Attachment #34463 for bug #60380

View | Details | Raw Unified | Return to bug 60380
Collapse All | Expand All




import org.apache.catalina.Manager;
import org.apache.catalina.Realm;
import org.apache.catalina.Session;
import org.apache.catalina.TomcatPrincipal;
import org.apache.catalina.Valve;
import org.apache.catalina.Wrapper;
import org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl;

            }
        }

        Principal p = request.getPrincipal();
        if (p instanceof TomcatPrincipal) {
            try {
                ((TomcatPrincipal) p).logout();
            } catch (Exception e) {
                log.debug(sm.getString("authenticator.tomcatPrincipalLogoutFail"), e);
            }
        }

        register(request, request.getResponse(), null, null, null, null);
    }


Lines 30-35 Link Here

(-)java/org/apache/catalina/authenticator/LocalStrings.properties (+1 lines)
30	authenticator.requestBodyTooBig=The request body was too large to be cached during the authentication process	30	authenticator.requestBodyTooBig=The request body was too large to be cached during the authentication process
31	authenticator.sessionExpired=The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser	31	authenticator.sessionExpired=The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser
32	authenticator.unauthorized=Cannot authenticate with the provided credentials	32	authenticator.unauthorized=Cannot authenticate with the provided credentials
		33	authenticator.tomcatPrincipalLogoutFail=Logout with TomcatPrincipal instance has failed
33		34
34	digestAuthenticator.cacheRemove=A valid entry has been removed from client nonce cache to make room for new entries. A replay attack is now possible. To prevent the possibility of replay attacks, reduce nonceValidity or increase cnonceCacheSize. Further warnings of this type will be suppressed for 5 minutes.	35	digestAuthenticator.cacheRemove=A valid entry has been removed from client nonce cache to make room for new entries. A replay attack is now possible. To prevent the possibility of replay attacks, reduce nonceValidity or increase cnonceCacheSize. Further warnings of this type will be suppressed for 5 minutes.
35		36

Return to bug 60380

Lines 48-53 Link Here

(-)java/org/apache/catalina/authenticator/AuthenticatorBase.java (+10 lines)
48	import org.apache.catalina.Manager;	48	import org.apache.catalina.Manager;
49	import org.apache.catalina.Realm;	49	import org.apache.catalina.Realm;
50	import org.apache.catalina.Session;	50	import org.apache.catalina.Session;
		51	import org.apache.catalina.TomcatPrincipal;
51	import org.apache.catalina.Valve;	52	import org.apache.catalina.Valve;
52	import org.apache.catalina.Wrapper;	53	import org.apache.catalina.Wrapper;
53	import org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl;	54	import org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl;
Lines 1107-1112 Link Here
1107	}	1108	}
1108	}	1109	}
1109		1110
		1111	Principal p = request.getPrincipal();
		1112	if (p instanceof TomcatPrincipal) {
		1113	try {
		1114	((TomcatPrincipal) p).logout();
		1115	} catch (Exception e) {
		1116	log.debug(sm.getString("authenticator.tomcatPrincipalLogoutFail"), e);
		1117	}
		1118	}
		1119
1110	register(request, request.getResponse(), null, null, null, null);	1120	register(request, request.getResponse(), null, null, null, null);
1111	}	1121	}
1112		1122