You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by co...@apache.org on 2002/02/07 01:44:40 UTC
cvs commit: jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4 Ajp13Connector.java Ajp13Processor.java
costin 02/02/06 16:44:40
Modified: jk/java/org/apache/ajp/tomcat4 Ajp13Connector.java
Ajp13Processor.java
Log:
Added the 'secret' attribute to Ajp13Connector. If not set, nothing changes
in the request processing.
If set - tomcat will require a password on incoming connections ( i.e. a secret
to be set in the ajp worker ).
This is of course a new/experimental feature, not documented, etc - use
on your own risk ( I'm still testing it )
( I'll check in the 3.3 version later, I hope it'll make it in 3.3.1 )
Revision Changes Path
1.12 +13 -4 jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Connector.java
Index: Ajp13Connector.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Connector.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- Ajp13Connector.java 10 Jan 2002 02:53:40 -0000 1.11
+++ Ajp13Connector.java 7 Feb 2002 00:44:40 -0000 1.12
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Connector.java,v 1.11 2002/01/10 02:53:40 seguin Exp $
- * $Revision: 1.11 $
- * $Date: 2002/01/10 02:53:40 $
+ * $Header: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Connector.java,v 1.12 2002/02/07 00:44:40 costin Exp $
+ * $Revision: 1.12 $
+ * $Date: 2002/02/07 00:44:40 $
*
* ====================================================================
*
@@ -93,7 +93,7 @@
* Implementation of an Ajp13 connector.
*
* @author Kevin Seguin
- * @version $Revision: 1.11 $ $Date: 2002/01/10 02:53:40 $
+ * @version $Revision: 1.12 $ $Date: 2002/02/07 00:44:40 $
*/
@@ -271,6 +271,7 @@
*/
private Service service = null;
+ private String secret = null;
// ------------------------------------------------------------- Properties
@@ -296,6 +297,14 @@
}
+ public void setSecret( String s ) {
+ secret=s;
+ }
+
+ public String getSecret() {
+ return secret;
+ }
+
/**
* Return the accept count for this Connector.
1.7 +23 -4 jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Processor.java
Index: Ajp13Processor.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Processor.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- Ajp13Processor.java 10 Jan 2002 03:03:59 -0000 1.6
+++ Ajp13Processor.java 7 Feb 2002 00:44:40 -0000 1.7
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Processor.java,v 1.6 2002/01/10 03:03:59 seguin Exp $
- * $Revision: 1.6 $
- * $Date: 2002/01/10 03:03:59 $
+ * $Header: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/ajp/tomcat4/Ajp13Processor.java,v 1.7 2002/02/07 00:44:40 costin Exp $
+ * $Revision: 1.7 $
+ * $Date: 2002/02/07 00:44:40 $
*
* ====================================================================
*
@@ -102,7 +102,7 @@
/**
* @author Kevin Seguin
- * @version $Revision: 1.6 $ $Date: 2002/01/10 03:03:59 $
+ * @version $Revision: 1.7 $ $Date: 2002/02/07 00:44:40 $
*/
final class Ajp13Processor
@@ -360,6 +360,10 @@
}
boolean moreRequests = true;
+ String expectedSecret=connector.getSecret();
+
+ boolean needAuth= ( expectedSecret != null );
+
while (moreRequests && !stopped.value()) {
int status = 0;
@@ -369,6 +373,21 @@
logger.log("process: ajp13.receiveNextRequest", e);
}
+ if( needAuth ) {
+ String connSecret=ajp13.getSecret();
+ if( connSecret == null ) {
+ logger.log( "Connection without password, " +
+ "tomcat is configured to require one" );
+ break;
+ }
+ if( ! connSecret.equals(expectedSecret) ) {
+ logger.log( "Connection with wrong password" );
+ break;
+ }
+
+ needAuth=false;
+ }
+
if (stopped.value()) {
if (debug > 0) {
logger.log("process: received request, but we're stopped");
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>