craigmcc    01/05/15 18:40:02

  Modified:    catalina/src/share/org/apache/catalina/authenticator
                        AuthenticatorBase.java
  Log:
  Synthesize a version based on 1.10 that has only the patch from 1.13.  The
  real version 1.13 will be restored in a moment.
  
  Revision  Changes    Path
  1.14      +31 -97    
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
  
  Index: AuthenticatorBase.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -r1.13 -r1.14
  --- AuthenticatorBase.java    2001/05/10 23:53:53     1.13
  +++ AuthenticatorBase.java    2001/05/16 01:40:00     1.14
  @@ -1,7 +1,7 @@
   /*
  - * $Header: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
 1.13 2001/05/10 23:53:53 craigmcc Exp $
  - * $Revision: 1.13 $
  - * $Date: 2001/05/10 23:53:53 $
  + * $Header: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
 1.14 2001/05/16 01:40:00 craigmcc Exp $
  + * $Revision: 1.14 $
  + * $Date: 2001/05/16 01:40:00 $
    *
    * ====================================================================
    *
  @@ -66,8 +66,6 @@
   
   
   import java.io.IOException;
  -import java.net.MalformedURLException;
  -import java.net.URL;
   import java.security.MessageDigest;
   import java.security.NoSuchAlgorithmException;
   import java.security.Principal;
  @@ -121,7 +119,7 @@
    * requests.  Requests of any other type will simply be passed through.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.13 $ $Date: 2001/05/10 23:53:53 $
  + * @version $Revision: 1.14 $ $Date: 2001/05/16 01:40:00 $
    */
   
   
  @@ -476,41 +474,32 @@
            log(" Subject to constraint " + constraint);
   
        // Enforce any user data constraint for this security constraint
  -        if (debug >= 1)
  -            log(" Calling checkUserData()");
        if (!checkUserData(hrequest, hresponse, constraint)) {
            if (debug >= 1)
                log(" Failed checkUserData() test");
  -            // ASSERT: Authenticator already set the appropriate
  -            // HTTP status code, so we do not have to do anything special
  +            ((HttpServletResponse) hresponse.getResponse()).sendError
  +                (HttpServletResponse.SC_FORBIDDEN,
  +                 ((HttpServletRequest) hrequest.getRequest()).getRequestURI());
            return;
        }
   
        // Authenticate based upon the specified login configuration
  -        if (constraint.getAuthConstraint()) {
  -            if (debug >= 1)
  -                log(" Calling authenticate()");
  -            if (!authenticate(hrequest, hresponse, config)) {
  -                if (debug >= 1)
  -                    log(" Failed authenticate() test");
  -                // ASSERT: Authenticator already set the appropriate
  -                // HTTP status code, so we do not have to do anything special
  -                return;
  -            }
  -        }
  +     if (!authenticate(hrequest, hresponse, config)) {
  +         if (debug >= 1)
  +             log(" Failed authenticate() test");
  +            // ASSERT: Authenticator already set the appropriate
  +            // HTTP status code, so we do not have to do anything special
  +         return;
  +     }
   
        // Perform access control based on the specified role(s)
  -        if (constraint.getAuthConstraint()) {
  -            if (debug >= 1)
  -                log(" Calling accessControl()");
  -            if (!accessControl(hrequest, hresponse, constraint)) {
  -                if (debug >= 1)
  -                    log(" Failed accessControl() test");
  -                // ASSERT: AccessControl method has already set the appropriate
  -                // HTTP status code, so we do not have to do anything special
  -                return;
  -            }
  -        }
  +     if (!accessControl(hrequest, hresponse, constraint)) {
  +         if (debug >= 1)
  +             log(" Failed accessControl() test");
  +            // ASSERT: Access control method has already set the appropriate
  +            // HTTP status code, so we do not have to do anything special
  +         return;
  +     }
   
        // Any and all specified constraints have been satisfied
        if (debug >= 1)
  @@ -645,77 +634,22 @@
        throws IOException {
   
        // Is there a relevant user data constraint?
  -     if (constraint == null) {
  -            if (debug >= 2)
  -             log("  No applicable security constraint defined");
  +     if (constraint == null)
            return (true);
  -        }
        String userConstraint = constraint.getUserConstraint();
  -     if (userConstraint == null) {
  -            if (debug >= 2)
  -             log("  No applicable user data constraint defined");
  +     if (userConstraint == null)
            return (true);
  -        }
  -     if (userConstraint.equals(Constants.NONE_TRANSPORT)) {
  -            if (debug >= 2)
  -                log("  User data constraint has no restrictions");
  +     if (userConstraint.equals(Constants.NONE_TRANSPORT))
            return (true);
  -        }
   
        // Validate the request against the user data constraint
  -     if (request.getRequest().isSecure()) {
  -            if (debug >= 2)
  -                log("  User data constraint already satisfied");
  -            return (true);
  -        }
  -
  -        // Initialize variables we need to determine the appropriate action
  -        HttpServletRequest hrequest =
  -            (HttpServletRequest) request.getRequest();
  -        HttpServletResponse hresponse =
  -            (HttpServletResponse) response.getResponse();
  -        int redirectPort = request.getConnector().getRedirectPort();
  -
  -        // Is redirecting disabled?
  -        if (redirectPort <= 0) {
  -            if (debug >= 2)
  -                log("  SSL redirect is disabled");
  -            hresponse.sendError
  -                (HttpServletResponse.SC_FORBIDDEN,
  -                 hrequest.getRequestURI());
  -            return (false);
  -        }
  -
  -        // Redirect to the corresponding SSL port
  -        String protocol = "https";
  -        String host = hrequest.getServerName();
  -        StringBuffer file = new StringBuffer(hrequest.getRequestURI());
  -        String requestedSessionId = hrequest.getRequestedSessionId();
  -        if ((requestedSessionId != null) &&
  -            hrequest.isRequestedSessionIdFromURL()) {
  -            file.append(";jsessionid=");
  -            file.append(requestedSessionId);
  -        }
  -        String queryString = hrequest.getQueryString();
  -        if (queryString != null) {
  -            file.append('?');
  -            file.append(queryString);
  -        }
  -        URL url = null;
  -        try {
  -            url = new URL(protocol, host, redirectPort, file.toString());
  -            if (debug >= 2)
  -                log("  Redirecting to " + url.toString());
  -            hresponse.sendRedirect(url.toString());
  -            return (false);
  -        } catch (MalformedURLException e) {
  -            if (debug >= 2)
  -                log("  Cannot create new URL", e);
  -            hresponse.sendError
  -                (HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
  -                 hrequest.getRequestURI());
  -            return (false);
  -        }
  +     if (!request.getRequest().isSecure()) {
  +         ((HttpServletResponse) response.getResponse()).sendError
  +             (HttpServletResponse.SC_BAD_REQUEST,
  +              sm.getString("authenticator.userDataConstraint"));
  +         return (false);
  +     }
  +     return (true);
   
       }
   
  
  
  

Reply via email to