ASF Bugzilla – Attachment 17927 Details for
Bug 39021
Support authentication only access
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Translated patch
realm.patch (text/plain), 4.70 KB, created by
Remy Maucherat
on 2006-03-20 23:57:18 UTC
(
hide
)
Description:
Translated patch
Filename:
MIME Type:
Creator:
Remy Maucherat
Created:
2006-03-20 23:57:18 UTC
Size:
4.70 KB
patch
obsolete
>Index: L:/home/eclipse2/workspace/apache-tomcat-5.5/container/catalina/src/share/org/apache/catalina/realm/RealmBase.java >=================================================================== >--- L:/home/eclipse2/workspace/apache-tomcat-5.5/container/catalina/src/share/org/apache/catalina/realm/RealmBase.java (revision 387185) >+++ L:/home/eclipse2/workspace/apache-tomcat-5.5/container/catalina/src/share/org/apache/catalina/realm/RealmBase.java (working copy) >@@ -152,6 +152,12 @@ > */ > protected boolean validate = true; > >+ >+ /** >+ * The all role mode. >+ */ >+ protected AllRolesMode allRolesMode = AllRolesMode.STRICT_MODE; >+ > > // ------------------------------------------------------------- Properties > >@@ -180,6 +186,25 @@ > } > > /** >+ * Return the all roles mode. >+ */ >+ public String getAllRolesMode() { >+ >+ return allRolesMode.toString(); >+ >+ } >+ >+ >+ /** >+ * Set the all roles mode. >+ */ >+ public void setAllRolesMode(String allRolesMode) { >+ >+ this.allRolesMode = AllRolesMode.toMode(allRolesMode); >+ >+ } >+ >+ /** > * Return the digest algorithm used for storing credentials. > */ > public String getDigest() { >@@ -767,6 +792,38 @@ > } > } > } >+ >+ if (allRolesMode != AllRolesMode.STRICT_MODE && !status && principal != null) { >+ if (log.isDebugEnabled()) { >+ log.debug("Checking for all roles mode: " + allRolesMode); >+ } >+ // Check for an all roles(role-name="*") >+ for (int i = 0; i < constraints.length; i++) { >+ SecurityConstraint constraint = constraints[i]; >+ String roles[]; >+ // If the all roles mode exists, sets >+ if (constraint.getAllRoles()) { >+ if (allRolesMode == AllRolesMode.AUTH_ONLY_MODE) { >+ if (log.isDebugEnabled()) { >+ log.debug("Granting access for role-name=*, auth-only"); >+ } >+ status = true; >+ break; >+ } >+ >+ // For AllRolesMode.STRICT_AUTH_ONLY_MODE there must be zero roles >+ roles = request.getContext().findSecurityRoles(); >+ if (roles.length == 0 && allRolesMode == AllRolesMode.STRICT_AUTH_ONLY_MODE) { >+ if (log.isDebugEnabled()) { >+ log.debug("Granting access for role-name=*, strict auth-only"); >+ } >+ status = true; >+ break; >+ } >+ } >+ } >+ } >+ > // Return a "Forbidden" message denying access to this resource > if(!status) { > response.sendError >@@ -1312,4 +1369,58 @@ > > } > >+ >+ protected static class AllRolesMode { >+ >+ private String name; >+ /** Use the strict servlet spec interpretation which requires that the user >+ * have one of the web-app/security-role/role-name >+ */ >+ public static final AllRolesMode STRICT_MODE = new AllRolesMode("strict"); >+ /** Allow any authenticated user >+ */ >+ public static final AllRolesMode AUTH_ONLY_MODE = new AllRolesMode("authOnly"); >+ /** Allow any authenticated user only if there are no web-app/security-roles >+ */ >+ public static final AllRolesMode STRICT_AUTH_ONLY_MODE = new AllRolesMode("strictAuthOnly"); >+ >+ static AllRolesMode toMode(String name) >+ { >+ AllRolesMode mode; >+ if( name.equalsIgnoreCase(STRICT_MODE.name) ) >+ mode = STRICT_MODE; >+ else if( name.equalsIgnoreCase(AUTH_ONLY_MODE.name) ) >+ mode = AUTH_ONLY_MODE; >+ else if( name.equalsIgnoreCase(STRICT_AUTH_ONLY_MODE.name) ) >+ mode = STRICT_AUTH_ONLY_MODE; >+ else >+ throw new IllegalStateException("Unknown mode, must be one of: strict, authOnly, strictAuthOnly"); >+ return mode; >+ } >+ >+ private AllRolesMode(String name) >+ { >+ this.name = name; >+ } >+ >+ public boolean equals(Object o) >+ { >+ boolean equals = false; >+ if( o instanceof AllRolesMode ) >+ { >+ AllRolesMode mode = (AllRolesMode) o; >+ equals = name.equals(mode.name); >+ } >+ return equals; >+ } >+ public int hashCode() >+ { >+ return name.hashCode(); >+ } >+ public String toString() >+ { >+ return name; >+ } >+ } >+ > }
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 39021
:
17916
|
17917
| 17927