Author: kkolinko
Date: Wed Sep 5 07:10:10 2012
New Revision: 1381035
URL: http://svn.apache.org/viewvc?rev=1381035&view=rev
Log:
Backport revision 1377887 from tomcat/trunk:
Remove unneeded handling of FORM authentication in RealmBase.
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1381035&r1=1381034&r2=1381035&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Wed Sep 5 07:10:10 2012
@@ -142,12 +142,6 @@ PATCHES PROPOSED TO BACKPORT:
+1: kkolinko, kfujino, jfclere
-1:
-* Remove unneeded handling of FORM authentication in RealmBase
- http://svn.apache.org/viewvc?rev=1377887&view=rev
- (r1377892 in 7.0)
- +1: kkolinko, kfujino, jfclere
- -1:
-
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53793
Change links on the list of applications in the Manager to point to
'/appname/' instead of '/appname'.
Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1381035&r1=1381034&r2=1381035&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java Wed Sep
5 07:10:10 2012
@@ -45,7 +45,6 @@ import org.apache.catalina.Realm;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.core.ContainerBase;
-import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.deploy.SecurityConstraint;
import org.apache.catalina.deploy.SecurityCollection;
import org.apache.catalina.util.HexUtils;
@@ -766,31 +765,6 @@ public abstract class RealmBase
if (constraints == null || constraints.length == 0)
return (true);
- // Specifically allow access to the form login and form error pages
- // and the "j_security_check" action
- LoginConfig config = context.getLoginConfig();
- if ((config != null) &&
- (Constants.FORM_METHOD.equals(config.getAuthMethod()))) {
- String requestURI = request.getRequestPathMB().toString();
- String loginPage = config.getLoginPage();
- if (loginPage.equals(requestURI)) {
- if (log.isDebugEnabled())
- log.debug(" Allow access to login page " + loginPage);
- return (true);
- }
- String errorPage = config.getErrorPage();
- if (errorPage.equals(requestURI)) {
- if (log.isDebugEnabled())
- log.debug(" Allow access to error page " + errorPage);
- return (true);
- }
- if (requestURI.endsWith(Constants.FORM_ACTION)) {
- if (log.isDebugEnabled())
- log.debug(" Allow access to username/password submission");
- return (true);
- }
- }
-
// Which user principal have we already authenticated?
Principal principal = request.getPrincipal();
boolean status = false;
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1381035&r1=1381034&r2=1381035&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Wed Sep 5 07:10:10 2012
@@ -198,6 +198,9 @@
session by default, tracking server rather than client nonces and
better
handling of stale nonce values. (markt)
</fix>
+ <fix>
+ Remove unneeded handling of FORM authentication in RealmBase.
(kkolinko)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
