Author: markt
Date: Sat Jun 9 20:30:44 2012
New Revision: 1348498
URL: http://svn.apache.org/viewvc?rev=1348498&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53047
If the Realm is configured for an authentication only all roles mode and no
role table or column is defined, don't populate the Principal's roles
Modified:
tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java
tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java
Modified: tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java?rev=1348498&r1=1348497&r2=1348498&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java Sat Jun 9
20:30:44 2012
@@ -500,6 +500,12 @@ public class DataSourceRealm extends Rea
protected ArrayList<String> getRoles(Connection dbConnection,
String username) {
+ if (allRolesMode != AllRolesMode.STRICT_MODE && !isRoleStoreDefined())
{
+ // Using an authentication only configuration and no role store has
+ // been defined so don't spend cycles looking
+ return null;
+ }
+
ResultSet rs = null;
PreparedStatement stmt = null;
ArrayList<String> list = null;
@@ -579,8 +585,13 @@ public class DataSourceRealm extends Rea
}
- // ------------------------------------------------------ Lifecycle Methods
+ private boolean isRoleStoreDefined() {
+ return userRoleTable != null || roleNameCol != null;
+ }
+
+
+ // ------------------------------------------------------ Lifecycle Methods
/**
* Prepare for the beginning of active use of the public methods of this
Modified: tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java?rev=1348498&r1=1348497&r2=1348498&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java Sat Jun 9
20:30:44 2012
@@ -596,6 +596,12 @@ public class JDBCRealm
*/
protected ArrayList<String> getRoles(String username) {
+ if (allRolesMode != AllRolesMode.STRICT_MODE && !isRoleStoreDefined())
{
+ // Using an authentication only configuration and no role store has
+ // been defined so don't spend cycles looking
+ return null;
+ }
+
PreparedStatement stmt = null;
ResultSet rs = null;
@@ -655,8 +661,7 @@ public class JDBCRealm
numberOfTries--;
}
- return (null);
-
+ return null;
}
@@ -743,8 +748,12 @@ public class JDBCRealm
}
- // ------------------------------------------------------ Lifecycle Methods
+ private boolean isRoleStoreDefined() {
+ return userRoleTable != null || roleNameCol != null;
+ }
+
+ // ------------------------------------------------------ Lifecycle Methods
/**
* Prepare for the beginning of active use of the public methods of this
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
