Author: markt
Date: Thu Nov 7 10:06:11 2013
New Revision: 1539580
URL: http://svn.apache.org/r1539580
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55404
Log warnings about using security roles that are not defined in web.xml as
warnings
Modified:
tomcat/tc6.0.x/trunk/ (props changed)
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ContextConfig.java
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings.properties
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_es.properties
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_fr.properties
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_ja.properties
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc6.0.x/trunk/
------------------------------------------------------------------------------
Merged /tomcat/trunk:r1513148-1513149
Merged /tomcat/tc7.0.x/trunk:r1513151
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1539580&r1=1539579&r2=1539580&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Thu Nov 7 10:06:11 2013
@@ -69,13 +69,6 @@ PATCHES PROPOSED TO BACKPORT:
+1: markt, schultz
-1:
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55404
- Log warnings about using security roles that are not defined in web.xml as
- warnings
- http://svn.apache.org/r1513151
- +1: markt, schultz, kkolinko
- -1:
-
* Fix issue with Manager app and other apps that use i18n in the UI when a
request that specifies an Accept-Language of English ahead of French, Spanish
or Japanese.
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ContextConfig.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ContextConfig.java?rev=1539580&r1=1539579&r2=1539580&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ContextConfig.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ContextConfig.java
Thu Nov 7 10:06:11 2013
@@ -1299,7 +1299,7 @@ public class ContextConfig
for (int j = 0; j < roles.length; j++) {
if (!"*".equals(roles[j]) &&
!context.findSecurityRole(roles[j])) {
- log.info(sm.getString("contextConfig.role.auth",
roles[j]));
+ log.warn(sm.getString("contextConfig.role.auth",
roles[j]));
context.addSecurityRole(roles[j]);
}
}
@@ -1311,14 +1311,14 @@ public class ContextConfig
Wrapper wrapper = (Wrapper) wrappers[i];
String runAs = wrapper.getRunAs();
if ((runAs != null) && !context.findSecurityRole(runAs)) {
- log.info(sm.getString("contextConfig.role.runas", runAs));
+ log.warn(sm.getString("contextConfig.role.runas", runAs));
context.addSecurityRole(runAs);
}
String names[] = wrapper.findSecurityReferences();
for (int j = 0; j < names.length; j++) {
String link = wrapper.findSecurityReference(names[j]);
if ((link != null) && !context.findSecurityRole(link)) {
- log.info(sm.getString("contextConfig.role.link", link));
+ log.warn(sm.getString("contextConfig.role.link", link));
context.addSecurityRole(link);
}
}
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings.properties?rev=1539580&r1=1539579&r2=1539580&view=diff
==============================================================================
---
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings.properties
(original)
+++
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings.properties
Thu Nov 7 10:06:11 2013
@@ -39,9 +39,9 @@ contextConfig.defaultPosition=Occurred a
contextConfig.fixDocBase=Exception fixing docBase for context [{0}]
contextConfig.init=ContextConfig: Initializing
contextConfig.missingRealm=No Realm has been configured to authenticate against
-contextConfig.role.auth=WARNING: Security role name {0} used in an
<auth-constraint> without being defined in a <security-role>
-contextConfig.role.link=WARNING: Security role name {0} used in a <role-link>
without being defined in a <security-role>
-contextConfig.role.runas=WARNING: Security role name {0} used in a <run-as>
without being defined in a <security-role>
