You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2011/06/30 17:41:28 UTC
svn commit: r1141578 - in /tomcat/trunk:
java/org/apache/catalina/authenticator/AuthenticatorBase.java
webapps/docs/changelog.xml
Author: markt
Date: Thu Jun 30 15:41:27 2011
New Revision: 1141578
URL: http://svn.apache.org/viewvc?rev=1141578&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51453
Fix a regression in the preemptive authentication support (enhancement <bug>12428</bug>) that could trigger authentication even if preemptive authentication was disabled.
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java?rev=1141578&r1=1141577&r2=1141578&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java Thu Jun 30 15:41:27 2011
@@ -516,13 +516,13 @@ public abstract class AuthenticatorBase
}
}
- if (!authRequired) {
+ if (!authRequired && context.getPreemptiveAuthentication()) {
authRequired =
request.getCoyoteRequest().getMimeHeaders().getValue(
"authorization") != null;
}
- if (!authRequired) {
+ if (!authRequired && context.getPreemptiveAuthentication()) {
X509Certificate[] certs = (X509Certificate[]) request.getAttribute(
Globals.CERTIFICATES_ATTR);
authRequired = certs != null && certs.length > 0;
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1141578&r1=1141577&r2=1141578&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Jun 30 15:41:27 2011
@@ -181,6 +181,11 @@
implement SingleThreadModel. Based on a patch by Felix Schumacher.
(markt)
</fix>
+ <fix>
+ <bug>51453</bug>: Fix a regression in the preemptive authentication
+ support (enhancement <bug>12428</bug>) that could trigger authentication
+ even if preemptive authentication was disabled. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org