costin 02/02/06 16:44:40 Modified: jk/java/org/apache/ajp/tomcat4 Ajp13Connector.java Ajp13Processor.java Log: Added the 'secret' attribute to Ajp13Connector. If not set, nothing changes in the request processing. If set - tomcat will require a password on incoming connections ( i.e. a secret to be set in the ajp worker ). This is of course a new/experimental feature, not documented, etc - use on your own risk ( I'm still testing it ) ( I'll check in the 3.3 version later, I hope it'll make it in 3.3.1 ) Revision Changes Path 1.12 +13 -4 jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Connector.java Index: Ajp13Connector.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Connector.java,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- Ajp13Connector.java 10 Jan 2002 02:53:40 -0000 1.11 +++ Ajp13Connector.java 7 Feb 2002 00:44:40 -0000 1.12 @@ -1,7 +1,7 @@ /* - * $Header: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Connector.java,v 1.11 2002/01/10 02:53:40 seguin Exp $ - * $Revision: 1.11 $ - * $Date: 2002/01/10 02:53:40 $ + * $Header: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Connector.java,v 1.12 2002/02/07 00:44:40 costin Exp $ + * $Revision: 1.12 $ + * $Date: 2002/02/07 00:44:40 $ * * ==================================================================== * @@ -93,7 +93,7 @@ * Implementation of an Ajp13 connector. * * @author Kevin Seguin - * @version $Revision: 1.11 $ $Date: 2002/01/10 02:53:40 $ + * @version $Revision: 1.12 $ $Date: 2002/02/07 00:44:40 $ */ @@ -271,6 +271,7 @@ */ private Service service = null; + private String secret = null; // ------------------------------------------------------------- Properties @@ -296,6 +297,14 @@ } + public void setSecret( String s ) { + secret=s; + } + + public String getSecret() { + return secret; + } + /** * Return the accept count for this Connector. 1.7 +23 -4 jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Processor.java Index: Ajp13Processor.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Processor.java,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- Ajp13Processor.java 10 Jan 2002 03:03:59 -0000 1.6 +++ Ajp13Processor.java 7 Feb 2002 00:44:40 -0000 1.7 @@ -1,7 +1,7 @@ /* - * $Header: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Processor.java,v 1.6 2002/01/10 03:03:59 seguin Exp $ - * $Revision: 1.6 $ - * $Date: 2002/01/10 03:03:59 $ + * $Header: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Processor.java,v 1.7 2002/02/07 00:44:40 costin Exp $ + * $Revision: 1.7 $ + * $Date: 2002/02/07 00:44:40 $ * * ==================================================================== * @@ -102,7 +102,7 @@ /** * @author Kevin Seguin - * @version $Revision: 1.6 $ $Date: 2002/01/10 03:03:59 $ + * @version $Revision: 1.7 $ $Date: 2002/02/07 00:44:40 $ */ final class Ajp13Processor @@ -360,6 +360,10 @@ } boolean moreRequests = true; + String expectedSecret=connector.getSecret(); + + boolean needAuth= ( expectedSecret != null ); + while (moreRequests && !stopped.value()) { int status = 0; @@ -369,6 +373,21 @@ logger.log("process: ajp13.receiveNextRequest", e); } + if( needAuth ) { + String connSecret=ajp13.getSecret(); + if( connSecret == null ) { + logger.log( "Connection without password, " + + "tomcat is configured to require one" ); + break; + } + if( ! connSecret.equals(expectedSecret) ) { + logger.log( "Connection with wrong password" ); + break; + } + + needAuth=false; + } + if (stopped.value()) { if (debug > 0) { logger.log("process: received request, but we're stopped");
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>