Author: markt
Date: Wed Jun 15 10:56:22 2016
New Revision: 1748547
URL: http://svn.apache.org/viewvc?rev=1748547&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59399
Add a new option to the Realm implementations that ship with Tomcat that allows
the HTTP status code used for HTTP -> HTTPS redirects to be controlled per
Realm.
Modified:
tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
tomcat/trunk/webapps/docs/changelog.xml
tomcat/trunk/webapps/docs/config/realm.xml
Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1748547&r1=1748546&r2=1748547&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Wed Jun 15
10:56:22 2016
@@ -145,8 +145,34 @@ public abstract class RealmBase extends
protected boolean stripRealmForGss = true;
+ private int transportGuaranteeRedirectStatus =
HttpServletResponse.SC_FOUND;
+
+
// ------------------------------------------------------------- Properties
+
+ /**
+ * @return The HTTP status code used when the container needs to issue an
+ * HTTP redirect to meet the requirements of a configured transport
+ * guarantee.
+ */
+ public int getTransportGuaranteeRedirectStatus() {
+ return transportGuaranteeRedirectStatus;
+ }
+
+
+ /**
+ * Set the HTTP status code used when the container needs to issue an HTTP
+ * redirect to meet the requirements of a configured transport guarantee.
+ *
+ * @param transportGuaranteeRedirectStatus The status to use. This value is
+ * not validated
+ */
+ public void setTransportGuaranteeRedirectStatus(int
transportGuaranteeRedirectStatus) {
+ this.transportGuaranteeRedirectStatus =
transportGuaranteeRedirectStatus;
+ }
+
+
@Override
public CredentialHandler getCredentialHandler() {
return credentialHandler;
@@ -991,7 +1017,7 @@ public abstract class RealmBase extends
}
if (log.isDebugEnabled())
log.debug(" Redirecting to " + file.toString());
- response.sendRedirect(file.toString());
+ response.sendRedirect(file.toString(),
transportGuaranteeRedirectStatus);
return false;
}
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1748547&r1=1748546&r2=1748547&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Jun 15 10:56:22 2016
@@ -52,6 +52,11 @@
entire <code>org.apache.juli</code> package from the embedded JARs
rendering them unusable. (markt)
</fix>
+ <add>
+ <bug>59399</bug>: Add a new option to the Realm implementations that
+ ship with Tomcat that allows the HTTP status code used for HTTP ->
HTTPS
+ redirects to be controlled per Realm. (markt)
+ </add>
</changelog>
</subsection>
<subsection name="Coyote">
Modified: tomcat/trunk/webapps/docs/config/realm.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/realm.xml?rev=1748547&r1=1748546&r2=1748547&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/realm.xml (original)
+++ tomcat/trunk/webapps/docs/config/realm.xml Wed Jun 15 10:56:22 2016
@@ -158,6 +158,13 @@
name. If not specified, the default is <code>true</code>.</p>
</attribute>
+ <attribute name="transportGuaranteeRedirectStatus" required="false">
+ <p>The HTTP status code to use when the container needs to issue an
HTTP
+ redirect to meet the requirements of a configured transport
+ guarantee. The prpvoded status code is not validated. If not
+ specified, the default value of <code>302</code> is used.</p>
+ </attribute>
+
<attribute name="userCredCol" required="true">
<p>Name of the column, in the "users" table, which contains
the user's credentials (i.e. password). If a
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
