craigmcc 01/05/15 18:40:02
Modified: catalina/src/share/org/apache/catalina/authenticator
AuthenticatorBase.java
Log:
Synthesize a version based on 1.10 that has only the patch from 1.13. The
real version 1.13 will be restored in a moment.
Revision Changes Path
1.14 +31 -97
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
Index: AuthenticatorBase.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- AuthenticatorBase.java 2001/05/10 23:53:53 1.13
+++ AuthenticatorBase.java 2001/05/16 01:40:00 1.14
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.13 2001/05/10 23:53:53 craigmcc Exp $
- * $Revision: 1.13 $
- * $Date: 2001/05/10 23:53:53 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.14 2001/05/16 01:40:00 craigmcc Exp $
+ * $Revision: 1.14 $
+ * $Date: 2001/05/16 01:40:00 $
*
* ====================================================================
*
@@ -66,8 +66,6 @@
import java.io.IOException;
-import java.net.MalformedURLException;
-import java.net.URL;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
@@ -121,7 +119,7 @@
* requests. Requests of any other type will simply be passed through.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.13 $ $Date: 2001/05/10 23:53:53 $
+ * @version $Revision: 1.14 $ $Date: 2001/05/16 01:40:00 $
*/
@@ -476,41 +474,32 @@
log(" Subject to constraint " + constraint);
// Enforce any user data constraint for this security constraint
- if (debug >= 1)
- log(" Calling checkUserData()");
if (!checkUserData(hrequest, hresponse, constraint)) {
if (debug >= 1)
log(" Failed checkUserData() test");
- // ASSERT: Authenticator already set the appropriate
- // HTTP status code, so we do not have to do anything special
+ ((HttpServletResponse) hresponse.getResponse()).sendError
+ (HttpServletResponse.SC_FORBIDDEN,
+ ((HttpServletRequest) hrequest.getRequest()).getRequestURI());
return;
}
// Authenticate based upon the specified login configuration
- if (constraint.getAuthConstraint()) {
- if (debug >= 1)
- log(" Calling authenticate()");
- if (!authenticate(hrequest, hresponse, config)) {
- if (debug >= 1)
- log(" Failed authenticate() test");
- // ASSERT: Authenticator already set the appropriate
- // HTTP status code, so we do not have to do anything special
- return;
- }
- }
+ if (!authenticate(hrequest, hresponse, config)) {
+ if (debug >= 1)
+ log(" Failed authenticate() test");
+ // ASSERT: Authenticator already set the appropriate
+ // HTTP status code, so we do not have to do anything special
+ return;
+ }
// Perform access control based on the specified role(s)
- if (constraint.getAuthConstraint()) {
- if (debug >= 1)
- log(" Calling accessControl()");
- if (!accessControl(hrequest, hresponse, constraint)) {
- if (debug >= 1)
- log(" Failed accessControl() test");
- // ASSERT: AccessControl method has already set the appropriate
- // HTTP status code, so we do not have to do anything special
- return;
- }
- }
+ if (!accessControl(hrequest, hresponse, constraint)) {
+ if (debug >= 1)
+ log(" Failed accessControl() test");
+ // ASSERT: Access control method has already set the appropriate
+ // HTTP status code, so we do not have to do anything special
+ return;
+ }
// Any and all specified constraints have been satisfied
if (debug >= 1)
@@ -645,77 +634,22 @@
throws IOException {
// Is there a relevant user data constraint?
- if (constraint == null) {
- if (debug >= 2)
- log(" No applicable security constraint defined");
+ if (constraint == null)
return (true);
- }
String userConstraint = constraint.getUserConstraint();
- if (userConstraint == null) {
- if (debug >= 2)
- log(" No applicable user data constraint defined");
+ if (userConstraint == null)
return (true);
- }
- if (userConstraint.equals(Constants.NONE_TRANSPORT)) {
- if (debug >= 2)
- log(" User data constraint has no restrictions");
+ if (userConstraint.equals(Constants.NONE_TRANSPORT))
return (true);
- }
// Validate the request against the user data constraint
- if (request.getRequest().isSecure()) {
- if (debug >= 2)
- log(" User data constraint already satisfied");
- return (true);
- }
-
- // Initialize variables we need to determine the appropriate action
- HttpServletRequest hrequest =
- (HttpServletRequest) request.getRequest();
- HttpServletResponse hresponse =
- (HttpServletResponse) response.getResponse();
- int redirectPort = request.getConnector().getRedirectPort();
-
- // Is redirecting disabled?
- if (redirectPort <= 0) {
- if (debug >= 2)
- log(" SSL redirect is disabled");
- hresponse.sendError
- (HttpServletResponse.SC_FORBIDDEN,
- hrequest.getRequestURI());
- return (false);
- }
-
- // Redirect to the corresponding SSL port
- String protocol = "https";
- String host = hrequest.getServerName();
- StringBuffer file = new StringBuffer(hrequest.getRequestURI());
- String requestedSessionId = hrequest.getRequestedSessionId();
- if ((requestedSessionId != null) &&
- hrequest.isRequestedSessionIdFromURL()) {
- file.append(";jsessionid=");
- file.append(requestedSessionId);
- }
- String queryString = hrequest.getQueryString();
- if (queryString != null) {
- file.append('?');
- file.append(queryString);
- }
- URL url = null;
- try {
- url = new URL(protocol, host, redirectPort, file.toString());
- if (debug >= 2)
- log(" Redirecting to " + url.toString());
- hresponse.sendRedirect(url.toString());
- return (false);
- } catch (MalformedURLException e) {
- if (debug >= 2)
- log(" Cannot create new URL", e);
- hresponse.sendError
- (HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
- hrequest.getRequestURI());
- return (false);
- }
+ if (!request.getRequest().isSecure()) {
+ ((HttpServletResponse) response.getResponse()).sendError
+ (HttpServletResponse.SC_BAD_REQUEST,
+ sm.getString("authenticator.userDataConstraint"));
+ return (false);
+ }
+ return (true);
}