You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by vi...@apache.org on 2013/08/16 07:58:50 UTC
svn commit: r1514589 - in /tomcat/tc7.0.x/trunk: ./
java/org/apache/catalina/realm/JNDIRealm.java webapps/docs/changelog.xml
Author: violetagg
Date: Fri Aug 16 05:58:50 2013
New Revision: 1514589
URL: http://svn.apache.org/r1514589
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55354
Merged revision 1514470 from tomcat/trunk:
Restore the context environment parameters after associating the Principle with the given user. Based on patch provided by Richard Begg.
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc7.0.x/trunk/
------------------------------------------------------------------------------
Merged /tomcat/trunk:r1514470
Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java
URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java?rev=1514589&r1=1514588&r2=1514589&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java (original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java Fri Aug 16 05:58:50 2013
@@ -2070,9 +2070,12 @@ public class JNDIRealm extends RealmBase
User user = null;
List<String> roles = null;
+ Hashtable<?, ?> preservedEnvironment = null;
try {
if (gssCredential != null && isUseDelegatedCredential()) {
+ // Preserve the current context environment parameters
+ preservedEnvironment = context.getEnvironment();
// Set up context
context.addToEnvironment(
Context.SECURITY_AUTHENTICATION, "GSSAPI");
@@ -2088,24 +2091,12 @@ public class JNDIRealm extends RealmBase
roles = getRoles(context, user);
}
} finally {
- try {
- context.removeFromEnvironment(
- Context.SECURITY_AUTHENTICATION);
- } catch (NamingException e) {
- // Ignore
- }
- try {
- context.removeFromEnvironment(
- "javax.security.sasl.server.authentication");
- } catch (NamingException e) {
- // Ignore
- }
- try {
- context.removeFromEnvironment(
- "javax.security.sasl.qop");
- } catch (NamingException e) {
- // Ignore
- }
+ restoreEnvironmentParameter(context,
+ Context.SECURITY_AUTHENTICATION, preservedEnvironment);
+ restoreEnvironmentParameter(context,
+ "javax.security.sasl.server.authentication", preservedEnvironment);
+ restoreEnvironmentParameter(context, "javax.security.sasl.qop",
+ preservedEnvironment);
}
if (user != null) {
@@ -2116,6 +2107,19 @@ public class JNDIRealm extends RealmBase
return null;
}
+ private void restoreEnvironmentParameter(DirContext context,
+ String parameterName, Hashtable<?, ?> preservedEnvironment) {
+ try {
+ context.removeFromEnvironment(parameterName);
+ if (preservedEnvironment != null && preservedEnvironment.containsKey(parameterName)) {
+ context.addToEnvironment(parameterName,
+ preservedEnvironment.get(parameterName));
+ }
+ } catch (NamingException e) {
+ // Ignore
+ }
+ }
+
/**
* Open (if necessary) and return a connection to the configured
* directory server for this Realm.
Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1514589&r1=1514588&r2=1514589&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Fri Aug 16 05:58:50 2013
@@ -108,6 +108,11 @@
ServletContext. (markt)
</fix>
<fix>
+ <bug>55354</bug>: Ensure that the naming context environment parameters
+ are restored after associating the Principle with the user name. Based
+ on patch provided by Richard Begg. (violetagg)
+ </fix>
+ <fix>
<bug>55357</bug>: Ensure the web application class loader is set as a
thread context class loader during session deserialization. (violetagg)
</fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org