Author: markt
Date: Wed Mar 20 20:37:59 2013
New Revision: 1459036
URL: http://svn.apache.org/r1459036
Log: (empty)
Added:
tomcat/tc7.0.x/trunk/test/org/apache/catalina/util/TesterBase64Performance.java
- copied, changed from r1459010,
tomcat/trunk/test/org/apache/catalina/util/TesterBase64Performance.java
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java
tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java
tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java
tomcat/tc7.0.x/trunk/java/org/apache/catalina/util/Base64.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc7.0.x/trunk/
------------------------------------------------------------------------------
Merged /tomcat/trunk:r1459010,1459031
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java?rev=1459036&r1=1459035&r2=1459036&view=diff
==============================================================================
---
tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java
(original)
+++
tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java
Wed Mar 20 20:37:59 2013
@@ -24,14 +24,14 @@ import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.xml.bind.DatatypeConverter;
import org.apache.catalina.connector.Request;
import org.apache.catalina.deploy.LoginConfig;
-import org.apache.catalina.util.Base64;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.buf.B2CConverter;
import org.apache.tomcat.util.buf.ByteChunk;
-import org.apache.tomcat.util.buf.CharChunk;
import org.apache.tomcat.util.buf.MessageBytes;
@@ -138,18 +138,28 @@ public class BasicAuthenticator
// FIXME: Add trimming
// authorizationBC.trim();
- CharChunk authorizationCC = authorization.getCharChunk();
- Base64.decode(authorizationBC, authorizationCC);
+ // Use the StringCache as these will be the same between
+ // requests
+ String encoded = authorizationBC.toString();
+ byte[] decoded = DatatypeConverter.parseBase64Binary(encoded);
// Get username and password
- int colon = authorizationCC.indexOf(':');
+ int colon = -1;
+ for (int i = 0; i < decoded.length; i++) {
+ if (decoded[i] == ':') {
+ colon = i;
+ break;
+ }
+ }
+
if (colon < 0) {
- username = authorizationCC.toString();
+ username = new String(decoded, B2CConverter.ISO_8859_1);
} else {
- char[] buf = authorizationCC.getBuffer();
- username = new String(buf, 0, colon);
- password = new String(buf, colon + 1,
- authorizationCC.getEnd() - colon - 1);
+ username = new String(
+ decoded, 0, colon, B2CConverter.ISO_8859_1);
+ password = new String(
+ decoded, colon + 1, decoded.length - colon - 1,
+ B2CConverter.ISO_8859_1);
}
authorizationBC.setOffset(authorizationBC.getOffset() - 6);
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java?rev=1459036&r1=1459035&r2=1459036&view=diff
==============================================================================
---
tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java
(original)
+++
tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java
Wed Mar 20 20:37:59 2013
@@ -33,9 +33,9 @@ import org.apache.catalina.LifecycleExce
import org.apache.catalina.connector.Request;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.startup.Bootstrap;
-import org.apache.catalina.util.Base64;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.buf.B2CConverter;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.MessageBytes;
import org.ietf.jgss.GSSContext;
@@ -194,10 +194,15 @@ public class SpnegoAuthenticator extends
// FIXME: Add trimming
// authorizationBC.trim();
- ByteChunk decoded = new ByteChunk();
- Base64.decode(authorizationBC, decoded);
+ // Create the String directly as this will change on each request and
we
+ // don't want to use the StringCache
+ String encoded = new String(authorizationBC.getBuffer(),
+ authorizationBC.getOffset(),
+ authorizationBC.getLength(), B2CConverter.ISO_8859_1);
- if (decoded.getLength() == 0) {
+ byte[] decoded = DatatypeConverter.parseBase64Binary(encoded);
+
+ if (decoded.length == 0) {
if (log.isDebugEnabled()) {
log.debug(sm.getString(
"spnegoAuthenticator.authHeaderNoToken"));
@@ -236,8 +241,7 @@ public class SpnegoAuthenticator extends
};
gssContext = manager.createContext(Subject.doAs(lc.getSubject(),
action));
- outToken = gssContext.acceptSecContext(decoded.getBytes(),
- decoded.getOffset(), decoded.getLength());
+ outToken = gssContext.acceptSecContext(decoded, 0, decoded.length);
if (outToken == null) {
if (log.isDebugEnabled()) {
Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java?rev=1459036&r1=1459035&r2=1459036&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java Wed Mar
20 20:37:59 2013
@@ -17,7 +17,6 @@
package org.apache.catalina.realm;
-import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.Charset;
@@ -55,9 +54,6 @@ import javax.naming.directory.SearchResu
import javax.xml.bind.DatatypeConverter;
import org.apache.catalina.LifecycleException;
-import org.apache.catalina.util.Base64;
-import org.apache.tomcat.util.buf.ByteChunk;
-import org.apache.tomcat.util.buf.CharChunk;
import org.ietf.jgss.GSSCredential;
/**
@@ -1590,29 +1586,15 @@ public class JNDIRealm extends RealmBase
md.update(credentials.getBytes(Charset.defaultCharset()));
// Decode stored password.
