You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by jg...@apache.org on 2005/09/12 13:03:49 UTC

svn commit: r280318 - /geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java

Author: jgenender
Date: Mon Sep 12 04:03:44 2005
New Revision: 280318

URL: http://svn.apache.org/viewcvs?rev=280318&view=rev
Log:
Fixed issues relating to SSL and JACC

Modified:
    geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java

Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java?rev=280318&r1=280317&r2=280318&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java (original)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java Mon Sep 12 04:03:44 2005
@@ -87,7 +87,7 @@
                                          Response response,
                                          SecurityConstraint[] constraints)
             throws IOException {
-
+        
         //Get an authenticated subject, if there is one
         Subject subject = null;
         try {
@@ -114,7 +114,14 @@
             /**
              * JACC v1.0 secion 4.1.1
              */
-            WebUserDataPermission wudp = new WebUserDataPermission(request);
+            String transportType;
+            if (request.isSecure()) {
+                transportType = "CONFIDENTIAL";
+                //What about INTEGRAL?? Does Tomcat support it??
+            } else {
+                transportType = "NONE";
+            }
+            WebUserDataPermission wudp = new WebUserDataPermission(request.getServletPath(), new String[]{request.getMethod()}, transportType);
             acc.checkPermission(wudp);
 
         } catch (AccessControlException ace) {
@@ -138,7 +145,7 @@
      */
     public boolean hasResourcePermission(Request request,
                                          Response response,
-                                         SecurityConstraint[] constraint,
+                                         SecurityConstraint[] constraints,
                                          Context context)
             throws IOException {
 
@@ -172,9 +179,12 @@
 
         // Which user principal have we already authenticated?
         Principal principal = request.getUserPrincipal();
-
+ 
         //If we have no principal, then we should use the default.
         if (principal == null) {
+            if (request.isSecure())
+                return true;
+            
             return false;
         } else {
             ContextManager.setCurrentCaller(((JAASTomcatPrincipal) principal).getSubject());
@@ -404,7 +414,6 @@
             return null;
         }
     }
-
 
     /**
      * Prepare for active use of the public methods of this <code>Component</code>.