This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 66372303a7 Ensure user credentials are removed when no longer required
66372303a7 is described below
commit 66372303a772edb15eebab8ab766cc3d059af032
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Feb 19 16:38:24 2025 +0000
Ensure user credentials are removed when no longer required
---
java/org/apache/catalina/realm/JNDIRealm.java | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/java/org/apache/catalina/realm/JNDIRealm.java
b/java/org/apache/catalina/realm/JNDIRealm.java
index a41d74f613..8bb9868a4d 100644
--- a/java/org/apache/catalina/realm/JNDIRealm.java
+++ b/java/org/apache/catalina/realm/JNDIRealm.java
@@ -1839,11 +1839,11 @@ public class JNDIRealm extends RealmBase {
containerLog.trace(" validating credentials by binding as the
user");
}
- userCredentialsAdd(context, dn, credentials);
-
- // Elicit an LDAP bind operation
boolean validated = false;
+
+ // Elicit an LDAP bind operation using the provided user credentials
try {
+ userCredentialsAdd(context, dn, credentials);
if (containerLog.isTraceEnabled()) {
containerLog.trace(" binding as " + dn);
}
@@ -1853,10 +1853,10 @@ public class JNDIRealm extends RealmBase {
if (containerLog.isTraceEnabled()) {
containerLog.trace(" bind attempt failed");
}
+ } finally {
+ userCredentialsRemove(context);
}
- userCredentialsRemove(context);
-
return validated;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
