On Mon, Mar 26, 2001 at 08:02:18PM -0000, [EMAIL PROTECTED] wrote:
" craigmcc 01/03/26 12:02:17
"
" Modified: catalina/src/share/org/apache/catalina/connector
" HttpRequestBase.java
" Log:
" Correct the implementation of HttpServletRequest.isUserInRole() so that it
" properly respects role name aliases defined with <security-role-ref>.
Shouldn't this check for a mapped role first and only check for the
unmapped role if there is no mapping.
"
" PR: Bugzilla #1086
" Submitted by: [EMAIL PROTECTED]
"
" Revision Changes Path
" 1.18 +22 -12
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/HttpRequestBase.java
"
" Index: HttpRequestBase.java
" ===================================================================
" RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/HttpRequestBase.java,v
" retrieving revision 1.17
" retrieving revision 1.18
" diff -u -r1.17 -r1.18
" --- HttpRequestBase.java 2001/03/14 02:17:21 1.17
" +++ HttpRequestBase.java 2001/03/26 20:02:17 1.18
" @@ -1,7 +1,7 @@
" /*
" - * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/HttpRequestBase.java,v
1.17 2001/03/14 02:17:21 craigmcc Exp $
" - * $Revision: 1.17 $
" - * $Date: 2001/03/14 02:17:21 $
" + * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/HttpRequestBase.java,v
1.18 2001/03/26 20:02:17 craigmcc Exp $
" + * $Revision: 1.18 $
" + * $Date: 2001/03/26 20:02:17 $
" *
" * ====================================================================
" *
" @@ -100,7 +100,7 @@
" * be implemented.
" *
" * @author Craig R. McClanahan
" - * @version $Revision: 1.17 $ $Date: 2001/03/14 02:17:21 $
" + * @version $Revision: 1.18 $ $Date: 2001/03/26 20:02:17 $
" */
"
" public class HttpRequestBase
" @@ -1135,20 +1135,30 @@
" */
" public boolean isUserInRole(String role) {
"
" - if (context == null)
" + // Have we got an authenticated principal at all?
" + if (userPrincipal == null)
" return (false);
" -
" - // Respect role name translations in the deployment descriptor
" - String realRole = context.findRoleMapping(role);
"
" - // Determine whether the current user has this role
" - if (userPrincipal == null)
" - return (false);
" + // Identify the Realm we will use for checking role assignmenets
" + if (context == null)
" + return (false);
" Realm realm = context.getRealm();
" if (realm == null)
" return (false);
"
" - return (realm.hasRole(userPrincipal, realRole));
" + // See if this role is assigned directly to the authenticated user
" + if (realm.hasRole(userPrincipal, role))
" + return (true);
" +
" + // Map the specified role if it is an alias defined in a
" + // <security-role-ref> element
" + if (wrapper == null)
" + return (false);
" + String realRole = wrapper.findSecurityReference(role);
" + if (realRole != null)
" + return (realm.hasRole(userPrincipal, realRole));
" + else
" + return (false);
"
" }
"
"
"
"
--
Bill Claypool | Seeing is believing in the things you see.
[EMAIL PROTECTED] | Loving is believing in the ones you love.
1 916 928 6259 | RKBA! -Margie Adam