[Bug 54340] Form-based authentication + url rewriting does not work
https://issues.apache.org/bugzilla/show_bug.cgi?id=54340 --- Comment #2 from Koen Deforche --- Hey, Indeed, it looks like the same bug. I really did search the database, but, apparently, not good enough, so sorry for that. We will test with a more recent version (we tested with tomcat 7.0.26 and 7.0.28). >> On top of this (and perhaps related to these problems), in the actual web >> application a different session ID is actually printed. > >2. As expected. See "changeSessionIdOnAuthentication" in >http://tomcat.apache.org/tomcat-7.0-doc/config/valve.html I do understand that the session ID is changed, however, I would have assumed that authentication happens when the credential are received, i.e. in the POST to j_security_check; and then a redirect happens to a URL with a new session ID. But this is not what is observed, instead it seems that either only the session ID is changed when the request arrives to the actual application, or, there is a mismatch between the session ID in the URL and the one that is reported by sessionID() ? The expected behavior (to me), which is seen in jetty, is that the first access to the actual application (after authentication) has a sessionId() reported that is equal to the session ID in the URL, but is possibly changed from a sessionId() that was used prior to authentication. Regards, koen -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1425979 - /tomcat/trunk/webapps/examples/WEB-INF/web.xml
Author: markt Date: Wed Dec 26 18:22:53 2012 New Revision: 1425979 URL: http://svn.apache.org/viewvc?rev=1425979&view=rev Log: Later Autobahn tests need a bigger buffer Modified: tomcat/trunk/webapps/examples/WEB-INF/web.xml Modified: tomcat/trunk/webapps/examples/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/examples/WEB-INF/web.xml?rev=1425979&r1=1425978&r2=1425979&view=diff == --- tomcat/trunk/webapps/examples/WEB-INF/web.xml (original) +++ tomcat/trunk/webapps/examples/WEB-INF/web.xml Wed Dec 26 18:22:53 2012 @@ -358,6 +358,7 @@ wsReadBufferSize - 102400 + + 524288 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1425980 - in /tomcat/trunk/java/org/apache/tomcat/websocket: LocalStrings.properties Util.java WsFrame.java
Author: markt
Date: Wed Dec 26 18:25:22 2012
New Revision: 1425980
URL: http://svn.apache.org/viewvc?rev=1425980&view=rev
Log:
Fix various failures when running the Autobahn close tests
- some close codes are not meant to be used on the wire
- properly decode UTF-8 close reasons
- single byte close codes are invalid
Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties
tomcat/trunk/java/org/apache/tomcat/websocket/Util.java
tomcat/trunk/java/org/apache/tomcat/websocket/WsFrame.java
Modified: tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties?rev=1425980&r1=1425979&r2=1425980&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties
(original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties Wed
Dec 26 18:25:22 2012
@@ -25,7 +25,9 @@ wsFrame.controlPayloadTooBig=A control f
wsFrame.controlNoFin=A control frame was sent that did not have the fin bit
set. Control frames are not permitted to use continuation frames.
wsFrame.invalidOpCode= A WebSocket frame was sent with an unrecognised opCode
of [{0}]
wsFrame.invalidUtf8=A WebSocket text frame was received that could not be
decoded to UTF-8 because it contained invalid byte sequences
+wsFrame.invalidUtf8Close=A WebSocket close frame was received with a close
reason that contained invalid UTF-8 byte sequences
wsFrame.noContinuation=A new message was started when a continuation frame was
expected
wsFrame.notMasked=The client frame was not masked but all client frames must
be masked
+wsFrame.oneByteCloseCode=The client sent a close frame with a single byte
payload which is not valid
wsFrame.textMessageTooBig=The decoded text message was too big to fit in the
output text message buffer and the endpoint does not support delivery of
partial messages
wsFrame.wrongRsv=The client frame set the reserved bits to [{0}] which was not
supported by this endpoint
\ No newline at end of file
Modified: tomcat/trunk/java/org/apache/tomcat/websocket/Util.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/Util.java?rev=1425980&r1=1425979&r2=1425980&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/websocket/Util.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/Util.java Wed Dec 26 18:25:22
2012
@@ -57,6 +57,9 @@ class Util {
static CloseCode getCloseCode(int code) {
+if (code > 2999 && code < 5000) {
+return CloseCodes.NORMAL_CLOSURE;
+}
switch (code) {
case 1000:
return CloseCodes.NORMAL_CLOSURE;
@@ -67,11 +70,17 @@ class Util {
case 1003:
return CloseCodes.CANNOT_ACCEPT;
case 1004:
-return CloseCodes.RESERVED;
+// Should not be used in a close frame
+// return CloseCodes.RESERVED;
