You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/12/02 20:42:38 UTC
[tomcat] branch master updated (c92fab2 -> 17e9bda)
This is an automated email from the ASF dual-hosted git repository.
markt pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git.
from c92fab2 Harmonize again writes, thanks to Mark for the review.
new 5782197 Alternative wording
new 4acf1da Force Locale for to[Upper|Lower]Case()
new 17e9bda Remove leading spaces from debug messages
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../catalina/authenticator/AuthenticatorBase.java | 25 +++++------
webapps/docs/config/valve.xml | 48 +++++++++++-----------
2 files changed, 37 insertions(+), 36 deletions(-)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[tomcat] 02/03: Force Locale for to[Upper|Lower]Case()
Posted by ma...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 4acf1daa741e56e2e509345cc4f331b244f0c7f7
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Dec 2 20:29:19 2019 +0000
Force Locale for to[Upper|Lower]Case()
---
java/org/apache/catalina/authenticator/AuthenticatorBase.java | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/catalina/authenticator/AuthenticatorBase.java b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
index 308b019..610f15b 100644
--- a/java/org/apache/catalina/authenticator/AuthenticatorBase.java
+++ b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
@@ -19,6 +19,7 @@ package org.apache.catalina.authenticator;
import java.io.IOException;
import java.security.Principal;
import java.security.cert.X509Certificate;
+import java.util.Locale;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
@@ -251,11 +252,11 @@ public abstract class AuthenticatorBase extends ValveBase
// ------------------------------------------------------------- Properties
public String getAllowCorsPreflight() {
- return allowCorsPreflight.name().toLowerCase();
+ return allowCorsPreflight.name().toLowerCase(Locale.ENGLISH);
}
public void setAllowCorsPreflight(String allowCorsPreflight) {
- this.allowCorsPreflight = AllowCorsPreflight.valueOf(allowCorsPreflight.trim().toUpperCase());
+ this.allowCorsPreflight = AllowCorsPreflight.valueOf(allowCorsPreflight.trim().toUpperCase(Locale.ENGLISH));
}
public boolean getAlwaysUseSession() {
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[tomcat] 01/03: Alternative wording
Posted by ma...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 5782197c2480dc5467ed7204d8dd57522c2d9e91
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Dec 2 20:28:31 2019 +0000
Alternative wording
---
webapps/docs/config/valve.xml | 48 +++++++++++++++++++++----------------------
1 file changed, 24 insertions(+), 24 deletions(-)
diff --git a/webapps/docs/config/valve.xml b/webapps/docs/config/valve.xml
index ca32e37..00c25eb 100644
--- a/webapps/docs/config/valve.xml
+++ b/webapps/docs/config/valve.xml
@@ -1208,12 +1208,12 @@
<code>always</code>. <code>never</code> means that a request will never
bypass authentication even if it appears to be a CORS preflight request.
<code>filter</code> means that a request will bypass authentication if
- it appears to be a CORS preflight request and the web application the
- request maps to has the <a href="filter.html#CORS_Filter">CORS
- Filter</a> enabled and mapped to <code>/*</code>. <code>always</code>
- means that all requests that appear to be CORS preflight requests will
- bypass authentication. If not set, the default value is
- <code>never</code>.</p>
+ it appears to be a CORS preflight request; it is mapped to a web
+ application that has the <a href="filter.html#CORS_Filter">CORS
+ Filter</a> enabled; and the CORS Filter is mapped to <code>/*</code>.
+ <code>always</code> means that all requests that appear to be CORS
+ preflight requests will bypass authentication. If not set, the default
+ value is <code>never</code>.</p>
</attribute>
<attribute name="alwaysUseSession" required="false">
@@ -1366,12 +1366,12 @@
<code>always</code>. <code>never</code> means that a request will never
bypass authentication even if it appears to be a CORS preflight request.
<code>filter</code> means that a request will bypass authentication if
- it appears to be a CORS preflight request and the web application the
- request maps to has the <a href="filter.html#CORS_Filter">CORS
- Filter</a> enabled and mapped to <code>/*</code>. <code>always</code>
- means that all requests that appear to be CORS preflight requests will
- bypass authentication. If not set, the default value is
- <code>never</code>.</p>
+ it appears to be a CORS preflight request; it is mapped to a web
+ application that has the <a href="filter.html#CORS_Filter">CORS
+ Filter</a> enabled; and the CORS Filter is mapped to <code>/*</code>.
+ <code>always</code> means that all requests that appear to be CORS
+ preflight requests will bypass authentication. If not set, the default
+ value is <code>never</code>.</p>
</attribute>
<attribute name="alwaysUseSession" required="false">
@@ -1548,12 +1548,12 @@
<code>always</code>. <code>never</code> means that a request will never
bypass authentication even if it appears to be a CORS preflight request.
<code>filter</code> means that a request will bypass authentication if
- it appears to be a CORS preflight request and the web application the
- request maps to has the <a href="filter.html#CORS_Filter">CORS
- Filter</a> enabled and mapped to <code>/*</code>. <code>always</code>
- means that all requests that appear to be CORS preflight requests will
- bypass authentication. If not set, the default value is
- <code>never</code>.</p>
+ it appears to be a CORS preflight request; it is mapped to a web
+ application that has the <a href="filter.html#CORS_Filter">CORS
+ Filter</a> enabled; and the CORS Filter is mapped to <code>/*</code>.
