costin 00/12/27 17:57:41
Modified: src/j2ee/org/apache/tomcat/j2ee J2EEInterceptor.java
src/share/org/apache/tomcat/core Request.java
src/share/org/apache/tomcat/request JDBCRealm.java
SimpleRealm.java
Log:
Same for authentication - modules will return DECLINED if they can't
handle the user, OK if they authenticate.
Again, same conventions as in Apache, auth* modules should be interoperable.
Revision Changes Path
1.8 +5 -5
jakarta-tomcat/src/j2ee/org/apache/tomcat/j2ee/J2EEInterceptor.java
Index: J2EEInterceptor.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/j2ee/org/apache/tomcat/j2ee/J2EEInterceptor.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- J2EEInterceptor.java 2000/12/28 01:15:37 1.7
+++ J2EEInterceptor.java 2000/12/28 01:57:39 1.8
@@ -194,7 +194,7 @@
if( user==null || password == null ) {
// Need auth, but have no user/pass
- return 0;
+ return DECLINED;
}
byte authData[]=password.getBytes();
@@ -204,7 +204,7 @@
LoginContext lc = initLoginContext(realm);
if( lc==null ) {
log("Authenticate - Can't get LoginContext....");
- return 0;
+ return DECLINED;
}
if(authM != null)
@@ -220,8 +220,8 @@
Log.err.println(le);
//le.printStackTrace();
log("Login failed for..: " + user);
- return 0;
- }
+ return DECLINED; // or 401 ?
+ }
if(debug>0) {
log("Login succeeded for..: " + user);
@@ -230,7 +230,7 @@
req.setRemoteUser( user );
req.setUserPrincipal( getUserPrincipal() );
- return 0;
+ return OK;
}
public int authorize( Request req, Response response, String roles[] )
1.83 +1 -1 jakarta-tomcat/src/share/org/apache/tomcat/core/Request.java
Index: Request.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/Request.java,v
retrieving revision 1.82
retrieving revision 1.83
diff -u -r1.82 -r1.83
--- Request.java 2000/12/26 22:56:38 1.82
+++ Request.java 2000/12/28 01:57:40 1.83
@@ -402,7 +402,7 @@
getInterceptors(Container.H_authenticate);
for( int i=0; i< reqI.length; i++ ) {
status=reqI[i].authenticate( this, response );
- if ( status != 0 ) {
+ if ( status != BaseInterceptor.DECLINED ) {
break;
}
}
1.28 +7 -6
jakarta-tomcat/src/share/org/apache/tomcat/request/JDBCRealm.java
Index: JDBCRealm.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/JDBCRealm.java,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -r1.27 -r1.28
--- JDBCRealm.java 2000/12/28 00:46:14 1.27
+++ JDBCRealm.java 2000/12/28 01:57:41 1.28
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/JDBCRealm.java,v 1.27
2000/12/28 00:46:14 nacho Exp $
- * $Revision: 1.27 $
- * $Date: 2000/12/28 00:46:14 $
+ * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/JDBCRealm.java,v 1.28
2000/12/28 01:57:41 costin Exp $
+ * $Revision: 1.28 $
+ * $Date: 2000/12/28 01:57:41 $
*
* The Apache Software License, Version 1.1
*
@@ -497,8 +497,8 @@
public int authenticate( Request req, Response response ) {
String user=(String)req.getNote( userNote );
String password=(String)req.getNote( passwordNote );
- if( user==null) return 0;
-
+ if( user==null) return DECLINED;
+
if( checkPassword( user, password ) ) {
if( debug > 0 ) log( "Auth ok, user=" + user );
Context ctx = req.getContext();
@@ -509,9 +509,10 @@
// req.setNote(reqRealmSignNote,this);
String userRoles[] = getUserRoles( user );
req.setUserRoles( userRoles );
+ return OK;
}
}
- return 0;
+ return DECLINED;
}
1.18 +7 -2
jakarta-tomcat/src/share/org/apache/tomcat/request/SimpleRealm.java
Index: SimpleRealm.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/SimpleRealm.java,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- SimpleRealm.java 2000/12/28 00:46:14 1.17
+++ SimpleRealm.java 2000/12/28 01:57:41 1.18
@@ -142,7 +142,7 @@
// This realm will use only username and password callbacks
String user=(String)req.getNote( userNote );
String password=(String)req.getNote( passwordNote );
- if( user==null) return 0;
+ if( user==null) return DECLINED; // we don't know about this
if( debug > 0 ) log( "Verify user=" + user + " pass=" + password );
if( memoryRealm.checkPassword( user, password ) ) {
@@ -154,8 +154,13 @@
String userRoles[] = memoryRealm.getUserRoles( user );
req.setUserRoles( userRoles );
}
+ return OK; // the user is ok, - no need for more work
}
- return 0;
+ return DECLINED; // the user is not known to me - it may
+ // be in a different realm.
+
+ // XXX maybe we should add "realm-name" - the current behavior
+ // is to treat them as "global users"
}
class MemoryRealm {