+return CloseCodes.PROTOCOL_ERROR;
case 1005:
-return CloseCodes.NO_STATUS_CODE;
+// Should not be used in a close frame
+// return CloseCodes.NO_STATUS_CODE;
+return CloseCodes.PROTOCOL_ERROR;
case 1006:
-return CloseCodes.CLOSED_ABNORMALLY;
+// Should not be used in a close frame
+// return CloseCodes.CLOSED_ABNORMALLY;
+return CloseCodes.PROTOCOL_ERROR;
case 1007:
return CloseCodes.NOT_CONSISTENT;
case 1008:
@@ -83,11 +92,17 @@ class Util {
case 1011:
return CloseCodes.UNEXPECTED_CONDITION;
case 1012:
-return CloseCodes.SERVICE_RESTART;
+// Not in RFC6455
+// return CloseCodes.SERVICE_RESTART;
+return CloseCodes.PROTOCOL_ERROR;
case 1013:
-return CloseCodes.TRY_AGAIN_LATER;
+// Not in RFC6455
+// return CloseCodes.TRY_AGAIN_LATER;
+return CloseCodes.PROTOCOL_ERROR;
case 1015:
-return CloseCodes.TLS_HANDSHAKE_FAILURE;
+// Should not be used in a close frame
+// return CloseCodes.TLS_HANDSHAKE_FAILURE;
+return CloseCodes.PROTOCOL_ERROR;
default:
return CloseCodes.PROTOCOL_ERROR;
}
Modified: tomcat/trunk/java/org/apache/tomcat/websocket/WsFrame.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsFrame.java?rev=1425980&r1=1425979&r2=1425980&view=diff
==
--- tomcat/trunk/java/org/apache/t
svn commit: r1425985 - /tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties
Author: markt
Date: Wed Dec 26 18:33:54 2012
New Revision: 1425985
URL: http://svn.apache.org/viewvc?rev=1425985&view=rev
Log:
Make sure reason phrases will fit into a control frame payload
Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties
Modified: tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties?rev=1425985&r1=1425984&r2=1425985&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties
(original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties Wed
Dec 26 18:33:54 2012
@@ -21,7 +21,7 @@ serverContainer.servletContextMissing=No
uriTemplate.noMatch=The input template [{0}] generated the pattern [{1}] which
did not match the supplied pathInfo [{2}]
wsFrame.byteToLongFail=Too many bytes ([{0}]) were provided to be converted
into a long
wsFrame.controlFragmented=A fragmented control frame was received but control
frames may not be fragmented
-wsFrame.controlPayloadTooBig=A control frame was sent with a payload of length
[{0}] which is larger than the maximum length permitted of 125 bytes
+wsFrame.controlPayloadTooBig=A control frame was sent with a payload of size
[{0}] which is larger than the maximum permitted of 125 bytes
wsFrame.controlNoFin=A control frame was sent that did not have the fin bit
set. Control frames are not permitted to use continuation frames.
wsFrame.invalidOpCode= A WebSocket frame was sent with an unrecognised opCode
of [{0}]
wsFrame.invalidUtf8=A WebSocket text frame was received that could not be
decoded to UTF-8 because it contained invalid byte sequences
@@ -29,5 +29,5 @@ wsFrame.invalidUtf8Close=A WebSocket clo
wsFrame.noContinuation=A new message was started when a continuation frame was
expected
wsFrame.notMasked=The client frame was not masked but all client frames must
be masked
wsFrame.oneByteCloseCode=The client sent a close frame with a single byte
payload which is not valid
-wsFrame.textMessageTooBig=The decoded text message was too big to fit in the
output text message buffer and the endpoint does not support delivery of
partial messages
+wsFrame.textMessageTooBig=The decoded text message was too big for the output
buffer and the endpoint does not support partial messages
wsFrame.wrongRsv=The client frame set the reserved bits to [{0}] which was not
supported by this endpoint
\ No newline at end of file
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1425998 - /tomcat/trunk/java/javax/net/
Author: markt Date: Wed Dec 26 19:42:56 2012 New Revision: 1425998 URL: http://svn.apache.org/viewvc?rev=1425998&view=rev Log: Clean up old dirs Removed: tomcat/trunk/java/javax/net/ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1426007 - /tomcat/trunk/java/org/apache/tomcat/websocket/PojoMessageHandlerAsyncBase.java
Author: markt
Date: Wed Dec 26 20:19:06 2012
New Revision: 1426007
URL: http://svn.apache.org/viewvc?rev=1426007&view=rev
Log:
Don't swallow nested exception
Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/PojoMessageHandlerAsyncBase.java
Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/PojoMessageHandlerAsyncBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/PojoMessageHandlerAsyncBase.java?rev=1426007&r1=1426006&r2=1426007&view=diff
==
---
tomcat/trunk/java/org/apache/tomcat/websocket/PojoMessageHandlerAsyncBase.java
(original)
+++
tomcat/trunk/java/org/apache/tomcat/websocket/PojoMessageHandlerAsyncBase.java
Wed Dec 26 20:19:06 2012
@@ -55,7 +55,7 @@ public abstract class PojoMessageHandler
try {
result = method.invoke(pojo, parameters);
} catch (IllegalAccessException | InvocationTargetException e) {