+ <code>always</code> means that all requests that appear to be CORS
+ preflight requests will bypass authentication. If not set, the default
+ value is <code>never</code>.</p>
</attribute>
<attribute name="changeSessionIdOnAuthentication" required="false">
@@ -1689,12 +1689,12 @@
<code>always</code>. <code>never</code> means that a request will never
bypass authentication even if it appears to be a CORS preflight request.
<code>filter</code> means that a request will bypass authentication if
- it appears to be a CORS preflight request and the web application the
- request maps to has the <a href="filter.html#CORS_Filter">CORS
- Filter</a> enabled and mapped to <code>/*</code>. <code>always</code>
- means that all requests that appear to be CORS preflight requests will
- bypass authentication. If not set, the default value is
- <code>never</code>.</p>
+ it appears to be a CORS preflight request; it is mapped to a web
+ application that has the <a href="filter.html#CORS_Filter">CORS
+ Filter</a> enabled; and the CORS Filter is mapped to <code>/*</code>.
+ <code>always</code> means that all requests that appear to be CORS
+ preflight requests will bypass authentication. If not set, the default
+ value is <code>never</code>.</p>
</attribute>
<attribute name="cache" required="false">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[tomcat] 03/03: Remove leading spaces from debug messages
Posted by ma...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 17e9bda849f1e741f846d6af53e6405ce09be175
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Dec 2 20:30:33 2019 +0000
Remove leading spaces from debug messages
---
.../catalina/authenticator/AuthenticatorBase.java | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/java/org/apache/catalina/authenticator/AuthenticatorBase.java b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
index 610f15b..b6f2c9e 100644
--- a/java/org/apache/catalina/authenticator/AuthenticatorBase.java
+++ b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
@@ -537,7 +537,7 @@ public abstract class AuthenticatorBase extends ValveBase
if (constraints == null && !context.getPreemptiveAuthentication() && !authRequired) {
if (log.isDebugEnabled()) {
- log.debug(" Not subject to any constraint");
+ log.debug("Not subject to any constraint");
}
getNext().invoke(request, response);
return;
@@ -560,11 +560,11 @@ public abstract class AuthenticatorBase extends ValveBase
if (constraints != null) {
// Enforce any user data constraint for this security constraint
if (log.isDebugEnabled()) {
- log.debug(" Calling hasUserDataPermission()");
+ log.debug("Calling hasUserDataPermission()");
}
if (!realm.hasUserDataPermission(request, response, constraints)) {
if (log.isDebugEnabled()) {
- log.debug(" Failed hasUserDataPermission() test");
+ log.debug("Failed hasUserDataPermission() test");
}
/*
* ASSERT: Authenticator already set the appropriate HTTP status
@@ -611,7 +611,7 @@ public abstract class AuthenticatorBase extends ValveBase
if ((authRequired || constraints != null) && allowCorsPreflightBypass(request)) {
if (log.isDebugEnabled()) {
- log.debug(" CORS Preflight request bypassing authentication");
+ log.debug("CORS Preflight request bypassing authentication");
}
getNext().invoke(request, response);
return;
@@ -619,7 +619,7 @@ public abstract class AuthenticatorBase extends ValveBase
if (authRequired) {
if (log.isDebugEnabled()) {
- log.debug(" Calling authenticate()");
+ log.debug("Calling authenticate()");
}
if (jaspicProvider != null) {
@@ -633,7 +633,7 @@ public abstract class AuthenticatorBase extends ValveBase
jaspicProvider != null &&
!authenticateJaspic(request, response, jaspicState, false)) {
if (log.isDebugEnabled()) {
- log.debug(" Failed authenticate() test");
+ log.debug("Failed authenticate() test");
}
/*
* ASSERT: Authenticator already set the appropriate HTTP status
@@ -646,11 +646,11 @@ public abstract class AuthenticatorBase extends ValveBase
if (constraints != null) {
if (log.isDebugEnabled()) {
- log.debug(" Calling accessControl()");
+ log.debug("Calling accessControl()");
}
if (!realm.hasResourcePermission(request, response, constraints, this.context)) {
if (log.isDebugEnabled()) {
- log.debug(" Failed accessControl() test");
+ log.debug("Failed accessControl() test");
}
/*
* ASSERT: AccessControl method has already set the appropriate
@@ -662,7 +662,7 @@ public abstract class AuthenticatorBase extends ValveBase
// Any and all specified constraints have been satisfied
if (log.isDebugEnabled()) {
- log.debug(" Successfully passed all security constraints");
+ log.debug("Successfully passed all security constraints");
}
getNext().invoke(request, response);
@@ -1068,7 +1068,7 @@ public abstract class AuthenticatorBase extends ValveBase
associate(ssoId, request.getSessionInternal(true));
if (log.isDebugEnabled()) {
- log.debug(" Reauthenticated cached principal '" +
+ log.debug("Reauthenticated cached principal '" +
request.getUserPrincipal().getName() +
"' with auth type '" + request.getAuthType() + "'");
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org