+contextConfig.role.auth=Security role name {0} used in an <auth-constraint>
without being defined in a <security-role>
+contextConfig.role.link=Security role name {0} used in a <role-link> without
being defined in a <security-role>
+contextConfig.role.runas=Security role name {0} used in a <run-as> without
being defined in a <security-role>
contextConfig.start=ContextConfig: Processing START
contextConfig.stop=ContextConfig: Processing STOP
contextConfig.tldEntryException=Exception processing TLD {0} in JAR at
resource path {1} in context {2}
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_es.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_es.properties?rev=1539580&r1=1539579&r2=1539580&view=diff
==============================================================================
---
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_es.properties
(original)
+++
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_es.properties
Thu Nov 7 10:06:11 2013
@@ -36,9 +36,9 @@ contextConfig.defaultPosition = Se ha pr
contextConfig.fixDocBase = Excepci\u00F3n arreglando docBase\: {0}
contextConfig.init = ContextConfig\: Inicializando
contextConfig.missingRealm = Alg\u00FAn reino (realm) no ha sido configurado
para realizar la autenticaci\u00F3n
-contextConfig.role.auth = ATENCI\u00D3N\: El nombre de papel de seguridad {0}
es usado en un <auth-constraint> sin haber sido definido en <security-role>
-contextConfig.role.link = ATENCI\u00D3N\: El nombre de papel de seguridad {0}
es usado en un <role-link> sin haber sido definido en <security-role>
-contextConfig.role.runas = ATENCI\u00D3N\: El nombre de papel de seguridad {0}
es usado en un <run-as> sin haber sido definido en <security-role>
+contextConfig.role.auth = El nombre de papel de seguridad {0} es usado en un
<auth-constraint> sin haber sido definido en <security-role>
+contextConfig.role.link = El nombre de papel de seguridad {0} es usado en un
<role-link> sin haber sido definido en <security-role>
+contextConfig.role.runas = El nombre de papel de seguridad {0} es usado en un
<run-as> sin haber sido definido en <security-role>
contextConfig.start = "ContextConfig"\: Tratamiento del "START"
contextConfig.stop = "ContextConfig"\: Tratamiento del "STOP"
contextConfig.tldEntryException = Excepci\u00F3n durante el tratamiento de la
TLD {0} en el JAR indicado por la trayectoria de recurso {1} en contexto {2}
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_fr.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_fr.properties?rev=1539580&r1=1539579&r2=1539580&view=diff
==============================================================================
---
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_fr.properties
(original)
+++
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_fr.properties
Thu Nov 7 10:06:11 2013
@@ -32,9 +32,9 @@ contextConfig.defaultMissing=Le fichier
contextConfig.defaultParse=Erreur d''\u00e9valuation (parse) dans le fichier
web.xml par d\u00e9faut
contextConfig.defaultPosition=S''est produite \u00e0 la ligne {0} colonne {1}
contextConfig.missingRealm=Aucun royaume (realm) n''a \u00e9t\u00e9
configur\u00e9 pour r\u00e9aliser l''authentification
-contextConfig.role.auth=ATTENTION: Le nom de r\u00f4le de s\u00e9curit\u00e9
{0} est utilis\u00e9 dans un <auth-constraint> sans avoir \u00e9t\u00e9
d\u00e9fini dans <security-role>
-contextConfig.role.link=ATTENTION: Le nom de r\u00f4le de s\u00e9curit\u00e9
{0} est utilis\u00e9 dans un <role-link> sans avoir \u00e9t\u00e9 d\u00e9fini
dans <security-role>
-contextConfig.role.runas=ATTENTION: Le nom de r\u00f4le de s\u00e9curit\u00e9
{0} est utilis\u00e9 dans un <run-as> sans avoir \u00e9t\u00e9 d\u00e9fini dans
<security-role>
+contextConfig.role.auth=Le nom de r\u00f4le de s\u00e9curit\u00e9 {0} est
utilis\u00e9 dans un <auth-constraint> sans avoir \u00e9t\u00e9 d\u00e9fini
dans <security-role>