-throw new IllegalArgumentException();
+throw new IllegalArgumentException(e);
}
processResult(result);
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1426008 - /tomcat/trunk/java/org/apache/tomcat/websocket/PojoMethodMapping.java
Author: markt
Date: Wed Dec 26 20:19:28 2012
New Revision: 1426008
URL: http://svn.apache.org/viewvc?rev=1426008&view=rev
Log:
Fix swapped parameters
Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/PojoMethodMapping.java
Modified: tomcat/trunk/java/org/apache/tomcat/websocket/PojoMethodMapping.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/PojoMethodMapping.java?rev=1426008&r1=1426007&r2=1426008&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/websocket/PojoMethodMapping.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/PojoMethodMapping.java Wed
Dec 26 20:19:28 2012
@@ -383,16 +383,16 @@ public class PojoMethodMapping {
// ASync
if (indexString != -1) {
mh = new PojoMessageHandlerAsyncString(pojo, m, session,
-params, indexString, false, indexSession,
-indexBoolean);
+params, indexString, false, indexBoolean,
+indexSession);
} else if (indexByteArray != -1) {
mh = new PojoMessageHandlerAsyncBinary(pojo, m, session,
-params, indexByteArray, true, indexSession,
-indexBoolean);
+params, indexByteArray, true, indexBoolean,
+indexSession);
} else {
mh = new PojoMessageHandlerAsyncBinary(pojo, m, session,
-params, indexByteBuffer, false, indexSession,
-indexBoolean);
+params, indexByteBuffer, false, indexBoolean,
+indexSession);
}
}
return mh;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1426009 - /tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpoint.java
Author: markt
Date: Wed Dec 26 20:19:51 2012
New Revision: 1426009
URL: http://svn.apache.org/viewvc?rev=1426009&view=rev
Log:
Correctly set isText flag for text messages
Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpoint.java
Modified: tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpoint.java?rev=1426009&r1=1426008&r2=1426009&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpoint.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpoint.java Wed Dec
26 20:19:51 2012
@@ -100,7 +100,7 @@ public class WsRemoteEndpoint implements
}
sendMessage(Constants.OPCODE_TEXT, textToByte, first, isLast);
if (!isLast) {
-isText = Boolean.FALSE;
+isText = Boolean.TRUE;
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1426010 - /tomcat/trunk/java/org/apache/tomcat/websocket/WsFrame.java
Author: markt
Date: Wed Dec 26 20:20:37 2012
New Revision: 1426010
URL: http://svn.apache.org/viewvc?rev=1426010&view=rev
Log:
Can't use opCodes to determine message types because of continuation frames.
Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/WsFrame.java
Modified: tomcat/trunk/java/org/apache/tomcat/websocket/WsFrame.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsFrame.java?rev=1426010&r1=1426009&r2=1426010&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/websocket/WsFrame.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/WsFrame.java Wed Dec 26
20:20:37 2012
@@ -478,20 +478,20 @@ public class WsFrame {
private boolean usePartial() {
-if (opCode == Constants.OPCODE_BINARY) {
-MessageHandler mh = wsSession.getBinaryMessageHandler();
-if (mh != null) {
-return mh instanceof MessageHandler.Async;
-}
+if (isControl()) {
return false;
-} else if (opCode == Constants.OPCODE_TEXT) {
+} else if (textMessage) {
MessageHandler mh = wsSession.getTextMessageHandler();
if (mh != null) {
return mh instanceof MessageHandler.Async;
}
return false;
} else {
-// All other OpCodes require the full payload to be present
+// Must be binary
+MessageHandler mh = wsSession.getBinaryMessageHandler();
+if (mh != null) {
+return mh instanceof MessageHandler.Async;
+}
return false;
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1426086 - /tomcat/trunk/java/org/apache/coyote/http11/upgrade/NioServletInputStream.java
Author: markt
Date: Wed Dec 26 22:57:16 2012
New Revision: 1426086
URL: http://svn.apache.org/viewvc?rev=1426086&view=rev
Log:
Remove unnecessary code
Modified:
tomcat/trunk/java/org/apache/coyote/http11/upgrade/NioServletInputStream.java
Modified:
tomcat/trunk/java/org/apache/coyote/http11/upgrade/NioServletInputStream.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/upgrade/NioServletInputStream.java?rev=1426086&r1=1426085&r2=1426086&view=diff
==
---
tomcat/trunk/java/org/apache/coyote/http11/upgrade/NioServletInputStream.java
(original)
+++
tomcat/trunk/java/org/apache/coyote/http11/upgrade/NioServletInputStream.java
Wed Dec 26 22:57:16 2012
@@ -83,7 +83,6 @@ public class NioServletInputStream exten
// that was just read
if (nRead > 0) {
readBuffer.flip();
-readBuffer.limit(nRead);
if (nRead > leftToWrite) {
readBuffer.get(b, newOffset, leftToWrite);
leftToWrite = 0;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
