nacho 01/09/12 14:35:46
Modified: src/share/org/apache/tomcat/modules/server
Ajp13Interceptor.java Ajp13.java
Log:
Implemented the "tomcatAuthtentication" attribute.
This attribute when true ( de default ) permits
the user of the Ajp13 protocol to override
auth from the HTTP Server, and let Tomcat
deal with auth itself.
Revision Changes Path
1.13 +23 -11
jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Ajp13Interceptor.java
Index: Ajp13Interceptor.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Ajp13Interceptor.java,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- Ajp13Interceptor.java 2001/08/29 05:08:07 1.12
+++ Ajp13Interceptor.java 2001/09/12 21:35:46 1.13
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Ajp13Interceptor.java,v
1.12 2001/08/29 05:08:07 costin Exp $
- * $Revision: 1.12 $
- * $Date: 2001/08/29 05:08:07 $
+ * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Ajp13Interceptor.java,v
1.13 2001/09/12 21:35:46 nacho Exp $
+ * $Revision: 1.13 $
+ * $Date: 2001/09/12 21:35:46 $
*
* ====================================================================
*
@@ -79,6 +79,7 @@
public class Ajp13Interceptor extends PoolTcpConnector
implements TcpConnectionHandler
{
+ private boolean tomcatAuthentication=true;
public Ajp13Interceptor()
{
super();
@@ -99,10 +100,12 @@
Object thData[]=new Object[3];
Ajp13Request req=new Ajp13Request();
Ajp13Response res=new Ajp13Response();
+ Ajp13 con=new Ajp13();
+ con.setTomcatAuthentication(isTomcatAuthentication());
cm.initRequest(req, res);
thData[0]=req;
thData[1]=res;
- thData[2]=new Ajp13();
+ thData[2]=con;
return thData;
}
@@ -140,12 +143,13 @@
req = new Ajp13Request();
res = new Ajp13Response();
con = new Ajp13();
+ con.setTomcatAuthentication(isTomcatAuthentication());
cm.initRequest( req, res );
}
// XXX
req.ajp13=con;
res.ajp13=con;
-
+
con.setSocket(socket);
boolean moreRequests = true;
@@ -159,13 +163,13 @@
socket.getInetAddress())) {
moreRequests = false;
continue;
- }
+ }
}
if( status != 200 )
break;
-
+
cm.service(req, res);
-
+
req.recycle();
res.recycle();
}
@@ -181,13 +185,13 @@
{
this.cm=(ContextManager)contextM;
}
-
+
protected boolean doShutdown(InetAddress serverAddr,
InetAddress clientAddr)
{
try {
// close the socket connection before handling any signal
- // but get the addresses first so they are not corrupted
+ // but get the addresses first so they are not corrupted
if(Ajp12.isSameAddress(serverAddr, clientAddr)) {
cm.stop();
// same behavior as in past, because it seems that
@@ -201,7 +205,15 @@
log("Shutdown command ignored");
return false;
}
-
+
+ public boolean isTomcatAuthentication() {
+ return tomcatAuthentication;
+ }
+
+ public void setTomcatAuthentication(boolean newTomcatAuthentication) {
+ tomcatAuthentication = newTomcatAuthentication;
+ }
+
}
class Ajp13Request extends Request
1.25 +35 -20
jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Ajp13.java
Index: Ajp13.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Ajp13.java,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- Ajp13.java 2001/09/01 01:53:25 1.24
+++ Ajp13.java 2001/09/12 21:35:46 1.25
@@ -194,30 +194,40 @@
Ajp13Packet inBuf = new Ajp13Packet( MAX_PACKET_SIZE );
// Boffer used for request head ( and headers )
Ajp13Packet hBuf=new Ajp13Packet( MAX_PACKET_SIZE );
-
+
// Holds incoming reads of request body data (*not* header data)
byte []bodyBuff = new byte[MAX_READ_SIZE];
-
+
int blen; // Length of current chunk of body data in buffer
int pos; // Current read position within that buffer
boolean end_of_stream; // true if we've received an empty packet
- public Ajp13()
+ // True to ignore HTTP server auth
+ private boolean tomcatAuthentication=true;
+
+ public Ajp13()
{
super();
}
- public void recycle()
+ public void recycle()
{
// This is a touch cargo-cultish, but I think wise.
- blen = 0;
+ blen = 0;
pos = 0;
end_of_stream = false;
if( dL>0 ) d( "recycle()");
headersWriter.recycle();
}
-
+
+ public boolean isTomcatAuthentication() {
+ return tomcatAuthentication;
+ }
+
+ public void setTomcatAuthentication(boolean newTomcatAuthentication) {
+ tomcatAuthentication = newTomcatAuthentication;
+ }
/**
* Associate an open socket with this instance.
*/
@@ -326,50 +336,54 @@
case SC_A_CONTEXT :
// contextPath = msg.getString();
break;
-
+
case SC_A_SERVLET_PATH :
//log("SC_A_SERVLET_PATH not in use " + msg.getString());
break;
-
+
case SC_A_REMOTE_USER :
- req.setRemoteUser( msg.getString());
- // XXX recycle ?
- // Note that roles are not integrated with apache
- req.setUserPrincipal( new SimplePrincipal( req.getRemoteUser() ));
+ if (isTomcatAuthentication()) { // Ignore auth done by HTTP Server
+ msg.getString();
+ } else { // Honor auth done by HTTP Server
+ req.setRemoteUser( msg.getString());
+ // XXX recycle ?
+ // Note that roles are not integrated with apache
+ req.setUserPrincipal( new SimplePrincipal( req.getRemoteUser()
));
+ }
break;
-
+
case SC_A_AUTH_TYPE :
req.setAuthType( msg.getString());
break;
-
+
case SC_A_QUERY_STRING :
msg.getMessageBytes( req.queryString());
break;
-
+
case SC_A_JVM_ROUTE :
req.setJvmRoute(msg.getString());
break;
-
+
case SC_A_SSL_CERT :
isSSL = true;
req.setAttribute("javax.servlet.request.X509Certificate",
msg.getString());
break;
-
+
case SC_A_SSL_CIPHER :
isSSL = true;
req.setAttribute("javax.servlet.request.cipher_suite",
msg.getString());
break;
-
+
case SC_A_SSL_SESSION :
isSSL = true;
req.setAttribute("javax.servlet.request.ssl_session",
msg.getString());
break;
-
+
case SC_A_REQ_ATTRIBUTE :
- req.setAttribute(msg.getString(),
+ req.setAttribute(msg.getString(),
msg.getString());
break;
@@ -734,4 +748,5 @@
private void d(String s ) {
System.err.println( "Ajp13: " + s );
}
+
}
