You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2006/11/12 01:18:33 UTC

svn commit: r473837 - in /tomcat/container/tc5.5.x: catalina/src/share/org/apache/catalina/realm/JDBCRealm.java webapps/docs/changelog.xml

Author: markt
Date: Sat Nov 11 16:18:32 2006
New Revision: 473837

URL: http://svn.apache.org/viewvc?view=rev&rev=473837
Log:
Fix bug 40844. DIGEST auth requires a couple of extra syncs to be thread safe.

Modified:
    tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java
    tomcat/container/tc5.5.x/webapps/docs/changelog.xml

Modified: tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java
URL: http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java?view=diff&rev=473837&r1=473836&r2=473837
==============================================================================
--- tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java (original)
+++ tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java Sat Nov 11 16:18:32 2006
@@ -39,7 +39,8 @@
 * for configuration options.
 *
 * <p><strong>TODO</strong> - Support connection pooling (including message
-* format objects) so that <code>authenticate()</code> does not have to be
+* format objects) so that <code>authenticate()</code>,
+* <code>getPassword()</code> and <code>roles()</code>  do not have to be
 * synchronized and would fix the ugly connection logic. </p>
 *
 * @author Craig R. McClanahan
@@ -520,7 +521,7 @@
     /**
      * Return the password associated with the given principal's user name.
      */
-    protected String getPassword(String username) {
+    protected synchronized String getPassword(String username) {
 
         // Look up the user's credentials
         String dbCredentials = null;
@@ -725,7 +726,8 @@
      *
      * @exception SQLException if a database error occurs
      */
-    protected PreparedStatement roles(Connection dbConnection, String username)
+    protected synchronized PreparedStatement roles(Connection dbConnection,
+            String username)
         throws SQLException {
 
         if (preparedRoles == null) {

Modified: tomcat/container/tc5.5.x/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/webapps/docs/changelog.xml?view=diff&rev=473837&r1=473836&r2=473837
==============================================================================
--- tomcat/container/tc5.5.x/webapps/docs/changelog.xml (original)
+++ tomcat/container/tc5.5.x/webapps/docs/changelog.xml Sat Nov 11 16:18:32 2006
@@ -112,6 +112,11 @@
         (markt)
       </fix>
       <fix>
+        <bug>40844</bug>: Add additional syncs to JDBCRealm to resolve NPE when
+        two users try tp authenticate using DIGEST authentication at the same
+        time. (markt)
+      </fix>
+      <fix>
         <bug>40860</bug>: Log exceptions and other problems during parameter
         processing. (markt)
       </fix>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org