svn commit: r1348498 - in /tomcat/trunk/java/org/apache/catalina/realm: DataSourceRealm.java JDBCRealm.java

Sat, 09 Jun 2012 13:31:10 -0700 

Author: markt
Date: Sat Jun  9 20:30:44 2012
New Revision: 1348498

URL: http://svn.apache.org/viewvc?rev=1348498&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53047
If the Realm is configured for an authentication only all roles mode and no 
role table or column is defined, don't populate the Principal's roles

Modified:
    tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java
    tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java

Modified: tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java?rev=1348498&r1=1348497&r2=1348498&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java Sat Jun  9 
20:30:44 2012
@@ -500,6 +500,12 @@ public class DataSourceRealm extends Rea
     protected ArrayList<String> getRoles(Connection dbConnection,
                                      String username) {
 
+        if (allRolesMode != AllRolesMode.STRICT_MODE && !isRoleStoreDefined()) 
{
+            // Using an authentication only configuration and no role store has
+            // been defined so don't spend cycles looking
+            return null;
+        }
+
         ResultSet rs = null;
         PreparedStatement stmt = null;
         ArrayList<String> list = null;
@@ -579,8 +585,13 @@ public class DataSourceRealm extends Rea
 
     }
 
-    // ------------------------------------------------------ Lifecycle Methods
 
+    private boolean isRoleStoreDefined() {
+        return userRoleTable != null || roleNameCol != null;
+    }
+
+
+    // ------------------------------------------------------ Lifecycle Methods
 
     /**
      * Prepare for the beginning of active use of the public methods of this

Modified: tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java?rev=1348498&r1=1348497&r2=1348498&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java Sat Jun  9 
20:30:44 2012
@@ -596,6 +596,12 @@ public class JDBCRealm
      */
     protected ArrayList<String> getRoles(String username) {
 
+        if (allRolesMode != AllRolesMode.STRICT_MODE && !isRoleStoreDefined()) 
{
+            // Using an authentication only configuration and no role store has
+            // been defined so don't spend cycles looking
+            return null;
+        }
+
         PreparedStatement stmt = null;
         ResultSet rs = null;
 
@@ -655,8 +661,7 @@ public class JDBCRealm
             numberOfTries--;
         }
 
-        return (null);
-
+        return null;
     }
 
 
@@ -743,8 +748,12 @@ public class JDBCRealm
     }
 
 
-    // ------------------------------------------------------ Lifecycle Methods
+    private boolean isRoleStoreDefined() {
+        return userRoleTable != null || roleNameCol != null;
+    }
+
 
+    // ------------------------------------------------------ Lifecycle Methods
 
     /**
      * Prepare for the beginning of active use of the public methods of this



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to