialized in detecting BASIC and FORM authentication, and
* will set 2 notes in the request: "credentials.user" and
* "credentials.password".
*
* A "Realm" module may use the 2 notes in authenticating the user.
*
* This module must will act on the "authenticate" callback - the action
* will happen _only_ for requests requiring authentication, not for
* every request.
*
* It must be configured before the Realm module.
*/
public class CredentialsInterceptor extends BaseInterceptor
{
int userNote;
int passwordNote;
/** The module will set a note with this name on the request for
the extracted user, if Basic or Form authentication is used
*/
public static final String USER_NOTE="credentials.user";
/** The module will set a note with this name on the request for
the extracted password, if Basic or Form authentication is used
*/
public static final String PASSWORD_NOTE="credentials.password";
public CredentialsInterceptor() {
}
public void engineInit( ContextManager cm )
throws TomcatException
{
userNote=cm.getNoteId( ContextManager.REQUEST_NOTE, USER_NOTE);
passwordNote=cm.getNoteId( ContextManager.REQUEST_NOTE, PASSWORD_NOTE);
}
/** Extract the credentails from req
*/
public int authenticate( Request req , Response res ) {
Context ctx=req.getContext();
String login_type=ctx.getAuthMethod();
if( "BASIC".equals( login_type )) {
basicCredentials( req );
}
if( "FORM".equals( login_type )) {
formCredentials( req );
}
return 0;
}
/** Extract userName and password from a request using basic
* authentication.
*/
private void basicCredentials( Request req )
{
String authorization = req.getHeader("Authorization");
if (authorization == null )
return; // no credentials
if( ! authorization.startsWith("Basic ")) {
log( "Wrong syntax for basic authentication " + req + " " +
authorization);
return; // wrong syntax
}
authorization = authorization.substring(6).trim();
String unencoded=Base64.base64Decode( authorization );
int colon = unencoded.indexOf(':');
if (colon < 0) {
log( "Wrong syntax for basic authentication " + req + " " +
authorization);
return;
}
req.setNote( userNote, unencoded.substring(0, colon));
req.setNote( passwordNote , unencoded.substring(colon + 1));
}
private void formCredentials( Request req ) {
ServerSession session=(ServerSession)req.getSession( false );
if( session == null )
return; // not authenticated
// XXX The attributes are set on the first access.
// It is possible for a servlet to set the attributes and
// bypass the security checking - but that's ok, since
// everything happens inside a web application and all servlets
// are in the same domain.
String username=(String)session.getAttribute("j_username");
String password=(String)session.getAttribute("j_password");
if( username!=null && password!=null) {
req.setNote( userNote , username );
req.setNote( passwordNote, password);
}
}
}
1.36 +9 -24
jakarta-tomcat/src/share/org/apache/tomcat/startup/EmbededTomcat.java
Index: EmbededTomcat.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/startup/EmbededTomcat.java,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -r1.35 -r1.36
--- EmbededTomcat.java 2000/12/27 17:15:09 1.35
+++ EmbededTomcat.java 2000/12/27 19:52:54 1.36
@@ -225,25 +225,15 @@
}
private void initDefaultInterceptors() {
- // Explicitely set up all the interceptors we need.
- // The order is important ( like in apache hooks, it's a chain !)
-
// no AutoSetup !
-
// set workdir, engine header, auth Servlet, error servlet, loader
-
- // XXX So far Embeded tomcat is specific to Servlet 2.2.
