Re: svn commit: r1708505 - in /tomcat/trunk/java/org/apache/catalina: Realm.java realm/RealmBase.java

Tue, 13 Oct 2015 13:22:36 -0700 

Am 13.10.2015 um 22:17 schrieb fschumac...@apache.org:

Author: fschumacher
Date: Tue Oct 13 20:17:50 2015
New Revision: 1708505

URL: http://svn.apache.org/viewvc?rev=1708505&view=rev
Log:
javadoc: Add missing parameter and describe the
parameters for the newer RFC 2617, which is used for digest authentication
and replaces RFC 2069.

Modified:
     tomcat/trunk/java/org/apache/catalina/Realm.java
     tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java

...

Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1708505&r1=1708504&r2=1708505&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Tue Oct 13 
20:17:50 2015
@@ -329,19 +329,23 @@ public abstract class RealmBase extends
          return getPrincipal(username);
      }
- 
      /**
-     * Return the Principal associated with the specified username, which
+     * Try to authenticate with the specified username, which
       * matches the digest calculated using the given parameters using the
-     * method described in RFC 2069; otherwise return <code>null</code>.
+     * method described in RFC 2617 (which is a superset of RFC 2069).
       *
       * @param username Username of the Principal to look up
-     * @param clientDigest Digest which has been submitted by the client
+     * @param digest Digest which has been submitted by the client
       * @param nonce Unique (or supposedly unique) token which has been used
       * for this request
+     * @param nc the nonce counter
+     * @param cnonce the client chosen nonce
+     * @param qop the "quality of protection" (<code>nc</code> and 
<code>cnonce</code>
+     *        will only be used, if <code>qop</code> is not <code>null</code>).
       * @param realm Realm name
       * @param md5a2 Second MD5 digest used to calculate the digest :
       * MD5(Method + ":" + uri)
+     * @return the associated principal, or <code>null</code> if there is none.
       */
      @Override
      public Principal authenticate(String username, String clientDigest,
The javadoc on the methods in RealmBase that override the Realm methods is just duplication.
Should we really keep them? They would have to be corrected to the same extend as the ones in Realm and javadoc is intelligent enough to show the javadoc of the overriden method. 

Regards,
 Felix

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to