+contextConfig.role.link=Le nom de r\u00f4le de s\u00e9curit\u00e9 {0} est
utilis\u00e9 dans un <role-link> sans avoir \u00e9t\u00e9 d\u00e9fini dans
<security-role>
+contextConfig.role.runas=Le nom de r\u00f4le de s\u00e9curit\u00e9 {0} est
utilis\u00e9 dans un <run-as> sans avoir \u00e9t\u00e9 d\u00e9fini dans
<security-role>
contextConfig.start="ContextConfig": Traitement du "START"
contextConfig.stop="ContextConfig": Traitement du "STOP"
contextConfig.tldEntryException=Exception lors du traitement de la TLD {0}
dans le JAR indiqu\u00e9 par le chemin de ressource {1} dans le contexte {2}
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_ja.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_ja.properties?rev=1539580&r1=1539579&r2=1539580&view=diff
==============================================================================
---
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_ja.properties
(original)
+++
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/LocalStrings_ja.properties
Thu Nov 7 10:06:11 2013
@@ -32,9 +32,9 @@ contextConfig.defaultMissing=\u30c7\u30d
contextConfig.defaultParse=\u30c7\u30d5\u30a9\u30eb\u30c8\u306eweb.xml\u4e2d\u306e\u89e3\u6790\u30a8\u30e9\u30fc\u3067\u3059
contextConfig.defaultPosition={0}\u884c\u306e{1}\u5217\u76ee\u3067\u767a\u751f\u3057\u307e\u3057\u305f
contextConfig.missingRealm=\u8a8d\u8a3c\u3059\u308b\u305f\u3081\u306b\u30ec\u30eb\u30e0\u304c\u8a2d\u5b9a\u3055\u308c\u3066\u3044\u307e\u305b\u3093
-contextConfig.role.auth=\u8b66\u544a:
<security-role>\u306b\u5b9a\u7fa9\u3055\u308c\u3066\u3044\u306a\u3044\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ed\u30fc\u30eb\u540d
{0}
\u304c<auth-constraint>\u306e\u4e2d\u3067\u4f7f\u7528\u3055\u308c\u307e\u3057\u305f
-contextConfig.role.link=\u8b66\u544a:
<security-role>\u306b\u5b9a\u7fa9\u3055\u308c\u3066\u3044\u306a\u3044\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ed\u30fc\u30eb\u540d
{0}
\u304c<role-link>\u306e\u4e2d\u3067\u4f7f\u7528\u3055\u308c\u307e\u3057\u305f
-contextConfig.role.runas=\u8b66\u544a:
<security-role>\u306b\u5b9a\u7fa9\u3055\u308c\u3066\u3044\u306a\u3044\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ed\u30fc\u30eb\u540d
{0} \u304c<run-as>\u306e\u4e2d\u3067\u4f7f\u7528\u3055\u308c\u307e\u3057\u305f
+contextConfig.role.auth=<security-role>\u306b\u5b9a\u7fa9\u3055\u308c\u3066\u3044\u306a\u3044\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ed\u30fc\u30eb\u540d
{0}
\u304c<auth-constraint>\u306e\u4e2d\u3067\u4f7f\u7528\u3055\u308c\u307e\u3057\u305f
+contextConfig.role.link=<security-role>\u306b\u5b9a\u7fa9\u3055\u308c\u3066\u3044\u306a\u3044\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ed\u30fc\u30eb\u540d
{0}
\u304c<role-link>\u306e\u4e2d\u3067\u4f7f\u7528\u3055\u308c\u307e\u3057\u305f
+contextConfig.role.runas=<security-role>\u306b\u5b9a\u7fa9\u3055\u308c\u3066\u3044\u306a\u3044\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ed\u30fc\u30eb\u540d
{0} \u304c<run-as>\u306e\u4e2d\u3067\u4f7f\u7528\u3055\u308c\u307e\u3057\u305f
contextConfig.start=ContextConfig:
\u51e6\u7406\u3092\u958b\u59cb\u3057\u307e\u3059
contextConfig.stop=ContextConfig:
\u51e6\u7406\u3092\u505c\u6b62\u3057\u307e\u3059
contextConfig.tldEntryException=\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8 {2}
\u306e\u30ea\u30bd\u30fc\u30b9\u30d1\u30b9 {1}
\u306eJAR\u30d5\u30a1\u30a4\u30eb\u306eTLD {0}
\u3092\u51e6\u7406\u4e2d\u306e\u4f8b\u5916\u3067\u3059
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1539580&r1=1539579&r2=1539580&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Thu Nov 7 10:06:11 2013
@@ -60,6 +60,10 @@
logging properties without prefixes if the property cannot be found
with
a prefix. (kkolinko)
</fix>
+ <fix>
+ <bug>55404</bug>: Log warnings about using security roles in web.xml as
+ warnings. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
