You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by na...@apache.org on 2001/03/09 23:54:07 UTC
cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/aaa AccessInterceptor.java
nacho 01/03/09 14:54:07
Modified: src/examples/jsp/security/login login.jsp
src/examples/jsp index.html
src/share/org/apache/tomcat/modules/aaa
AccessInterceptor.java
Added: src/examples/jsp/security index.jsp
Log:
Fix for < http://nagoya.apache.org/bugzilla/show_bug.cgi?id=539 >
Added a way to show up the changes throught examples/jsp/security/protected.
Reported by: dcernahoschi@softwin.ro
Revision Changes Path
1.3 +1 -1 jakarta-tomcat/src/examples/jsp/security/login/login.jsp
Index: login.jsp
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/examples/jsp/security/login/login.jsp,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- login.jsp 2000/10/09 02:38:15 1.2
+++ login.jsp 2001/03/09 22:54:06 1.3
@@ -2,7 +2,7 @@
<body>
<h1>Login page for examples</h1>
-<form method="POST" action="j_security_check" >
+<form method="POST" action='<%= response.encodeURL("j_security_check")%>' >
Username: <input type="text" name="j_username"><br>
Password: <input type="password" name="j_password"><br>
<br>
1.1 jakarta-tomcat/src/examples/jsp/security/index.jsp
Index: index.jsp
===================================================================
<html>
<!--
Copyright (c) 1999 The Apache Software Foundation. All rights
reserved.
-->
<body bgcolor="white">
<html>
<h1>Security Examples</h1>
<table border=0>
<tr><td>
<a href='<%= response.encodeURL("protected/index.jsp") %>'>Protected Directory, browse it with cookies disabled</a><br/>
</td></tr>
<tr><td>
<a href='protected/index.jsp'>Protected Directory, Use with cookies enabled browser</a>
</td></tr>
</table>
</html>
1.5 +1 -1 jakarta-tomcat/src/examples/jsp/index.html
Index: index.html
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/examples/jsp/index.html,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- index.html 2000/10/09 02:40:01 1.4
+++ index.html 2001/03/09 22:54:06 1.5
@@ -152,7 +152,7 @@
<tr VALIGN=TOP>
<td>Security </td>
-<td VALIGN=TOP WIDTH="30%"><a href="security/protected"><img SRC="../images/execute.gif" HSPACE=4 BORDER=0 align=TOP></a><a href="security/protected">Execute</a></td>
+<td VALIGN=TOP WIDTH="30%"><a href="security/"><img SRC="../images/execute.gif" HSPACE=4 BORDER=0 align=TOP></a><a href="security/">Execute</a></td>
<td WIDTH="30%"><a href="security/security.html"><img SRC="../images/code.gif" HSPACE=4 BORDER=0 height=24 width=24 align=TOP></a><a href="security/security.html">Source</a></td>
</tr>
1.8 +11 -4 jakarta-tomcat/src/share/org/apache/tomcat/modules/aaa/AccessInterceptor.java
Index: AccessInterceptor.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/aaa/AccessInterceptor.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- AccessInterceptor.java 2001/02/20 03:16:51 1.7
+++ AccessInterceptor.java 2001/03/09 22:54:07 1.8
@@ -55,7 +55,7 @@
*
* [Additional notices, if required by prior licensing conditions]
*
- */
+ */
package org.apache.tomcat.modules.aaa;
@@ -459,7 +459,7 @@
ServerSession session=req.getSession( false );
if( session == null ) {
}
-
+
String page=ctx.getFormLoginPage();
String errorPage=ctx.getFormErrorPage();
// assert errorPage!=null ( AccessInterceptor will check
@@ -481,8 +481,15 @@
}
String originalLocation = req.requestURI().toString();
- if (req.queryString().toString() != null)
+ if (req.queryString().toString() != null
+ && !req.queryString().toString().equals(""))
originalLocation += "?" + req.queryString().toString();
+ //XXX is needed to put the JVM route too?
+ if (req.getSessionIdSource().equals(Request.SESSIONID_FROM_URL)){
+ String id=";jsessionid="+req.getSessionId() ;
+ originalLocation += id ;
+ page += id ;
+ }
session.setAttribute( "tomcat.auth.originalLocation",
originalLocation);
if( debug > 0 )
@@ -502,7 +509,7 @@
This is called after the user POST the form login page.
*/
class FormSecurityCheckHandler extends Handler {
-
+
FormSecurityCheckHandler() {
// setOrigin( Handler.ORIGIN_INTERNAL );
name="tomcat.formSecurityCheck";
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, email: tomcat-dev-help@jakarta.apache.org