You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2002/08/20 23:25:11 UTC
DO NOT REPLY [Bug 11875] New: -
AuthenticatorBase accessControl call makes unnecessary allocations
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11875>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11875
AuthenticatorBase accessControl call makes unnecessary allocations
Summary: AuthenticatorBase accessControl call makes unnecessary
allocations
Product: Tomcat 4
Version: 4.0.4 Final
Platform: All
OS/Version: Other
Status: UNCONFIRMED
Severity: Minor
Priority: Other
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: per@onclave.com
CC: per@onclave.com
In the function accessControl(), in the block that checks each role to see if
it's included in the constraint, there no need to get the realm, call
findAuthRoles() or allocate a new String[] for 'roles' _if_
constraint.getAllRoles() is true.
If users declare '*' as the security constraint or declares no security
constraint (e.g. no access), these calls are made on every request.
Fixes:
- move test of getAllRoles() above the other calls.
- move call to getRealm() to just above the 'for' loop where it's used.
Per
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>