You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by ma...@apache.org on 2011/06/30 17:41:28 UTC

svn commit: r1141578 - in /tomcat/trunk: java/org/apache/catalina/authenticator/AuthenticatorBase.java webapps/docs/changelog.xml

Author: markt
Date: Thu Jun 30 15:41:27 2011
New Revision: 1141578

URL: http://svn.apache.org/viewvc?rev=1141578&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51453
Fix a regression in the preemptive authentication support (enhancement <bug>12428</bug>) that could trigger authentication even if preemptive authentication was disabled.

Modified:
    tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java?rev=1141578&r1=1141577&r2=1141578&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java Thu Jun 30 15:41:27 2011
@@ -516,13 +516,13 @@ public abstract class AuthenticatorBase 
             }
         }
 
-        if (!authRequired) {
+        if (!authRequired && context.getPreemptiveAuthentication()) {
             authRequired =
                 request.getCoyoteRequest().getMimeHeaders().getValue(
                         "authorization") != null;
         }
 
-        if (!authRequired) {
+        if (!authRequired && context.getPreemptiveAuthentication()) {
             X509Certificate[] certs = (X509Certificate[]) request.getAttribute(
                     Globals.CERTIFICATES_ATTR);
             authRequired = certs != null && certs.length > 0;

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1141578&r1=1141577&r2=1141578&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Jun 30 15:41:27 2011
@@ -181,6 +181,11 @@
         implement SingleThreadModel. Based on a patch by Felix Schumacher.
         (markt)
       </fix>
+      <fix>
+        <bug>51453</bug>: Fix a regression in the preemptive authentication
+        support (enhancement <bug>12428</bug>) that could trigger authentication
+        even if preemptive authentication was disabled. (markt) 
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org