svn commit: r721931 - in /tomcat/tc6.0.x/trunk: ./ STATUS.txt java/org/apache/catalina/core/ApplicationFilterChain.java java/org/apache/catalina/security/SecurityUtil.java webapps/docs/changelog.xml

Sun, 30 Nov 2008 15:25:35 -0800 

Author: markt
Date: Sun Nov 30 15:24:38 2008
New Revision: 721931

URL: http://svn.apache.org/viewvc?rev=721931&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=46011
Make Principal accessible (if set) via 
Subject.getSubject(AccessController.getContext()) when processing filters.
Based on a patch provided by tsveg1

Modified:
    tomcat/tc6.0.x/trunk/   (props changed)
    tomcat/tc6.0.x/trunk/STATUS.txt
    
tomcat/tc6.0.x/trunk/java/org/apache/catalina/core/ApplicationFilterChain.java
    tomcat/tc6.0.x/trunk/java/org/apache/catalina/security/SecurityUtil.java
    tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc6.0.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sun Nov 30 15:24:38 2008
@@ -1 +1 @@
-/tomcat/trunk:601180,606992,673796,673820,683982,684001,684081,684234,684269-684270,687503,687645,690781,691392,691805,692748,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,709294,709816,710063,710125,710205,711126
+/tomcat/trunk:601180,606992,673796,673820,683982,684001,684081,684234,684269-684270,687503,687645,690781,691392,691805,692748,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,709294,709816,710063,710125,710205,711126,711600

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=721931&r1=721930&r2=721931&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Sun Nov 30 15:24:38 2008
@@ -158,13 +158,6 @@
          Just did that for trunk (r711934; but it contains also other changes).
          Caution: at the moment there's no @VERSION@ substitution for 
service.bat.
 
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=46011
-  Make Principal accessible (if set) via
-  Subject.getSubject(AccessController.getContext()) when processing filters.
-  Based on a patch provided by tsveg1
-  +1: markt, pero, remm
-  -1: 
-
 * Fix http://svn.apache.org/viewvc?rev=712274&view=rev
   ReplicationValve can throw NPE as context doesn't exists! (Config as Engine 
level)
   +1: pero, fhanik, markt

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/core/ApplicationFilterChain.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/core/ApplicationFilterChain.java?rev=721931&r1=721930&r2=721931&view=diff
==============================================================================
--- 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/core/ApplicationFilterChain.java 
(original)
+++ 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/core/ApplicationFilterChain.java 
Sun Nov 30 15:24:38 2008
@@ -228,7 +228,7 @@
 
                     Object[] args = new Object[]{req, res, this};
                     SecurityUtil.doAsPrivilege
-                        ("doFilter", filter, classType, args);
+                        ("doFilter", filter, classType, args, principal);
                     
                     args = null;
                 } else {  

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/security/SecurityUtil.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/security/SecurityUtil.java?rev=721931&r1=721930&r2=721931&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/security/SecurityUtil.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/security/SecurityUtil.java 
Sun Nov 30 15:24:38 2008
@@ -180,7 +180,7 @@
  
     
     /**
-     * Perform work as a particular </code>Subject</code>. Here the work
+     * Perform work as a particular <code>Subject</code>. Here the work
      * will be granted to a <code>null</code> subject. 
      *
      * @param methodName the method to apply the security restriction
@@ -196,6 +196,31 @@
                                      final Class[] targetType,
                                      final Object[] targetArguments) 
         throws java.lang.Exception{
+
+        doAsPrivilege(
+                methodName, targetObject, targetType, targetArguments, null);
+    }
+    
+    /**
+     * Perform work as a particular <code>Subject</code>. Here the work
+     * will be granted to a <code>null</code> subject. 
+     *
+     * @param methodName the method to apply the security restriction
+     * @param targetObject the <code>Filter</code> on which the method will 
+     * be called.
+     * @param targetType <code>Class</code> array used to instanciate a
+     * <code>Method</code> object.
+     * @param targetArguments <code>Object</code> array contains the 
+     * runtime parameters instance.
+     * @param principal the <code>Principal</code> to which the security 
+     * privilege apply
+     */    
+    public static void doAsPrivilege(final String methodName, 
+                                     final Filter targetObject, 
+                                     final Class[] targetType,
+                                     final Object[] targetArguments,
+                                     Principal principal) 
+        throws java.lang.Exception{
         Method method = null;
 
         Method[] methodsCache = null;
@@ -215,7 +240,7 @@
                                             targetType);                     
         }
 
-        execute(method, targetObject, targetArguments, null);
+        execute(method, targetObject, targetArguments, principal);
     }
     
     

Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=721931&r1=721930&r2=721931&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Sun Nov 30 15:24:38 2008
@@ -169,6 +169,11 @@
         (markt)
       </add>
       <fix>
+        <bug>46011</bug>: Make Principal accessible (if set) via
+        <code>Subject.getSubject(AccessController.getContext())</code> when
+        processing filters. Based on a patch by tsveg1. (markt)
+      </fix>
+      <fix>
         <bug>46075</bug>: When uploading files, don't create buffers at the
         maximum configured size. Use the default size and let the buffers grow
         to the maximum size if necessary. (markt)
@@ -260,7 +265,7 @@
         Fix various edge-cases when parsing EL, particularly inside attribute
         values. Note the the Expert Group has confirmed that JSP.1.6 takes
         precedence over JSP.1.3.10. Therefore EL in attributes must be escaped
-        twice.
+        twice. (markt)
       </fix>
       <fix>
         <bug>46047</bug>: Include the path to the JAR when recording



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to