You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2018/10/16 10:15:48 UTC
svn commit: r1843991 - in /tomcat/trunk:
java/org/apache/catalina/ant/AbstractCatalinaTask.java
java/org/apache/catalina/util/IOTools.java webapps/docs/changelog.xml
Author: markt
Date: Tue Oct 16 10:15:48 2018
New Revision: 1843991
URL: http://svn.apache.org/viewvc?rev=1843991&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62809
Correct a regression in the implementation of DIGEST authentication support for the Deployer Ant tasks (bug 45832) that prevented the DeployTask from working when authentication was required.
Modified:
tomcat/trunk/java/org/apache/catalina/ant/AbstractCatalinaTask.java
tomcat/trunk/java/org/apache/catalina/util/IOTools.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/ant/AbstractCatalinaTask.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ant/AbstractCatalinaTask.java?rev=1843991&r1=1843990&r2=1843991&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/ant/AbstractCatalinaTask.java (original)
+++ tomcat/trunk/java/org/apache/catalina/ant/AbstractCatalinaTask.java Tue Oct 16 10:15:48 2018
@@ -26,6 +26,7 @@ import java.net.PasswordAuthentication;
import java.net.URL;
import java.net.URLConnection;
+import org.apache.catalina.util.IOTools;
import org.apache.tools.ant.BuildException;
import org.apache.tools.ant.Project;
@@ -174,6 +175,8 @@ public abstract class AbstractCatalinaTa
URLConnection conn = null;
InputStreamReader reader = null;
try {
+ // Set up authorization with our credentials
+ Authenticator.setDefault(new TaskAuthenticator(username, password));
// Create a connection for this command
conn = (new URL(url + command)).openConnection();
@@ -184,6 +187,8 @@ public abstract class AbstractCatalinaTa
hconn.setDoInput(true);
hconn.setUseCaches(false);
if (istream != null) {
+ preAuthenticate();
+
hconn.setDoOutput(true);
hconn.setRequestMethod("PUT");
if (contentType != null) {
@@ -200,9 +205,6 @@ public abstract class AbstractCatalinaTa
}
hconn.setRequestProperty("User-Agent", "Catalina-Ant-Task/1.0");
- // Set up authorization with our credentials
- Authenticator.setDefault(new TaskAuthenticator(username, password));
-
// Establish the connection with the server
hconn.connect();
@@ -292,6 +294,44 @@ public abstract class AbstractCatalinaTa
}
+ /*
+ * This is a hack.
+ * We need to use streaming to avoid OOME on large uploads.
+ * We'd like to use Authenticator.setDefault() for authentication as the JRE
+ * then provides the DIGEST client implementation.
+ * However, the above two are not compatible. When the request is made, the
+ * resulting 401 triggers an exception because, when using streams, the
+ * InputStream is no longer available to send with the repeated request that
+ * now includes the appropriate Authorization header.
+ * The hack is to make a simple OPTIONS request- i.e. without a request
+ * body.
+ * This triggers authentication and the requirement to authenticate for this
+ * host is cached and used to provide an appropriate Authorization when the
+ * next request is made (that includes a request body).
+ */
+ private void preAuthenticate() throws IOException {
+ URLConnection conn = null;
+
+ // Create a connection for this command
+ conn = (new URL(url)).openConnection();
+ HttpURLConnection hconn = (HttpURLConnection) conn;
+
+ // Set up standard connection characteristics
+ hconn.setAllowUserInteraction(false);
+ hconn.setDoInput(true);
+ hconn.setUseCaches(false);
+ hconn.setDoOutput(false);
+ hconn.setRequestMethod("OPTIONS");
+ hconn.setRequestProperty("User-Agent", "Catalina-Ant-Task/1.0");
+
+ // Establish the connection with the server
+ hconn.connect();
+
+ // Swallow response message
+ IOTools.flow(hconn.getInputStream(), null);
+ }
+
+
private static class TaskAuthenticator extends Authenticator {
private final String user;
Modified: tomcat/trunk/java/org/apache/catalina/util/IOTools.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/util/IOTools.java?rev=1843991&r1=1843990&r2=1843991&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/util/IOTools.java (original)
+++ tomcat/trunk/java/org/apache/catalina/util/IOTools.java Tue Oct 16 10:15:48 2018
@@ -82,7 +82,9 @@ public class IOTools {
byte[] buf = new byte[DEFAULT_BUFFER_SIZE];
int numRead;
while ( (numRead = is.read(buf) ) >= 0) {
- os.write(buf, 0, numRead);
+ if (os != null) {
+ os.write(buf, 0, numRead);
+ }
}
}
}
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1843991&r1=1843990&r2=1843991&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Oct 16 10:15:48 2018
@@ -105,6 +105,12 @@
attribute to the <code>JreMemoryLeakPreventionListener</code> as
application code may still trigger this memory leak. (markt)
</fix>
+ <fix>
+ <bug>62809</bug>: Correct a regression in the implementation of DIGEST
+ authentication support for the Deployer Ant tasks (bug <bug>45832</bug>)
+ that prevented the <code>DeployTask</code> from working when
+ authentication was required. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org