deploy SecurityConstraint.java

craigmcc Thu, 10 May 2001 16:33:22 -0700
craigmcc    01/05/10 16:53:55

  Modified:    catalina/src/share/org/apache/catalina/authenticator
                        AuthenticatorBase.java
               catalina/src/share/org/apache/catalina/deploy
                        SecurityConstraint.java
  Log:
  Update access control logic to correctly process authentication
  constraints with a "*" <role-name> element, which means that all roles are
  allowed.
  
  Submitted by: Tony Ng <[EMAIL PROTECTED]>
  
  Revision  Changes    Path
  1.13      +11 -5     
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
  
  Index: AuthenticatorBase.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- AuthenticatorBase.java    2001/05/10 19:47:09     1.12
  +++ AuthenticatorBase.java    2001/05/10 23:53:53     1.13
  @@ -1,7 +1,7 @@
   /*
  - * $Header: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
 1.12 2001/05/10 19:47:09 craigmcc Exp $
  - * $Revision: 1.12 $
  - * $Date: 2001/05/10 19:47:09 $
  + * $Header: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
 1.13 2001/05/10 23:53:53 craigmcc Exp $
  + * $Revision: 1.13 $
  + * $Date: 2001/05/10 23:53:53 $
    *
    * ====================================================================
    *
  @@ -95,6 +95,7 @@
   import org.apache.catalina.Session;
   import org.apache.catalina.Valve;
   import org.apache.catalina.ValveContext;
  +import org.apache.catalina.core.StandardContext;
   import org.apache.catalina.deploy.LoginConfig;
   import org.apache.catalina.deploy.SecurityConstraint;
   import org.apache.catalina.util.LifecycleSupport;
  @@ -120,7 +121,7 @@
    * requests.  Requests of any other type will simply be passed through.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.12 $ $Date: 2001/05/10 19:47:09 $
  + * @version $Revision: 1.13 $ $Date: 2001/05/10 23:53:53 $
    */
   
   
  @@ -570,6 +571,8 @@
        Principal principal =
            ((HttpServletRequest) request.getRequest()).getUserPrincipal();
        if (principal == null) {
  +            if (debug >= 2)
  +                log("  No user authenticated, cannot grant access");
            ((HttpServletResponse) response.getResponse()).sendError
                (HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
                 sm.getString("authenticator.notAuthenticated"));
  @@ -582,7 +585,8 @@
        if (roles == null)
            roles = new String[0];
        if (roles.length == 0) {
  -            if (constraint.getAuthConstraint()) {
  +            if (constraint.getAuthConstraint() &&
  +                !constraint.getAllRoles()) {
                   ((HttpServletResponse) response.getResponse()).sendError
                       (HttpServletResponse.SC_FORBIDDEN,
                        sm.getString("authenticator.forbidden"));
  @@ -1014,6 +1018,8 @@
            throw new LifecycleException
                (sm.getString("authenticator.alreadyStarted"));
        lifecycle.fireLifecycleEvent(START_EVENT, null);
  +        if (context instanceof StandardContext)
  +            setDebug(((StandardContext) context).getDebug());
        started = true;
   
           // Look up the SingleSignOn implementation in our request processing
  
  
  
  1.4       +8 -6      
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/SecurityConstraint.java
  
  Index: SecurityConstraint.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/SecurityConstraint.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- SecurityConstraint.java   2000/10/29 00:35:05     1.3
  +++ SecurityConstraint.java   2001/05/10 23:53:54     1.4
  @@ -1,7 +1,7 @@
   /*
  - * $Header: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/SecurityConstraint.java,v
 1.3 2000/10/29 00:35:05 craigmcc Exp $
  - * $Revision: 1.3 $
  - * $Date: 2000/10/29 00:35:05 $
  + * $Header: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy/SecurityConstraint.java,v
 1.4 2001/05/10 23:53:54 craigmcc Exp $
  + * $Revision: 1.4 $
  + * $Date: 2001/05/10 23:53:54 $
    *
    * ====================================================================
    *
  @@ -77,7 +77,7 @@
    * this class is synchronized.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.3 $ $Date: 2000/10/29 00:35:05 $
  + * @version $Revision: 1.4 $ $Date: 2001/05/10 23:53:54 $
    */
   
   public final class SecurityConstraint {
  @@ -234,14 +234,16 @@
   
        if (authRole == null)
            return;
  +        if ("*".equals(authRole)) {
  +            allRoles = true;
  +            return;
  +        }
        String results[] = new String[authRoles.length + 1];
        for (int i = 0; i < authRoles.length; i++)
            results[i] = authRoles[i];
        results[authRoles.length] = authRole;
        authRoles = results;
           authConstraint = true;
  -        if ("*".equals(authRole))
  -            allRoles = true;
   
       }
cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/deploy SecurityConstraint.java

Reply via email to
