You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2022/11/17 10:37:42 UTC

[tomcat] branch 8.5.x updated: Only add the servlet context attribute if the realm is on the context

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
     new c316ab19d6 Only add the servlet context attribute if the realm is on the context
c316ab19d6 is described below

commit c316ab19d68212f3b9225a10b2a9813700947ec8
Author: remm <re...@apache.org>
AuthorDate: Thu Nov 17 11:35:40 2022 +0100

    Only add the servlet context attribute if the realm is on the context
    
    Partial revert.
---
 java/org/apache/catalina/core/StandardContext.java | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/java/org/apache/catalina/core/StandardContext.java b/java/org/apache/catalina/core/StandardContext.java
index 1458b10c1e..d692f58836 100644
--- a/java/org/apache/catalina/core/StandardContext.java
+++ b/java/org/apache/catalina/core/StandardContext.java
@@ -5105,22 +5105,19 @@ public class StandardContext extends ContainerBase
                     if (realm instanceof Lifecycle) {
                         ((Lifecycle) realm).start();
                     }
-                }
 
-                realm = getRealm();
-                if (null != realm) {
                     // Place the CredentialHandler into the ServletContext so
                     // applications can have access to it. Wrap it in a "safe"
                     // handler so application's can't modify it.
                     CredentialHandler safeHandler = new CredentialHandler() {
                         @Override
                         public boolean matches(String inputCredentials, String storedCredentials) {
-                            return getRealm().getCredentialHandler().matches(inputCredentials, storedCredentials);
+                            return getRealmInternal().getCredentialHandler().matches(inputCredentials, storedCredentials);
                         }
 
                         @Override
                         public String mutate(String inputCredentials) {
-                            return getRealm().getCredentialHandler().mutate(inputCredentials);
+                            return getRealmInternal().getCredentialHandler().mutate(inputCredentials);
                         }
                     };
                     context.setAttribute(Globals.CREDENTIAL_HANDLER, safeHandler);


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org