- // It need a major refactoring to support multiple
- // interfaces ( I'm not sure it'll be possible to support
- // multiple APIs at the same time in embeded mode )
-
// addInterceptor( new LogEvents() );
DefaultCMSetter defaultCMI=new DefaultCMSetter();
addInterceptor( defaultCMI );
BaseInterceptor webXmlI=
- (BaseInterceptor)newObject("org.apache.tomcat.facade.WebXmlReader");
+ createModule("org.apache.tomcat.facade.WebXmlReader");
addInterceptor( webXmlI );
PolicyInterceptor polI=new PolicyInterceptor();
@@ -259,10 +249,6 @@
WorkDirInterceptor wdI=new WorkDirInterceptor();
addInterceptor( wdI );
- // Debug
- // LogEvents logEventsI=new LogEvents();
- // addRequestInterceptor( logEventsI );
-
SessionId sessI=new SessionId();
addInterceptor( sessI );
@@ -272,7 +258,7 @@
InvokerInterceptor invI=new InvokerInterceptor();
addInterceptor( invI );
- BaseInterceptor
jspI=(BaseInterceptor)newObject("org.apache.tomcat.facade.JspInterceptor");
+ BaseInterceptor jspI=createModule("org.apache.tomcat.facade.JspInterceptor");
addInterceptor( jspI );
StaticInterceptor staticI=new StaticInterceptor();
@@ -280,16 +266,15 @@
addInterceptor( new SimpleSessionStore());
- BaseInterceptor loadOnSI=
(BaseInterceptor)newObject("org.apache.tomcat.facade.LoadOnStartupInterceptor");
+ BaseInterceptor loadOnSI=
createModule("org.apache.tomcat.facade.LoadOnStartupInterceptor");
addInterceptor( loadOnSI );
- BaseInterceptor
s22=(BaseInterceptor)newObject("org.apache.tomcat.facade.Servlet22Interceptor");
+ BaseInterceptor
s22=createModule("org.apache.tomcat.facade.Servlet22Interceptor");
addInterceptor( s22 );
+
+ addInterceptor( new AccessInterceptor() );
- // access control ( find if a resource have constraints )
- AccessInterceptor accessI=new AccessInterceptor();
- addInterceptor( accessI );
- accessI.setDebug(0);
+ addInterceptor( new CredentialsInterceptor() );
// set context class loader
Jdk12Interceptor jdk12I=new Jdk12Interceptor();
@@ -339,10 +324,10 @@
}
}
- private Object newObject( String classN ) {
+ private BaseInterceptor createModule( String classN ) {
try {
Class c=Class.forName( classN );
- return c.newInstance();
+ return (BaseInterceptor)c.newInstance();
} catch( Exception ex ) {
ex.printStackTrace();
return null;
1.15 +2 -6 jakarta-tomcat/src/share/org/apache/tomcat/task/StopTomcat.java
Index: StopTomcat.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/task/StopTomcat.java,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- StopTomcat.java 2000/12/16 15:10:05 1.14
+++ StopTomcat.java 2000/12/27 19:52:55 1.15
@@ -176,11 +176,6 @@
BaseInterceptor ci[]=cm.getContainer().getInterceptors();
for( int i=0; i<ci.length; i++ ) {
Object con=ci[i];
-/* if( con instanceof Ajp12ConnectionHandler ) {
- PoolTcpConnector tcpCon=(PoolTcpConnector) con;
- portInt=tcpCon.getPort();
- address=tcpCon.getAddress();
- }*/
if( con instanceof Ajp12Interceptor ) {
Ajp12Interceptor tcpCon=(Ajp12Interceptor) con;
portInt=tcpCon.getPort();
@@ -200,7 +195,8 @@
os.write( stopMessage );
socket.close();
} catch(Exception ex ) {
- throw new TomcatException("Error stopping Tomcat with Ajp12 on " + address
+ ":" + portInt, ex);
+ throw new TomcatException("Error stopping Tomcat with Ajp12 on " +
+ address + ":" + portInt, ex);
}
}
1.2 +50 -3 jakarta-tomcat/src/share/org/apache/tomcat/util/Base64.java
Index: Base64.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/Base64.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- Base64.java 2000/11/06 15:13:49 1.1
+++ Base64.java 2000/12/27 19:52:56 1.2
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/Base64.java,v
1.1 2000/11/06 15:13:49 nacho Exp $
- * $Revision: 1.1 $
- * $Date: 2000/11/06 15:13:49 $
+ * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/Base64.java,v
1.2 2000/12/27 19:52:56 costin Exp $
+ * $Revision: 1.2 $
+ * $Date: 2000/12/27 19:52:56 $
*
* ====================================================================
*
@@ -74,7 +74,7 @@
* This class is used by XML Schema binary format validation
*
* @author Jeffrey Rodriguez
- * @version $Revision: 1.1 $ $Date: 2000/11/06 15:13:49 $
+ * @version $Revision: 1.2 $ $Date: 2000/12/27 19:52:56 $
*/
public final class Base64 {
@@ -260,5 +260,52 @@
return decodedData;
}
+
+ static int base64[]= {
+ 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
+ 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
+ 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 64, 63,
+ 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64,
+ 64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
+ 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64,
+ 64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
+ 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64,
+ 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
+ 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
+ 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
+ 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
+ 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
+ 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
+ 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
+ 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64
+ };
+
+ public static String base64Decode( String orig ) {
+ char chars[]=orig.toCharArray();
+ StringBuffer sb=new StringBuffer();
+ int i=0;
+
+ int shift = 0; // # of excess bits stored in accum
+ int acc = 0;
+
+ for (i=0; i<chars.length; i++) {
+ int v = base64[ chars[i] & 0xFF ];
+
+ if ( v >= 64 ) {
+ if( chars[i] != '=' )
+ System.out.println("Wrong char in base64: " + chars[i]);
+ } else {
+ acc= ( acc << 6 ) | v;
+ shift += 6;
+ if ( shift >= 8 ) {
+ shift -= 8;
+ sb.append( (char) ((acc >> shift) & 0xff));
+ }
+ }
+ }
+ return sb.toString();
+ }
+
+
}
