This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 67743cd Improve robustness
67743cd is described below
commit 67743cd39755886f5294f0ccd128b29fff956f0e
Author: remm <r...@apache.org>
AuthorDate: Fri Oct 29 10:38:13 2021 +0200
Improve robustness
Make sure the connection is always unlocked.
---
java/org/apache/catalina/realm/JNDIRealm.java | 17 +++++++++++------
webapps/docs/changelog.xml | 5 +++++
2 files changed, 16 insertions(+), 6 deletions(-)
diff --git a/java/org/apache/catalina/realm/JNDIRealm.java
b/java/org/apache/catalina/realm/JNDIRealm.java
index 4f6cd07..a9dac4a 100644
--- a/java/org/apache/catalina/realm/JNDIRealm.java
+++ b/java/org/apache/catalina/realm/JNDIRealm.java
@@ -1279,7 +1279,7 @@ public class JNDIRealm extends RealmBase {
// Return the authenticated Principal (if any)
return principal;
- } catch (NamingException e) {
+ } catch (Exception e) {
// Log the problem for posterity
containerLog.error(sm.getString("jndiRealm.exception"), e);
@@ -2387,9 +2387,12 @@ public class JNDIRealm extends RealmBase {
// ... and have a password
return user.getPassword();
}
- } catch (NamingException e) {
+ } catch (Exception e) {
// Log the problem for posterity
containerLog.error(sm.getString("jndiRealm.exception"), e);
+ // close the connection so we know it will be reopened.
+ close(connection);
+ closePooledConnections();
return null;
}
}
@@ -2459,7 +2462,7 @@ public class JNDIRealm extends RealmBase {
// Return the authenticated Principal (if any)
return principal;
- } catch (NamingException e) {
+ } catch (Exception e) {
// Log the problem for posterity
containerLog.error(sm.getString("jndiRealm.exception"), e);
@@ -2569,9 +2572,11 @@ public class JNDIRealm extends RealmBase {
*/
protected void release(JNDIConnection connection) {
if (connectionPool != null) {
- if (!connectionPool.push(connection)) {
- // Any connection that doesn't end back to the pool must be
closed
- close(connection);
+ if (connection != null) {
+ if (!connectionPool.push(connection)) {
+ // Any connection that doesn't end back to the pool must
be closed
+ close(connection);
+ }
}
} else {
singleConnectionLock.unlock();
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index ab48789..896f490 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -138,6 +138,11 @@
causes 'suspicious' (see the Servlet 6.0 specification) URIs to be
rejected with a 400 response. (markt)
</add>
+ <fix>
+ Improve robustness of JNDIRealm for exceptions occurring when getting
+ the connection. Also add missing close when running into issues
+ getting the passord of a user. (remm)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
