You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-dev@jakarta.apache.org by un...@apache.org on 2004/09/01 12:34:49 UTC
cvs commit: jakarta-slide/src/webdav/server/org/apache/slide/webdav/util PropertyHelper.java WebdavUtils.java
unico 2004/09/01 03:34:48
Modified: src/webdav/server/org/apache/slide/webdav/util
PropertyHelper.java WebdavUtils.java
Log:
fix bug 30809: store the principal name instead of the principal itself because the principal
is not guaranteed to be serializable
Revision Changes Path
1.81 +6 -8 jakarta-slide/src/webdav/server/org/apache/slide/webdav/util/PropertyHelper.java
Index: PropertyHelper.java
===================================================================
RCS file: /home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/util/PropertyHelper.java,v
retrieving revision 1.80
retrieving revision 1.81
diff -u -r1.80 -r1.81
--- PropertyHelper.java 9 Aug 2004 12:05:28 -0000 1.80
+++ PropertyHelper.java 1 Sep 2004 10:34:48 -0000 1.81
@@ -24,7 +24,6 @@
package org.apache.slide.webdav.util;
import java.io.IOException;
import java.io.StringReader;
-import java.security.Principal;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
@@ -345,11 +344,10 @@
if( sToken != null ) {
CredentialsToken credToken = sToken.getCredentialsToken();
if( credToken != null ) {
- Principal p = credToken.getPrincipal();
- if( p != null )
- result = p.getName();
- else
+ result = credToken.getPublicCredentials();
+ if (result == null || result.equals("") || result.equals("/")) {
result = SubjectNode.UNAUTHENTICATED_URI;
+ }
}
}
}
1.25 +15 -16 jakarta-slide/src/webdav/server/org/apache/slide/webdav/util/WebdavUtils.java
Index: WebdavUtils.java
===================================================================
RCS file: /home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/util/WebdavUtils.java,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- WebdavUtils.java 5 Aug 2004 14:57:18 -0000 1.24
+++ WebdavUtils.java 1 Sep 2004 10:34:48 -0000 1.25
@@ -58,8 +58,8 @@
public class WebdavUtils {
- private static final String PRINCIPAL_ATTRIBUTE =
- "org.apache.slide.webdav.method.principal";
+ private static final String CREDENTIALS_ATTRIBUTE =
+ "org.apache.slide.webdav.method.credentials";
// --------------------------------------------------------- Public Methods
@@ -324,6 +324,7 @@
public static SlideToken getSlideToken
(HttpServletRequest req) {
+ CredentialsToken credentialsToken;
Principal principal = req.getUserPrincipal();
HttpSession session = req.getSession();
@@ -331,19 +332,17 @@
// IE 5 where the authentication info is not submitted by IE when
// doing a HEAD request.
if (principal == null) {
- principal = (Principal) session.getAttribute(PRINCIPAL_ATTRIBUTE);
+ final String credentials = (String) session.getAttribute(CREDENTIALS_ATTRIBUTE);
+ credentialsToken = new CredentialsToken(credentials == null ? "" : credentials);
} else {
- session.setAttribute(PRINCIPAL_ATTRIBUTE, principal);
+ // because the principal is not guaranteed to be serializable
+ // and could thus create problems in a distributed deployment
+ // we store the principal name instead of the principal itself
+ session.setAttribute(CREDENTIALS_ATTRIBUTE, principal.getName());
+ credentialsToken = new CredentialsToken(principal);
}
- CredentialsToken credentials;
- if (principal == null) {
- credentials = new CredentialsToken("");
- } else {
- credentials = new CredentialsToken(principal);
- }
-
- SlideToken token = new SlideTokenImpl(credentials);
+ SlideToken token = new SlideTokenImpl(credentialsToken);
token.setEnforceLockTokens(true);
return token;
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-dev-help@jakarta.apache.org