changelog.xml

markt Mon, 21 Dec 2009 04:56:38 -0800

Author: markt
Date: Mon Dec 21 12:56:09 2009
New Revision: 892804

URL: http://svn.apache.org/viewvc?rev=892804&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47537
Return an error page rather than a zero length 200 response if the forward to 
the login or error page fails during FORM authentication


Modified:
    tomcat/tc6.0.x/trunk/   (props changed)
    tomcat/tc6.0.x/trunk/STATUS.txt
    
tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java
    
tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
    tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc6.0.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Dec 21 12:56:09 2009
@@ -1,2 +1,2 @@
 /tomcat:883362
-/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,666232,673796,673820,677910,683969,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,713953,714002,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,753039,757335,757774,758249,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,770809,77
 
0876,772872,776921,776924,776935,776945,777464,777466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985,789389,790405,791041,791184,791194,791224,791243,791326,791328,791789,792740,793372,793757,793882,793981,794082,794673,794822,795043,795152,795210,795457,795466,797168,797425,797596,797607,802727,802940,804462,804544,804734,805153,809131,809603,810916,810977,812125,812137,812432,813001,813013,813866,814180,814708,814876,815972,816252,817442,817822,819339,819361,820110,820132,820874,820954,821397,828196,828201,828210,828225,828759,830378-830379,830999,831106,831774,831785,831828,831850,831860,832214,832218,833121,833545,834047,835036,835336,836405,881396,881412,883130,883146,883177,883362,883565,884341,885038,885991,886019,888072,889363,889716,890139,890265,890349-890350,890417,891185-891187,891583,8921
 98,892415,892464,892555
+/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,666232,673796,673820,677910,683969,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,713953,714002,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,753039,757335,757774,758249,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,770809,77
 
0876,772872,776921,776924,776935,776945,777464,777466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985,789389,790405,791041,791184,791194,791224,791243,791326,791328,791789,792740,793372,793757,793882,793981,794082,794673,794822,795043,795152,795210,795457,795466,797168,797425,797596,797607,802727,802940,804462,804544,804734,805153,809131,809603,810916,810977,812125,812137,812432,813001,813013,813866,814180,814708,814876,815972,816252,817442,817822,819339,819361,820110,820132,820874,820954,821397,828196,828201,828210,828225,828759,830378-830379,830999,831106,831774,831785,831828,831850,831860,832214,832218,833121,833545,834047,835036,835336,836405,881396,881412,883130,883146,883177,883362,883565,884341,885038,885991,886019,888072,889363,889606,889716,890139,890265,890349-890350,890417,891185-891187,8915
 83,892198,892415,892464,892555

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=892804&r1=892803&r2=892804&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Dec 21 12:56:09 2009
@@ -298,13 +298,6 @@
   +1: markt, rjung
   -1: 
 
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47537
-  Return an error page rather than a zero length 200 response if the forward to
-  the login or error page fails during FORM authentication
-  http://svn.apache.org/viewvc?rev=889606&view=rev
-  +1: markt, rjung, jfclere
-  -1: 
-
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47774
   Ensure web application class loader is used when calling session listeners
   http://svn.apache.org/viewvc?rev=890530&view=rev

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java?rev=892804&r1=892803&r2=892804&view=diff
==============================================================================
--- 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java
 (original)
+++ 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java
 Mon Dec 21 12:56:09 2009
@@ -30,6 +30,7 @@
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.catalina.Globals;
 import org.apache.catalina.Realm;
 import org.apache.catalina.Session;
 import org.apache.catalina.connector.Request;
@@ -307,8 +308,12 @@
      * @param response Response we are creating
      * @param config    Login configuration describing how authentication
      *              should be performed
+     * @throws IOException  If the forward to the login page fails and the call
+     *                      to {...@link HttpServletResponse#sendError(int, 
String)
+     *                      throws an {...@link IOException}
      */
-    protected void forwardToLoginPage(Request request, Response response, 
LoginConfig config) {
+    protected void forwardToLoginPage(Request request, Response response,
+            LoginConfig config) throws IOException {
         RequestDispatcher disp =
             context.getServletContext().getRequestDispatcher
             (config.getLoginPage());
@@ -316,7 +321,11 @@
             disp.forward(request.getRequest(), response.getResponse());
             response.finishResponse();
         } catch (Throwable t) {
-            log.warn("Unexpected error forwarding to login page", t);
+            String msg = sm.getString("formAuthenticator.forwardLoginFail");
+            log.warn(msg, t);
+            request.setAttribute(Globals.EXCEPTION_ATTR, t);
+            response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
+                    msg);
         }
     }
 
@@ -328,15 +337,23 @@
      * @param response Response we are creating
      * @param config    Login configuration describing how authentication
      *              should be performed
+     * @throws IOException  If the forward to the error page fails and the call
+     *                      to {...@link HttpServletResponse#sendError(int, 
String)
+     *                      throws an {...@link IOException}
      */
-    protected void forwardToErrorPage(Request request, Response response, 
LoginConfig config) {
+    protected void forwardToErrorPage(Request request, Response response,
+            LoginConfig config) throws IOException {
         RequestDispatcher disp =
             context.getServletContext().getRequestDispatcher
             (config.getErrorPage());
         try {
             disp.forward(request.getRequest(), response.getResponse());
         } catch (Throwable t) {
-            log.warn("Unexpected error forwarding to error page", t);
+            String msg = sm.getString("formAuthenticator.forwardErrorFail");
+            log.warn(msg, t);
+            request.setAttribute(Globals.EXCEPTION_ATTR, t);
+            response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
+                    msg);
         }
     }
 

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties?rev=892804&r1=892803&r2=892804&view=diff
==============================================================================
--- 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
 (original)
+++ 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties
 Mon Dec 21 12:56:09 2009
@@ -27,3 +27,6 @@
 authenticator.sessionExpired=The time allowed for the login process has been 
exceeded. If you wish to continue you must either click back twice and re-click 
the link you requested or close and re-open your browser
 authenticator.unauthorized=Cannot authenticate with the provided credentials
 authenticator.userDataConstraint=This request violates a User Data constraint 
for this application
+
+formAuthenticator.forwardErrorFail=Unexpected error forwarding to error page
+formAuthenticator.forwardLoginFail=Unexpected error forwarding to login page

Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=892804&r1=892803&r2=892804&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Dec 21 12:56:09 2009
@@ -171,6 +171,11 @@
         old method. Patch provided by Christopher Schultz. (markt)
       </fix>
       <fix>
+        <bug>47537</bug>: Return an error page rather than a zero length 200
+        response if the forward to the login or error page fails during FORM
+        authentication. (markt)
+      </fix>
+      <fix>
         <bug>47718</bug>: Fix file descriptor leak on context stop/reload. 
Patch
         provided by George Sexton. (markt)
       </fix>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r892804 - in /tomcat/tc6.0.x/trunk: ./ STATUS.txt java/org/apache/catalina/authenticator/FormAuthenticator.java java/org/apache/catalina/authenticator/LocalStrings.properties webapps/docs/changelog.xml

Reply via email to