This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit d1ff7e54cfeb8f124c94fa3cd4c6de81c4b52579
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Fri Apr 14 14:44:05 2023 +0100
Align with 9.0.x
Javadoc improvements
Align formatting
---
java/javax/el/ImportHandler.java | 1 -
java/javax/security/auth/message/ClientAuth.java | 32 +++++++++++++++++++++++
java/javax/security/auth/message/ServerAuth.java | 33 +++++++++++++++++++++++-
java/javax/servlet/http/Cookie.java | 17 ++++++++++++
java/javax/servlet/http/HttpServlet.java | 13 +++++-----
5 files changed, 88 insertions(+), 8 deletions(-)
diff --git a/java/javax/el/ImportHandler.java b/java/javax/el/ImportHandler.java
index eba3bb8363..dfd8ed5018 100644
--- a/java/javax/el/ImportHandler.java
+++ b/java/javax/el/ImportHandler.java
@@ -114,7 +114,6 @@ public class ImportHandler {
servletHttpClassNames.add("HttpSessionEvent");
servletHttpClassNames.add("HttpUtils");
// Enums
- servletHttpClassNames.add("ApplicationMappingMatch");
standardPackages.put("javax.servlet.http", servletHttpClassNames);
// JSP 2.3
diff --git a/java/javax/security/auth/message/ClientAuth.java
b/java/javax/security/auth/message/ClientAuth.java
index a8f9a77ae7..5fc5fe6733 100644
--- a/java/javax/security/auth/message/ClientAuth.java
+++ b/java/javax/security/auth/message/ClientAuth.java
@@ -20,11 +20,43 @@ import javax.security.auth.Subject;
public interface ClientAuth {
+ /**
+ * Secure (authenticate) the request.
+ *
+ * @param messageInfo The associated request and response
+ * @param clientSubject The subject that represents the source of the
request
+ *
+ * @return An AuthStatus instance that represents the result of the
authentication
+ *
+ * @throws AuthException If the a failure occurred in a manner that
prevented the failure from being communicated
+ * via messageInfo
+ */
AuthStatus secureRequest(MessageInfo messageInfo, Subject clientSubject)
throws AuthException;
+ /**
+ * Validate a response.
+ *
+ * @param messageInfo The associated request and response
+ * @param clientSubject The subject that represents the recipient of the
response
+ * @param serviceSubject The subject that represents the source of the
response
+ *
+ * @return An AuthStatus instance that represents the result of the
validation
+ *
+ * @throws AuthException If the a failure occurred in a manner that
prevented the failure from being communicated
+ * via messageInfo
+ */
AuthStatus validateResponse(MessageInfo messageInfo, Subject
clientSubject, Subject serviceSubject)
throws AuthException;
+ /**
+ * Remove principals and/or credentials from the subject that were
previously added by this authentication
+ * mechanism.
+ *
+ * @param messageInfo The associated request and response
+ * @param subject The subject to clean
+ *
+ * @throws AuthException If the a failure occurred
+ */
void cleanSubject(MessageInfo messageInfo, Subject subject) throws
AuthException;
}
diff --git a/java/javax/security/auth/message/ServerAuth.java
b/java/javax/security/auth/message/ServerAuth.java
index 23f5c66ecb..392bc5094b 100644
--- a/java/javax/security/auth/message/ServerAuth.java
+++ b/java/javax/security/auth/message/ServerAuth.java
@@ -20,10 +20,41 @@ import javax.security.auth.Subject;
public interface ServerAuth {
- AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject)
+ /**
+ * Validate the request.
+ *
+ * @param messageInfo The associated request and response
+ * @param clientSubject The subject that represents the source of the
request
+ * @param serviceSubject The subject that represents the recipient of the
request
+ *
+ * @return An AuthStatus instance that represents the result of the
validation
+ *
+ * @throws AuthException If the a failure occurred in a manner that
prevented the failure from being communicated
+ * via messageInfo
+ */ AuthStatus validateRequest(MessageInfo messageInfo, Subject
clientSubject, Subject serviceSubject)
throws AuthException;
+ /**
+ * Secure (authenticate) the response.
+ *
+ * @param messageInfo The associated request and response
+ * @param serviceSubject The subject that represents the source of the
response
+ *
+ * @return An AuthStatus instance that represents the result of the
authentication
+ *
+ * @throws AuthException If the a failure occurred in a manner that
prevented the failure from being communicated
+ * via messageInfo
+ */
AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject)
throws AuthException;
+ /**
+ * Remove principals and/or credentials from the subject that were
previously added by this authentication
+ * mechanism.
+ *
+ * @param messageInfo The associated request and response
+ * @param subject The subject to clean
+ *
+ * @throws AuthException If the a failure occurred
+ */
void cleanSubject(MessageInfo messageInfo, Subject subject) throws
AuthException;
}
diff --git a/java/javax/servlet/http/Cookie.java
b/java/javax/servlet/http/Cookie.java
index 88c66c6020..cb0169a269 100644
--- a/java/javax/servlet/http/Cookie.java
+++ b/java/javax/servlet/http/Cookie.java
@@ -189,6 +189,7 @@ public class Cookie implements Cloneable, Serializable {
comment = purpose;
}
+
/**
* Returns the comment describing the purpose of this cookie, or
<code>null</code> if the cookie has no comment.
*
@@ -200,6 +201,7 @@ public class Cookie implements Cloneable, Serializable {
return comment;
}
+
/**
* Specifies the domain within which this cookie should be presented.
