You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/03/17 22:01:55 UTC
svn commit: r1667402 -
/tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java
Author: markt
Date: Tue Mar 17 21:01:55 2015
New Revision: 1667402
URL: http://svn.apache.org/r1667402
Log:
Refactor the non-login authenticator to align it with the other authenticators.
There is never any need to create a session and set a Principal for this authenticator. Either the user principal has been set before this authenticator is called (in which case no need to set the Principal in the session) or it can't be set by this authenticator (since it doesn't do authentication).
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java
Modified: tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java?rev=1667402&r1=1667401&r2=1667402&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java (original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java Tue Mar 17 21:01:55 2015
@@ -17,11 +17,9 @@
package org.apache.catalina.authenticator;
import java.io.IOException;
-import java.security.Principal;
import javax.servlet.http.HttpServletResponse;
-import org.apache.catalina.Session;
import org.apache.catalina.connector.Request;
/**
@@ -79,34 +77,9 @@ public final class NonLoginAuthenticator
public boolean authenticate(Request request, HttpServletResponse response)
throws IOException {
- Principal principal = request.getPrincipal();
- if (principal != null) {
- // excellent... we have already authenticated the client somehow,
- // probably from another container that has a login-config
- if (containerLog.isDebugEnabled())
- containerLog.debug("Already authenticated as '"
- + principal.getName() + "'");
-
- if (cache) {
- // create a new session (only if necessary)
- Session session = request.getSessionInternal(true);
-
- // save the inherited Principal (if necessary) in this
- // session so it can remain authenticated until it expires
- session.setPrincipal(principal);
-
- // is there an SSO session cookie?
- String ssoId =
- (String) request.getNote(Constants.REQ_SSOID_NOTE);
- if (ssoId != null) {
- if (containerLog.isDebugEnabled())
- containerLog.debug("User authenticated by existing SSO");
- // Associate session with the existing SSO ID if necessary
- associate(ssoId, session);
- }
- }
-
- // user was already authenticated, with or without a cookie
+ // Don't try and use SSO to authenticate since there is no auth
+ // configured for this web application
+ if (checkForCachedAuthentication(request, true)) {
return true;
}
@@ -115,7 +88,6 @@ public final class NonLoginAuthenticator
// to say the user is now authenticated because access to
// protected resources will only be allowed with a matching role.
// i.e. SC_FORBIDDEN (403 status) will be generated later.
-
if (containerLog.isDebugEnabled())
containerLog.debug("User authenticated without any roles");
return true;
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org