You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2016/06/24 09:34:28 UTC
svn commit: r1750057 - in /tomcat/tc8.5.x/trunk: ./
webapps/docs/changelog.xml webapps/docs/config/realm.xml
Author: markt
Date: Fri Jun 24 09:34:28 2016
New Revision: 1750057
URL: http://svn.apache.org/viewvc?rev=1750057&view=rev
Log:
Follow-up to BZ 59399. Document NullRealm and transportGuaranteeRedirectStatus for all Realms.
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
tomcat/tc8.5.x/trunk/webapps/docs/config/realm.xml
Propchange: tomcat/tc8.5.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Jun 24 09:34:28 2016
@@ -1 +1 @@
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747924,1747980,1747
993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015
+/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747924,1747980,1747
993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056
Modified: tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml?rev=1750057&r1=1750056&r2=1750057&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Fri Jun 24 09:34:28 2016
@@ -131,6 +131,12 @@
Manager and HostManager applications now have a
<code>RemoteAddrValve</code> configured by default. (markt)
</fix>
+ <fix>
+ Follow-up to the fix for <bug>59399</bug>. Ensure that the new attribute
+ <code>transportGuaranteeRedirectStatus</code> is documented for all
+ <strong>Realm</strong>s. Also document the <code>NullRealm</code> and
+ when it is automatically created for an <strong>Engine</strong>. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Tribes">
Modified: tomcat/tc8.5.x/trunk/webapps/docs/config/realm.xml
URL: http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/webapps/docs/config/realm.xml?rev=1750057&r1=1750056&r2=1750057&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/webapps/docs/config/realm.xml (original)
+++ tomcat/tc8.5.x/trunk/webapps/docs/config/realm.xml Fri Jun 24 09:34:28 2016
@@ -49,8 +49,9 @@
this one Realm may itself contain multiple nested Realms). In addition, the
Realm associated with an Engine or a Host is automatically inherited by
lower-level containers unless the lower level container explicitly defines its
- own Realm.
- </p>
+ own Realm. If no Realm is configured for the Engine, an instance of the
+ <a href="#Null_Realm_-_org.apache.catalina.realm.NullRealm">Null Realm</a>
+ will be configured for the Engine automatically.</p>
<p>For more in-depth information about container managed security in web
applications, as well as more information on configuring and using the
@@ -161,7 +162,7 @@
<attribute name="transportGuaranteeRedirectStatus" required="false">
<p>The HTTP status code to use when the container needs to issue an HTTP
redirect to meet the requirements of a configured transport
- guarantee. The prpvoded status code is not validated. If not
+ guarantee. The provided status code is not validated. If not
specified, the default value of <code>302</code> is used.</p>
</attribute>
@@ -272,6 +273,13 @@
a rare case when it can be omitted.</p>
</attribute>
+ <attribute name="transportGuaranteeRedirectStatus" required="false">
+ <p>The HTTP status code to use when the container needs to issue an HTTP
+ redirect to meet the requirements of a configured transport
+ guarantee. The provided status code is not validated. If not
+ specified, the default value of <code>302</code> is used.</p>
+ </attribute>
+
<attribute name="stripRealmForGss" required="false">
<p>When processing users authenticated via the GSS-API, this attribute
controls if any "@..." is removed from the end of the user
@@ -592,6 +600,13 @@
limit.</p>
</attribute>
+ <attribute name="transportGuaranteeRedirectStatus" required="false">
+ <p>The HTTP status code to use when the container needs to issue an HTTP
+ redirect to meet the requirements of a configured transport
+ guarantee. The provided status code is not validated. If not
+ specified, the default value of <code>302</code> is used.</p>
+ </attribute>
+
<attribute name="useDelegatedCredential" required="false">
<p>When the JNDIRealm is used with the SPNEGO authenticator, delegated
credentials for the user may be available. If such credentials are
@@ -736,6 +751,13 @@
that this realm will use for user, password and role information.</p>
</attribute>
+ <attribute name="transportGuaranteeRedirectStatus" required="false">
+ <p>The HTTP status code to use when the container needs to issue an HTTP
+ redirect to meet the requirements of a configured transport
+ guarantee. The provided status code is not validated. If not
+ specified, the default value of <code>302</code> is used.</p>
+ </attribute>
+
<attribute name="X509UsernameRetrieverClassName" required="false">
<p>When using X509 client certificates, this specifies the class name
that will be used to retrieve the user name from the certificate.
@@ -797,6 +819,13 @@
name. If not specified, the default is <code>true</code>.</p>
</attribute>
+ <attribute name="transportGuaranteeRedirectStatus" required="false">
+ <p>The HTTP status code to use when the container needs to issue an HTTP
+ redirect to meet the requirements of a configured transport
+ guarantee. The provided status code is not validated. If not
+ specified, the default value of <code>302</code> is used.</p>
+ </attribute>
+
<attribute name="X509UsernameRetrieverClassName" required="false">
<p>When using X509 client certificates, this specifies the class name
that will be used to retrieve the user name from the certificate.
@@ -906,6 +935,13 @@
name. If not specified, the default is <code>true</code>.</p>
</attribute>
+ <attribute name="transportGuaranteeRedirectStatus" required="false">
+ <p>The HTTP status code to use when the container needs to issue an HTTP
+ redirect to meet the requirements of a configured transport
+ guarantee. The provided status code is not validated. If not
+ specified, the default value of <code>302</code> is used.</p>
+ </attribute>
+
<attribute name="useContextClassLoader" required="false">
<p>Instructs JAASRealm to use the context class loader for loading the
user-specified <code>LoginModule</code> class and associated
@@ -971,6 +1007,13 @@
one of those roles.</p>
</attribute>
+ <attribute name="transportGuaranteeRedirectStatus" required="false">
+ <p>The HTTP status code to use when the container needs to issue an HTTP
+ redirect to meet the requirements of a configured transport
+ guarantee. The provided status code is not validated. If not
+ specified, the default value of <code>302</code> is used.</p>
+ </attribute>
+
</attributes>
</subsection>
@@ -1041,6 +1084,13 @@
will also not reset the lock out time.</p>
</attribute>
+ <attribute name="transportGuaranteeRedirectStatus" required="false">
+ <p>The HTTP status code to use when the container needs to issue an HTTP
+ redirect to meet the requirements of a configured transport
+ guarantee. The provided status code is not validated. If not
+ specified, the default value of <code>302</code> is used.</p>
+ </attribute>
+
</attributes>
<p>See the <a href="../realm-howto.html">Container-Managed Security
@@ -1049,6 +1099,30 @@
</subsection>
+ <subsection name="Null Realm - org.apache.catalina.realm.NullRealm">
+
+ <p><strong>NullRealm</strong> is a minimal implementation of the Tomcat
+ <code>Realm</code> interface that always returns null when an attempt is
+ made to validate a user name and associated credentials. It is intended to
+ be used as a default Realm implementation when no other Realm is
+ specified.</p>
+
+ <p>The NullRealm implementation supports the following additional
+ attributes.</p>
+
+ <attributes>
+
+ <attribute name="transportGuaranteeRedirectStatus" required="false">
+ <p>The HTTP status code to use when the container needs to issue an HTTP
+ redirect to meet the requirements of a configured transport
+ guarantee. The provided status code is not validated. If not
+ specified, the default value of <code>302</code> is used.</p>
+ </attribute>
+
+ </attributes>
+
+ </subsection>
+
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org