This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/11.0.x by this push:
new ac3208e4b1 Ensure user credentials are removed when no longer required
ac3208e4b1 is described below
commit ac3208e4b195e55e9a5086f908d8d15abcea6e94
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Feb 19 16:38:24 2025 +0000
Ensure user credentials are removed when no longer required
---
java/org/apache/catalina/realm/JNDIRealm.java | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/java/org/apache/catalina/realm/JNDIRealm.java
b/java/org/apache/catalina/realm/JNDIRealm.java
index a41d74f613..8bb9868a4d 100644
--- a/java/org/apache/catalina/realm/JNDIRealm.java
+++ b/java/org/apache/catalina/realm/JNDIRealm.java
@@ -1839,11 +1839,11 @@ public class JNDIRealm extends RealmBase {
containerLog.trace(" validating credentials by binding as the
user");
}
- userCredentialsAdd(context, dn, credentials);
-
- // Elicit an LDAP bind operation
boolean validated = false;
+
+ // Elicit an LDAP bind operation using the provided user credentials
try {
+ userCredentialsAdd(context, dn, credentials);
if (containerLog.isTraceEnabled()) {
containerLog.trace(" binding as " + dn);
}
@@ -1853,10 +1853,10 @@ public class JNDIRealm extends RealmBase {
if (containerLog.isTraceEnabled()) {
containerLog.trace(" bind attempt failed");
}
+ } finally {
+ userCredentialsRemove(context);
}
- userCredentialsRemove(context);
-
return validated;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
