You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by ri...@apache.org on 2007/05/15 19:51:14 UTC
svn commit: r538265 -
/geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
Author: rickmcguire
Date: Tue May 15 10:51:13 2007
New Revision: 538265
URL: http://svn.apache.org/viewvc?view=rev&rev=538265
Log:
Fix exception when authenticator fails because of missing certs.
Modified:
geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
Modified: geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java?view=diff&rev=538265&r1=538264&r2=538265
==============================================================================
--- geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java (original)
+++ geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java Tue May 15 10:51:13 2007
@@ -259,11 +259,16 @@
// j_security_check.
// if we are logged in, return the logged in principal.
if (request != null) {
- // null response appears to prevent redirect to login page
- Principal user = authenticator.authenticate(realm, pathInContext,
- request, null);
- if (user != null) {
- return user;
+ try {
+ // null response appears to prevent redirect to login page
+ Principal user = authenticator.authenticate(realm, pathInContext,
+ request, null);
+ if (user != null) {
+ return user;
+ }
+ } catch (Exception e) {
+ // the Jetty authenticator tries to write something to the response if
+ // there is a failure. Ignore any errors and continue as if this failed.
}
}
Re: svn commit: r538265 - /geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
Posted by Rick McGuire <ri...@gmail.com>.
This was the ClientCertAuthenticator that was causing the problem. I'm
ok with this getting fixed in Jetty (I'd prefer it be done that way,
actually). I figured that given the timing of things, this was an
easier fix to get in place.
Rick
David Jencks wrote:
> I think we need to fix this by having jetty check for a response
> before trying to use it. Which authenticator is this using? I filed
> a bug http://jira.codehaus.org/browse/JETTY-340 for this situation in
> the FormAuthenticator.
>
> I'm going to be removing this change as part of GERONIMO-3154. I'm
> happy to take this up with Greg W if necessary, but I don't think this
> is an appropriate fix.
>
> thanks
> david jencks
>
> On May 15, 2007, at 10:51 AM, rickmcguire@apache.org wrote:
>
>> Author: rickmcguire
>> Date: Tue May 15 10:51:13 2007
>> New Revision: 538265
>>
>> URL: http://svn.apache.org/viewvc?view=rev&rev=538265
>> Log:
>> Fix exception when authenticator fails because of missing certs.
>>
>>
>> Modified:
>>
>> geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
>>
>>
>> Modified:
>> geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
>>
>> URL:
>> http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java?view=diff&rev=538265&r1=538264&r2=538265
>>
>> ==============================================================================
>>
>> ---
>> geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
>> (original)
>> +++
>> geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
>> Tue May 15 10:51:13 2007
>> @@ -259,11 +259,16 @@
>> // j_security_check.
>> // if we are logged in, return the logged in principal.
>> if (request != null) {
>> - // null response appears to prevent redirect to login page
>> - Principal user = authenticator.authenticate(realm,
>> pathInContext,
>> - request, null);
>> - if (user != null) {
>> - return user;
>> + try {
>> + // null response appears to prevent redirect to
>> login page
>> + Principal user = authenticator.authenticate(realm,
>> pathInContext,
>> + request, null);
>> + if (user != null) {
>> + return user;
>> + }
>> + } catch (Exception e) {
>> + // the Jetty authenticator tries to write something to
>> the response if
>> + // there is a failure. Ignore any errors and continue
>> as if this failed.
>> }
>> }
>>
>>
>>
>
>
Re: svn commit: r538265 - /geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
Posted by David Jencks <da...@yahoo.com>.
I think we need to fix this by having jetty check for a response
before trying to use it. Which authenticator is this using? I filed
a bug http://jira.codehaus.org/browse/JETTY-340 for this situation in
the FormAuthenticator.
I'm going to be removing this change as part of GERONIMO-3154. I'm
happy to take this up with Greg W if necessary, but I don't think
this is an appropriate fix.
thanks
david jencks
On May 15, 2007, at 10:51 AM, rickmcguire@apache.org wrote:
> Author: rickmcguire
> Date: Tue May 15 10:51:13 2007
> New Revision: 538265
>
> URL: http://svn.apache.org/viewvc?view=rev&rev=538265
> Log:
> Fix exception when authenticator fails because of missing certs.
>
>
> Modified:
> geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/
> apache/geronimo/jetty6/handler/JettySecurityHandler.java
>
> Modified: geronimo/server/trunk/modules/geronimo-jetty6/src/main/
> java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
> URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/
> geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/
> JettySecurityHandler.java?view=diff&rev=538265&r1=538264&r2=538265
> ======================================================================
> ========
> --- geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/
> apache/geronimo/jetty6/handler/JettySecurityHandler.java (original)
> +++ geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/
> apache/geronimo/jetty6/handler/JettySecurityHandler.java Tue May 15
> 10:51:13 2007
> @@ -259,11 +259,16 @@
> // j_security_check.
> // if we are logged in, return the logged in principal.
> if (request != null) {
> - // null response appears to prevent redirect to login
> page
> - Principal user = authenticator.authenticate(realm,
> pathInContext,
> - request, null);
> - if (user != null) {
> - return user;
> + try {
> + // null response appears to prevent redirect to
> login page
> + Principal user = authenticator.authenticate(realm,
> pathInContext,
> + request, null);
> + if (user != null) {
> + return user;
> + }
> + } catch (Exception e) {
> + // the Jetty authenticator tries to write something to
> the response if
> + // there is a failure. Ignore any errors and continue
> as if this failed.
> }
> }
>
>
>