You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2013/06/14 20:43:13 UTC
svn commit: r1493197 -
/tomcat/trunk/java/org/apache/catalina/connector/Request.java
Author: markt
Date: Fri Jun 14 18:43:13 2013
New Revision: 1493197
URL: http://svn.apache.org/r1493197
Log:
Special handling for isUserInRole("**")
Modified:
tomcat/trunk/java/org/apache/catalina/connector/Request.java
Modified: tomcat/trunk/java/org/apache/catalina/connector/Request.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Request.java?rev=1493197&r1=1493196&r2=1493197&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/connector/Request.java (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/Request.java Fri Jun 14 18:43:13 2013
@@ -2302,6 +2302,12 @@ public class Request
return false;
}
+ // If the role is "**" then, unless the application defines a role with
+ // that name, only check if the user is authenticated
+ if ("**".equals(role) && !context.findSecurityRole("**")) {
+ return userPrincipal != null;
+ }
+
Realm realm = context.getRealm();
if (realm == null) {
return false;
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org