You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2019/12/16 10:40:59 UTC
[tomcat] branch 7.0.x updated: Avoid possibly useless environment
restore in JNDI realm
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push:
new cdb7961 Avoid possibly useless environment restore in JNDI realm
cdb7961 is described below
commit cdb7961b631f407e1631278695d74929d4ed8b9a
Author: remm <re...@apache.org>
AuthorDate: Mon Dec 16 11:35:54 2019 +0100
Avoid possibly useless environment restore in JNDI realm
---
java/org/apache/catalina/realm/JNDIRealm.java | 17 +++++++++--------
webapps/docs/changelog.xml | 8 ++++++++
2 files changed, 17 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/catalina/realm/JNDIRealm.java b/java/org/apache/catalina/realm/JNDIRealm.java
index e5104b6..aadbc0c 100644
--- a/java/org/apache/catalina/realm/JNDIRealm.java
+++ b/java/org/apache/catalina/realm/JNDIRealm.java
@@ -1590,7 +1590,6 @@ public class JNDIRealm extends RealmBase {
containerLog.debug("Found user by search [" + user + "]");
}
}
-
if (userPassword == null && credentials != null && user != null) {
// The password is available. Insert it since it may be required for
// role searches.
@@ -2291,7 +2290,7 @@ public class JNDIRealm extends RealmBase {
try {
User user = getUser(open(), username, null);
- if (user == null) {
+ if (user == null) {
// User should be found...
return null;
} else {
@@ -2425,12 +2424,14 @@ public class JNDIRealm extends RealmBase {
roles = getRoles(context, user);
}
} finally {
- restoreEnvironmentParameter(context,
- Context.SECURITY_AUTHENTICATION, preservedEnvironment);
- restoreEnvironmentParameter(context,
- "javax.security.sasl.server.authentication", preservedEnvironment);
- restoreEnvironmentParameter(context, "javax.security.sasl.qop",
- preservedEnvironment);
+ if (gssCredential != null && isUseDelegatedCredential()) {
+ restoreEnvironmentParameter(context,
+ Context.SECURITY_AUTHENTICATION, preservedEnvironment);
+ restoreEnvironmentParameter(context,
+ "javax.security.sasl.server.authentication", preservedEnvironment);
+ restoreEnvironmentParameter(context, "javax.security.sasl.qop",
+ preservedEnvironment);
+ }
}
if (user != null) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 477737c..9d241f3 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -60,6 +60,14 @@
issues do not "pop up" wrt. others).
-->
<section name="Tomcat 7.0.100 (violetagg)">
+ <subsection name="Catalina">
+ <changelog>
+ <fix>
+ Avoid useless environment restore when not using GSSCredential
+ in JNDIRealm. (remm)
+ </fix>
+ </changelog>
+ </subsection>
</section>
<section name="Tomcat 7.0.99 (violetagg)">
<subsection name="Catalina">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org