You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by vi...@apache.org on 2013/08/15 22:31:48 UTC
svn commit: r1514470 -
/tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java
Author: violetagg
Date: Thu Aug 15 20:31:48 2013
New Revision: 1514470
URL: http://svn.apache.org/r1514470
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55354
Restore the context environment parameters after associating the Principle with the given user. Based on patch provided by Richard Begg.
Modified:
tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java
Modified: tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java?rev=1514470&r1=1514469&r2=1514470&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java Thu Aug 15 20:31:48 2013
@@ -2050,9 +2050,12 @@ public class JNDIRealm extends RealmBase
User user = null;
List<String> roles = null;
+ Hashtable<?, ?> preservedEnvironment = null;
try {
if (gssCredential != null && isUseDelegatedCredential()) {
+ // Preserve the current context environment parameters
+ preservedEnvironment = context.getEnvironment();
// Set up context
context.addToEnvironment(
Context.SECURITY_AUTHENTICATION, "GSSAPI");
@@ -2068,24 +2071,12 @@ public class JNDIRealm extends RealmBase
roles = getRoles(context, user);
}
} finally {
- try {
- context.removeFromEnvironment(
- Context.SECURITY_AUTHENTICATION);
- } catch (NamingException e) {
- // Ignore
- }
- try {
- context.removeFromEnvironment(
- "javax.security.sasl.server.authentication");
- } catch (NamingException e) {
- // Ignore
- }
- try {
- context.removeFromEnvironment(
- "javax.security.sasl.qop");
- } catch (NamingException e) {
- // Ignore
- }
+ restoreEnvironmentParameter(context,
+ Context.SECURITY_AUTHENTICATION, preservedEnvironment);
+ restoreEnvironmentParameter(context,
+ "javax.security.sasl.server.authentication", preservedEnvironment);
+ restoreEnvironmentParameter(context, "javax.security.sasl.qop",
+ preservedEnvironment);
}
if (user != null) {
@@ -2096,6 +2087,19 @@ public class JNDIRealm extends RealmBase
return null;
}
+ private void restoreEnvironmentParameter(DirContext context,
+ String parameterName, Hashtable<?, ?> preservedEnvironment) {
+ try {
+ context.removeFromEnvironment(parameterName);
+ if (preservedEnvironment != null && preservedEnvironment.containsKey(parameterName)) {
+ context.addToEnvironment(parameterName,
+ preservedEnvironment.get(parameterName));
+ }
+ } catch (NamingException e) {
+ // Ignore
+ }
+ }
+
/**
* Open (if necessary) and return a connection to the configured
* directory server for this Realm.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org