svn commit: r1408741 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/startup/RealmRuleSet.java webapps/docs/changelog.xml webapps/docs/config/systemprops.xml

Tue, 13 Nov 2012 06:20:46 -0800 

Author: markt
Date: Tue Nov 13 14:20:16 2012
New Revision: 1408741

URL: http://svn.apache.org/viewvc?rev=1408741&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54141
Increase the number of supported nested realm levels from 2 to 3 and make the 
maximum configurable via a system property.

Modified:
    tomcat/tc7.0.x/trunk/   (props changed)
    tomcat/tc7.0.x/trunk/java/org/apache/catalina/startup/RealmRuleSet.java
    tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
    tomcat/tc7.0.x/trunk/webapps/docs/config/systemprops.xml

Propchange: tomcat/tc7.0.x/trunk/
------------------------------------------------------------------------------
  Merged /tomcat/trunk:r1408739

Modified: 
tomcat/tc7.0.x/trunk/java/org/apache/catalina/startup/RealmRuleSet.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/startup/RealmRuleSet.java?rev=1408741&r1=1408740&r2=1408741&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/catalina/startup/RealmRuleSet.java 
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/startup/RealmRuleSet.java Tue 
Nov 13 14:20:16 2012
@@ -34,6 +34,10 @@ import org.apache.tomcat.util.digester.R
 public class RealmRuleSet extends RuleSetBase {
 
 
+    private static final int MAX_NESTED_REALM_LEVELS = Integer.getInteger(
+            "org.apache.catalina.startup.RealmRuleSet.MAX_NESTED_REALM_LEVELS",
+            3).intValue();
+
     // ----------------------------------------------------- Instance Variables
 
 
@@ -88,23 +92,28 @@ public class RealmRuleSet extends RuleSe
     @Override
     public void addRuleInstances(Digester digester) {
 
-        digester.addObjectCreate(prefix + "Realm",
-                                 null, // MUST be specified in the element,
-                                 "className");
-        digester.addSetProperties(prefix + "Realm");
-        digester.addSetNext(prefix + "Realm",
-                            "setRealm",
-                            "org.apache.catalina.Realm");
-
-        digester.addObjectCreate(prefix + "Realm/Realm",
-                                 null, // MUST be specified in the element
-                                 "className");
-        digester.addSetProperties(prefix + "Realm/Realm");
-        digester.addSetNext(prefix + "Realm/Realm",
-                            "addRealm",
-                            "org.apache.catalina.Realm");
-
-    }
+        String pattern = prefix;
 
+        for (int i = 0; i < MAX_NESTED_REALM_LEVELS; i++) {
 
+            if (i > 0) {
+                pattern += "/";
+            }
+            pattern += "Realm";
+
+            digester.addObjectCreate(pattern,
+                                     null, // MUST be specified in the element,
+                                     "className");
+            digester.addSetProperties(pattern);
+            if (i == 0) {
+                digester.addSetNext(pattern,
+                                    "setRealm",
+                                    "org.apache.catalina.Realm");
+            } else {
+                digester.addSetNext(pattern,
+                                    "addRealm",
+                                    "org.apache.catalina.Realm");
+            }
+        }
+    }
 }

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1408741&r1=1408740&r2=1408741&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Nov 13 14:20:16 2012
@@ -148,6 +148,11 @@
         <code>CsrfPreventionFilter</code>, allowing to customize the HTTP
         status code used for denied requests. (kkolinko)
       </add>
+      <fix>
+        <bug>54141</bug>: Increase the permitted number of nested Realm levels
+        from 2 to 3 by default and make the limit configurable via a system
+        property. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">

Modified: tomcat/tc7.0.x/trunk/webapps/docs/config/systemprops.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/config/systemprops.xml?rev=1408741&r1=1408740&r2=1408741&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/webapps/docs/config/systemprops.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/config/systemprops.xml Tue Nov 13 
14:20:16 2012
@@ -643,6 +643,12 @@
       <p>If not specified, the default value of <code>false</code> will be 
used.</p>
     </property>
 
+    <property name="org.apache.catalina.startup. 
RealmRuleSet.MAX_NESTED_REALM_LEVELS">
+      <p>The CombinedRealm allows nested Realms. This property controls the
+      maximum permitted number of levels of nesting.</p>
+      <p>If not specified, the default value of <code>3</code> will be 
used.</p>
+    </property>
+
   </properties>
 
 </section>



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to