You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2012/08/27 23:05:51 UTC
svn commit: r1377863 - in /tomcat/tc7.0.x/trunk: ./
java/org/apache/catalina/authenticator/DigestAuthenticator.java
webapps/docs/changelog.xml
Author: markt
Date: Mon Aug 27 21:05:50 2012
New Revision: 1377863
URL: http://svn.apache.org/viewvc?rev=1377863&view=rev
Log:
Improve concurrency of DIGEST auth
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc7.0.x/trunk/
------------------------------------------------------------------------------
Merged /tomcat/trunk:r1377853
Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java
URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java?rev=1377863&r1=1377862&r2=1377863&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java (original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java Mon Aug 27 21:05:50 2012
@@ -34,6 +34,7 @@ import org.apache.catalina.LifecycleExce
import org.apache.catalina.Realm;
import org.apache.catalina.connector.Request;
import org.apache.catalina.deploy.LoginConfig;
+import org.apache.catalina.util.ConcurrentMessageDigest;
import org.apache.catalina.util.MD5Encoder;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -98,8 +99,10 @@ public class DigestAuthenticator extends
/**
* MD5 message digest provider.
+ * @deprecated Unused - will be removed in Tomcat 8.0.x onwards
*/
- protected static volatile MessageDigest md5Helper;
+ @Deprecated
+ protected static volatile MessageDigest md5Helper;
/**
@@ -382,12 +385,8 @@ public class DigestAuthenticator extends
String ipTimeKey =
request.getRemoteAddr() + ":" + currentTime + ":" + getKey();
- byte[] buffer;
- synchronized (md5Helper) {
- buffer = md5Helper.digest(
- ipTimeKey.getBytes(B2CConverter.ISO_8859_1));
- }
-
+ byte[] buffer = ConcurrentMessageDigest.digestMD5(
+ ipTimeKey.getBytes(B2CConverter.ISO_8859_1));
String nonce = currentTime + ":" + MD5Encoder.encode(buffer);
NonceInfo info = new NonceInfo(currentTime, 100);
@@ -656,11 +655,8 @@ public class DigestAuthenticator extends
}
String serverIpTimeKey =
request.getRemoteAddr() + ":" + nonceTime + ":" + key;
- byte[] buffer = null;
- synchronized (md5Helper) {
- buffer = md5Helper.digest(
- serverIpTimeKey.getBytes(B2CConverter.ISO_8859_1));
- }
+ byte[] buffer = ConcurrentMessageDigest.digestMD5(
+ serverIpTimeKey.getBytes(B2CConverter.ISO_8859_1));
String md5ServerIpTimeKey = MD5Encoder.encode(buffer);
if (!md5ServerIpTimeKey.equals(md5clientIpTimeKey)) {
return false;
@@ -718,10 +714,8 @@ public class DigestAuthenticator extends
// MD5(Method + ":" + uri)
String a2 = method + ":" + uri;
- byte[] buffer;
- synchronized (md5Helper) {
- buffer = md5Helper.digest(a2.getBytes(B2CConverter.ISO_8859_1));
- }
+ byte[] buffer = ConcurrentMessageDigest.digestMD5(
+ a2.getBytes(B2CConverter.ISO_8859_1));
String md5a2 = MD5Encoder.encode(buffer);
return realm.authenticate(userName, response, nonce, nc, cnonce,
Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1377863&r1=1377862&r2=1377863&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Mon Aug 27 21:05:50 2012
@@ -178,6 +178,10 @@
authenticated user in session by default, tracking server rather than
client nonces and better handling of stale nonce values. (markt)
</fix>
+ <fix>
+ Improve performance of DIGEST authenticator for concurrent requests.
+ (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org