changelog.xml

markt Thu, 04 Jun 2009 05:45:46 -0700

Author: markt
Date: Thu Jun  4 12:45:20 2009
New Revision: 781722

URL: http://svn.apache.org/viewvc?rev=781722&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=38553
A lack of certs is normal if the user doesn't have a trusted cert. Return 401, 
not 400 in this case.


Modified:
    
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SSLAuthenticator.java
    tomcat/container/tc5.5.x/webapps/docs/changelog.xml

Modified: 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SSLAuthenticator.java
URL: 
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SSLAuthenticator.java?rev=781722&r1=781721&r2=781722&view=diff
==============================================================================
--- 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SSLAuthenticator.java
 (original)
+++ 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/SSLAuthenticator.java
 Thu Jun  4 12:45:20 2009
@@ -143,7 +143,7 @@
         if ((certs == null) || (certs.length < 1)) {
             if (containerLog.isDebugEnabled())
                 containerLog.debug("  No certificates included with this 
request");
-            response.sendError(HttpServletResponse.SC_BAD_REQUEST,
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
                                sm.getString("authenticator.certificates"));
             return (false);
         }

Modified: tomcat/container/tc5.5.x/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/webapps/docs/changelog.xml?rev=781722&r1=781721&r2=781722&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/webapps/docs/changelog.xml (original)
+++ tomcat/container/tc5.5.x/webapps/docs/changelog.xml Thu Jun  4 12:45:20 2009
@@ -51,6 +51,10 @@
         unavailable during context destruction. (markt)
       </fix>
       <fix>
+        <bug>38553</bug>: A lack of certificates is normal if a user doesn't
+        have a certificate. Return a 401 rather than a 400 in this case. 
(markt)
+      </fix>
+      <fix>
         <bug>39013</bug>: When testing for an invalid docBase, use an exact
         match for the appBase. (markt)
       </fix>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r781722 - in /tomcat/container/tc5.5.x: catalina/src/share/org/apache/catalina/authenticator/SSLAuthenticator.java webapps/docs/changelog.xml

Reply via email to