* <p>
@@ -217,6 +219,7 @@ public class Cookie implements Cloneable, Serializable {
domain = pattern.toLowerCase(Locale.ENGLISH); // IE allegedly needs
this
}
+
/**
* Returns the domain name set for this cookie. The form of the domain
name is set by RFC 2109.
*
@@ -228,6 +231,7 @@ public class Cookie implements Cloneable, Serializable {
return domain;
}
+
/**
* Sets the maximum age of the cookie in seconds.
* <p>
@@ -246,6 +250,7 @@ public class Cookie implements Cloneable, Serializable {
maxAge = expiry;
}
+
/**
* Returns the maximum age of the cookie, specified in seconds, By
default, <code>-1</code> indicating the cookie
* will persist until browser shutdown.
@@ -259,6 +264,7 @@ public class Cookie implements Cloneable, Serializable {
return maxAge;
}
+
/**
* Specifies a path for the cookie to which the client should return the
cookie.
* <p>
@@ -276,6 +282,7 @@ public class Cookie implements Cloneable, Serializable {
path = uri;
}
+
/**
* Returns the path on the server to which the browser returns this
cookie. The cookie is visible to all subpaths on
* the server.
@@ -288,6 +295,7 @@ public class Cookie implements Cloneable, Serializable {
return path;
}
+
/**
* Indicates to the browser whether the cookie should only be sent using a
secure protocol, such as HTTPS or SSL.
* <p>
@@ -302,6 +310,7 @@ public class Cookie implements Cloneable, Serializable {
secure = flag;
}
+
/**
* Returns <code>true</code> if the browser is sending cookies only over a
secure protocol, or <code>false</code> if
* the browser can send cookies using any protocol.
@@ -314,6 +323,7 @@ public class Cookie implements Cloneable, Serializable {
return secure;
}
+
/**
* Returns the name of the cookie. The name cannot be changed after
creation.
*
@@ -323,6 +333,7 @@ public class Cookie implements Cloneable, Serializable {
return name;
}
+
/**
* Assigns a new value to a cookie after the cookie is created. If you use
a binary value, you may want to use
* BASE64 encoding.
@@ -340,6 +351,7 @@ public class Cookie implements Cloneable, Serializable {
value = newValue;
}
+
/**
* Returns the value of the cookie.
*
@@ -352,6 +364,7 @@ public class Cookie implements Cloneable, Serializable {
return value;
}
+
/**
* Returns the version of the protocol this cookie complies with. Version
1 complies with RFC 2109, and version 0
* complies with the original cookie specification drafted by Netscape.
Cookies provided by a browser use and
@@ -365,6 +378,7 @@ public class Cookie implements Cloneable, Serializable {
return version;
}
+
/**
* Sets the version of the cookie protocol this cookie complies with.
Version 0 complies with the original Netscape
* cookie specification. Version 1 complies with RFC 2109.
@@ -380,6 +394,7 @@ public class Cookie implements Cloneable, Serializable {
version = v;
}
+
/**
* Overrides the standard <code>java.lang.Object.clone</code> method to
return a copy of this cookie.
*/
@@ -392,6 +407,7 @@ public class Cookie implements Cloneable, Serializable {
}
}
+
/**
* Sets the flag that controls if this cookie will be hidden from scripts
on the client side.
*
@@ -403,6 +419,7 @@ public class Cookie implements Cloneable, Serializable {
this.httpOnly = httpOnly;
}
+
/**
* Gets the flag that controls if this cookie will be hidden from scripts
on the client side.
*
diff --git a/java/javax/servlet/http/HttpServlet.java
b/java/javax/servlet/http/HttpServlet.java
index e2b646def4..8a6c63871d 100644
--- a/java/javax/servlet/http/HttpServlet.java
+++ b/java/javax/servlet/http/HttpServlet.java
@@ -37,6 +37,7 @@ import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.WriteListener;
+
/**
* Provides an abstract class to be subclassed to create an HTTP servlet
suitable for a Web site. A subclass of
* <code>HttpServlet</code> must override at least one method, usually one of
these:
@@ -94,9 +95,9 @@ public abstract class HttpServlet extends GenericServlet {
* Overriding this method to support a GET request also automatically
supports an HTTP HEAD request. A HEAD request
* is a GET request that returns no body in the response, only the request
header fields.
* <p>
- * When overriding this method, read the request data, write the response
headers, get the response's noBodyWriter
- * or output stream object, and finally, write the response data. It's
best to include content type and encoding.
- * When using a <code>PrintWriter</code> object to return the response,
set the content type before accessing the
+ * When overriding this method, read the request data, write the response
headers, get the response's Writer or
+ * output stream object, and finally, write the response data. It's best
to include content type and encoding. When
+ * using a <code>PrintWriter</code> object to return the response, set the
content type before accessing the
* <code>PrintWriter</code> object.
* <p>
* The servlet container must write the headers before committing the
response, because in HTTP the headers must be
@@ -191,9 +192,9 @@ public abstract class HttpServlet extends GenericServlet {
* POST method allows the client to send data of unlimited length to the
Web server a single time and is useful when
* posting information such as credit card numbers.
* <p>
- * When overriding this method, read the request data, write the response
headers, get the response's noBodyWriter
- * or output stream object, and finally, write the response data. It's
best to include content type and encoding.
- * When using a <code>PrintWriter</code> object to return the response,
set the content type before accessing the
+ * When overriding this method, read the request data, write the response
headers, get the response's Writer or
+ * output stream object, and finally, write the response data. It's best
to include content type and encoding. When
+ * using a <code>PrintWriter</code> object to return the response, set the
content type before accessing the
* <code>PrintWriter</code> object.
* <p>
* The servlet container must write the headers before committing the
response, because in HTTP the headers must be
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
