bobh 2002/11/01 10:48:52 Modified: catalina/src/share/org/apache/catalina/authenticator SSLAuthenticator.java Log: To allow the underlying SSL implementation to perform the certificate exchange, the socket must be completely read. If the request was a POST, then there is data still waiting on the socket. We should read the entire POST and hold on to it. This change just takes care of the case where the posted ContentType is application/x-www-form-urlencoded. I will work over the next few days to implement a more general solution. Kinda hairy, cause if someone posts a huge document - like a movie file, then were do we buffer that? on disk? So if the POST is bigger than size X, then start saving to a temporary file? Then change Request.getInputStream() to read from the file? Joy. Revision Changes Path 1.5 +12 -4 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/SSLAuthenticator.java Index: SSLAuthenticator.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/SSLAuthenticator.java,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- SSLAuthenticator.java 23 Sep 2002 00:24:32 -0000 1.4 +++ SSLAuthenticator.java 1 Nov 2002 18:48:52 -0000 1.5 @@ -148,6 +148,14 @@ (HttpServletResponse) response.getResponse(); if (debug >= 1) log(" Looking up certificates"); + + if ("POST".equalsIgnoreCase(request.getMethod())) { + // Causes POST of application/x-www-form-urlencoded to be read, + // removing data from socket so that a cert exchange can happen if needed. + // A more general solution for all POSTs is coming 01-Nov-2002 bobh + ((HttpServletRequest) request.getRequest()).getParameterMap(); + } + X509Certificate certs[] = (X509Certificate[]) request.getRequest().getAttribute(Globals.CERTIFICATES_ATTR); if ((certs == null) || (certs.length < 1)) {
-- To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>