You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by sc...@apache.org on 2015/11/20 23:26:21 UTC
svn commit: r1715434 - in /tomcat/trunk:
java/org/apache/catalina/Globals.java
java/org/apache/catalina/core/StandardContext.java webapps/docs/changelog.xml
Author: schultz
Date: Fri Nov 20 22:26:21 2015
New Revision: 1715434
URL: http://svn.apache.org/viewvc?rev=1715434&view=rev
Log:
Make a web application's CredentialHandler available through a context attribute.
Modified:
tomcat/trunk/java/org/apache/catalina/Globals.java
tomcat/trunk/java/org/apache/catalina/core/StandardContext.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/Globals.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/Globals.java?rev=1715434&r1=1715433&r2=1715434&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/Globals.java (original)
+++ tomcat/trunk/java/org/apache/catalina/Globals.java Fri Nov 20 22:26:21 2015
@@ -271,4 +271,12 @@ public final class Globals {
*/
public static final String JASPER_XML_BLOCK_EXTERNAL_INIT_PARAM =
"org.apache.jasper.XML_BLOCK_EXTERNAL";
+
+ /**
+ * Name of the ServletContext attribute under which we store the context
+ * Realm's CredentialHandler (if both the Realm and the CredentialHandler
+ * exist).
+ */
+ public static final String CREDENTIAL_HANDLER
+ = "org.apache.catalina.CredentialHandler";
}
Modified: tomcat/trunk/java/org/apache/catalina/core/StandardContext.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/StandardContext.java?rev=1715434&r1=1715433&r2=1715434&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/core/StandardContext.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/StandardContext.java Fri Nov 20 22:26:21 2015
@@ -86,6 +86,7 @@ import org.apache.catalina.Cluster;
import org.apache.catalina.Container;
import org.apache.catalina.ContainerListener;
import org.apache.catalina.Context;
+import org.apache.catalina.CredentialHandler;
import org.apache.catalina.Globals;
import org.apache.catalina.InstanceListener;
import org.apache.catalina.Lifecycle;
@@ -5128,8 +5129,26 @@ public class StandardContext extends Con
((Lifecycle) cluster).start();
}
Realm realm = getRealmInternal();
- if (realm instanceof Lifecycle) {
- ((Lifecycle) realm).start();
+ if(null != realm) {
+ if (realm instanceof Lifecycle) {
+ ((Lifecycle) realm).start();
+ }
+
+ // Place the CredentialHandler into the ServletContext so
+ // applications can have access to it. Wrap it in a "safe"
+ // handler so application's can't modify it.
+ CredentialHandler safeHandler = new CredentialHandler() {
+ @Override
+ public boolean matches(String inputCredentials, String storedCredentials) {
+ return getRealmInternal().getCredentialHandler().matches(inputCredentials, storedCredentials);
+ }
+
+ @Override
+ public String mutate(String inputCredentials) {
+ return getRealmInternal().getCredentialHandler().mutate(inputCredentials);
+ }
+ };
+ context.setAttribute(Globals.CREDENTIAL_HANDLER, safeHandler);
}
// Notify our interested LifecycleListeners
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1715434&r1=1715433&r2=1715434&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Fri Nov 20 22:26:21 2015
@@ -74,6 +74,12 @@
Correctly notify the MapperListener associated with a Service if the
Engine for that Service is changed. (markt)
</fix>
+ <add>
+ Make a web application's CredentialHandler available through a context
+ attribute. This allows a web application to use the same algorithm
+ for validating or generating new stored credentials from cleartext
+ ones. (schultz)
+ </add>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org