You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2006/09/16 03:49:08 UTC

DO NOT REPLY [Bug 40524] New: - request.getAuthType() returns different string from HttpServletRequest.CLIENT_CERT_AUTH

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40524>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40524

           Summary: request.getAuthType() returns different string from
                    HttpServletRequest.CLIENT_CERT_AUTH
           Product: Tomcat 5
           Version: 5.5.12
          Platform: Other
        OS/Version: Windows XP
            Status: NEW
          Severity: major
          Priority: P2
         Component: Servlet & JSP API
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: dario@sinistro.net


using inspect:

request.getAuthType()
  (java.lang.String) CLIENT-CERT
	 
HttpServletRequest.CLIENT_CERT_AUTH
   (java.lang.String) CLIENT_CERT

api says they should be the same object (== should work)

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

DO NOT REPLY [Bug 40524] - request.getAuthType() returns different string from HttpServletRequest.CLIENT_CERT_AUTH

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40524>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40524





------- Additional Comments From chris@sourcelabs.com  2007-01-11 11:46 -------
Created an attachment (id=19396)
 --> (http://issues.apache.org/bugzilla/attachment.cgi?id=19396&action=view)
Fix for CLIENT_CERT/CLIENT-CERT mismatch

The auth-methodType value 'CLIENT-CERT' is defined in the web-app DTDs and
XSDs, but HttpServletRequest.java uses 'CLIENT_CERT'.  The Tomcat internal
Request class correctly uses 'CLIENT-CERT'.  This patch fixes
HttpServletRequest to match the descriptor definition.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

DO NOT REPLY [Bug 40524] - request.getAuthType() returns different string from HttpServletRequest.CLIENT_CERT_AUTH

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40524>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40524





------- Additional Comments From markt@apache.org  2007-01-13 19:48 -------
-1 for this patch.

As per the spec:
CLIENT-CERT is for use in web.xml
CLIENT_CERT is the value of HttpServletRequest.CLIENT_CERT_AUTH and should be
returned by HttpServletRequest.getAuthType()

The bug that needs to be fixed is that HttpServletRequest.getAuthType() should
return CLIENT_CERT rather than CLIENT-CERT 

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

DO NOT REPLY [Bug 40524] - request.getAuthType() returns different string from HttpServletRequest.CLIENT_CERT_AUTH

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40524>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40524


markt@apache.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED




------- Additional Comments From markt@apache.org  2007-01-14 07:30 -------
I have committed an alternative fix. It will be in 5.5.21 onwards.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org