costin 02/02/06 10:26:50
Modified: jk/java/org/apache/ajp Ajp13.java RequestHandler.java
Log:
Added support for the ajp13 secret. It shouldn't affect anything in the
normal use-case - it just recognizes the new request attributes if it's
sent by apache.
In addition, any attributes with a single string value ( like most
attributes are ) that is not known will be ignored, for better
backward compatibility.
Note that we don't do anything about the secret except recognizing it.
A config option in the connector will use it.
Revision Changes Path
1.23 +9 -0 jakarta-tomcat-connectors/jk/java/org/apache/ajp/Ajp13.java
Index: Ajp13.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/Ajp13.java,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- Ajp13.java 19 Jan 2002 03:23:17 -0000 1.22
+++ Ajp13.java 6 Feb 2002 18:26:50 -0000 1.23
@@ -142,6 +142,7 @@
// If no password is set, use only Ajp13 messaging
boolean backwardCompat=true;
boolean logged=false;
+ String secret=null;
public Ajp13() {
super();
@@ -207,6 +208,14 @@
logged=b;
}
+ public void setSecret( String s ) {
+ secret=s;
+ }
+
+ public String getSecret() {
+ return secret;
+ }
+
// -------------------- Handlers registry --------------------
static final int MAX_HANDLERS=32;
1.11 +16 -1
jakarta-tomcat-connectors/jk/java/org/apache/ajp/RequestHandler.java
Index: RequestHandler.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/RequestHandler.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- RequestHandler.java 31 Jan 2002 17:18:51 -0000 1.10
+++ RequestHandler.java 6 Feb 2002 18:26:50 -0000 1.11
@@ -124,6 +124,7 @@
public static final byte SC_A_SSL_CIPHER = 8;
public static final byte SC_A_SSL_SESSION = 9;
public static final byte SC_A_SSL_KEYSIZE = 11;
+ public static final byte SC_A_SECRET = 12;
// Used for attributes which are not in the list above
public static final byte SC_A_REQ_ATTRIBUTE = 10;
@@ -375,6 +376,17 @@
msg.getString());
break;
+ case SC_A_SECRET :
+ // If a request has a secret attribute, set it on
+ // channel - it'll be visible to the caller ( Interceptor,
+ // Connector ) and it can check it against its settings before
+ // trusting us.
+ String secret=msg.getString();
+ if(secret!=null) {
+ ch.setSecret( secret );
+ }
+ break;
+
case SC_A_SSL_SESSION :
isSSL = true;
req.setAttribute("javax.servlet.request.ssl_session",
@@ -391,7 +403,10 @@
Integer.toString(msg.getInt()));
return 200;
default:
- return 500; // Error
+ // Ignore. Assume a single-string value - we shouldn't
+ // allow anything else.
+ msg.getString();
+ break;
}
}
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
