You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2022/11/17 10:37:42 UTC
[tomcat] branch 8.5.x updated: Only add the servlet context attribute if the realm is on the context
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new c316ab19d6 Only add the servlet context attribute if the realm is on the context
c316ab19d6 is described below
commit c316ab19d68212f3b9225a10b2a9813700947ec8
Author: remm <re...@apache.org>
AuthorDate: Thu Nov 17 11:35:40 2022 +0100
Only add the servlet context attribute if the realm is on the context
Partial revert.
---
java/org/apache/catalina/core/StandardContext.java | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/java/org/apache/catalina/core/StandardContext.java b/java/org/apache/catalina/core/StandardContext.java
index 1458b10c1e..d692f58836 100644
--- a/java/org/apache/catalina/core/StandardContext.java
+++ b/java/org/apache/catalina/core/StandardContext.java
@@ -5105,22 +5105,19 @@ public class StandardContext extends ContainerBase
if (realm instanceof Lifecycle) {
((Lifecycle) realm).start();
}
- }
- realm = getRealm();
- if (null != realm) {
// Place the CredentialHandler into the ServletContext so
// applications can have access to it. Wrap it in a "safe"
// handler so application's can't modify it.
CredentialHandler safeHandler = new CredentialHandler() {
@Override
public boolean matches(String inputCredentials, String storedCredentials) {
- return getRealm().getCredentialHandler().matches(inputCredentials, storedCredentials);
+ return getRealmInternal().getCredentialHandler().matches(inputCredentials, storedCredentials);
}
@Override
public String mutate(String inputCredentials) {
- return getRealm().getCredentialHandler().mutate(inputCredentials);
+ return getRealmInternal().getCredentialHandler().mutate(inputCredentials);
}
};
context.setAttribute(Globals.CREDENTIAL_HANDLER, safeHandler);
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org