- ByteChunk pwbc = new ByteChunk(password.length());
- try {
-
pwbc.append(password.getBytes(Charset.defaultCharset()),
- 0, password.length());
- } catch (IOException e) {
- // Should never happen
- containerLog.error("Could not append password bytes to
chunk: ", e);
- }
-
- CharChunk decoded = new CharChunk();
- Base64.decode(pwbc, decoded);
- char[] pwarray = decoded.getBuffer();
+ byte[] decoded =
+ DatatypeConverter.parseBase64Binary(password);
// Split decoded password into hash and salt.
final int saltpos = 20;
byte[] hash = new byte[saltpos];
- for (int i=0; i< hash.length; i++) {
- hash[i] = (byte) pwarray[i];
- }
-
- byte[] salt = new byte[pwarray.length - saltpos];
- for (int i=0; i< salt.length; i++)
- salt[i] = (byte)pwarray[i+saltpos];
+ System.arraycopy(decoded, 0, hash, 0, saltpos);
+ byte[] salt = new byte[decoded.length - saltpos];
+ System.arraycopy(decoded, saltpos, salt, 0, salt.length);
md.update(salt);
byte[] dp = md.digest();
Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/util/Base64.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/util/Base64.java?rev=1459036&r1=1459035&r2=1459036&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/catalina/util/Base64.java (original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/util/Base64.java Wed Mar 20
20:37:59 2013
@@ -31,7 +31,12 @@ import org.apache.tomcat.util.buf.CharCh
*
* @author Jeffrey Rodriguez
* @version $Id$
+ *
+ * @deprecated Use {@link
+ * javax.xml.bind.DatatypeConverter#parseBase64Binary(String)}.
+ * This class will be removed in Tomcat 8.
*/
+@Deprecated
public final class Base64
{
private static final int BASELENGTH = 255;
Copied:
tomcat/tc7.0.x/trunk/test/org/apache/catalina/util/TesterBase64Performance.java
(from r1459010,
tomcat/trunk/test/org/apache/catalina/util/TesterBase64Performance.java)
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/catalina/util/TesterBase64Performance.java?p2=tomcat/tc7.0.x/trunk/test/org/apache/catalina/util/TesterBase64Performance.java&p1=tomcat/trunk/test/org/apache/catalina/util/TesterBase64Performance.java&r1=1459010&r2=1459036&rev=1459036&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/catalina/util/TesterBase64Performance.java
(original)
+++
tomcat/tc7.0.x/trunk/test/org/apache/catalina/util/TesterBase64Performance.java
Wed Mar 20 20:37:59 2013
@@ -31,12 +31,13 @@ public class TesterBase64Performance {
private static final int SIZE = 1000000;
+ @SuppressWarnings("deprecation")
@Test
public void testDecode() throws Exception {
- List<ByteChunk> inputs = new ArrayList<>(SIZE);
- List<ByteChunk> warmups = new ArrayList<>(SIZE);
- List<String> results = new ArrayList<>(SIZE);
+ List<ByteChunk> inputs = new ArrayList<ByteChunk>(SIZE);
+ List<ByteChunk> warmups = new ArrayList<ByteChunk>(SIZE);
+ List<String> results = new ArrayList<String>(SIZE);
for (int i = 0; i < SIZE; i++) {
String decodedString = "abc" + Integer.valueOf(i) +
Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1459036&r1=1459035&r2=1459036&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Wed Mar 20 20:37:59 2013
@@ -96,6 +96,10 @@
Enable support for MBeans with multiple operations with the same name
but different signatures. (markt)
</fix>
+ <scode>
+ Deprecate Tomcat's internal Base 64 encoder/decoder and switch to
+ using the JRE provided implementation. (markt)
+ </scode>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
