craigmcc 01/05/16 12:30:44
Modified: catalina/src/share/org/apache/catalina/authenticator
AuthenticatorBase.java
Log:
Undo the previous change, back to 1.15 equivalent.
Revision Changes Path
1.17 +78 -22
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
Index: AuthenticatorBase.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- AuthenticatorBase.java 2001/05/16 19:27:48 1.16
+++ AuthenticatorBase.java 2001/05/16 19:30:38 1.17
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.16 2001/05/16 19:27:48 craigmcc Exp $
- * $Revision: 1.16 $
- * $Date: 2001/05/16 19:27:48 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java,v
1.17 2001/05/16 19:30:38 craigmcc Exp $
+ * $Revision: 1.17 $
+ * $Date: 2001/05/16 19:30:38 $
*
* ====================================================================
*
@@ -66,6 +66,8 @@
import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URL;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
@@ -119,7 +121,7 @@
* requests. Requests of any other type will simply be passed through.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.16 $ $Date: 2001/05/16 19:27:48 $
+ * @version $Revision: 1.17 $ $Date: 2001/05/16 19:30:38 $
*/
@@ -479,9 +481,8 @@
if (!checkUserData(hrequest, hresponse, constraint)) {
if (debug >= 1)
log(" Failed checkUserData() test");
- ((HttpServletResponse) hresponse.getResponse()).sendError
- (HttpServletResponse.SC_FORBIDDEN,
- ((HttpServletRequest) hrequest.getRequest()).getRequestURI());
+ // ASSERT: Authenticator already set the appropriate
+ // HTTP status code, so we do not have to do anything special
return;
}
@@ -490,13 +491,13 @@
if (debug >= 1)
log(" Calling authenticate()");
if (!authenticate(hrequest, hresponse, config)) {
- if (debug >= 1)
- log(" Failed authenticate() test");
+ if (debug >= 1)
+ log(" Failed authenticate() test");
// ASSERT: Authenticator already set the appropriate
// HTTP status code, so we do not have to do anything special
return;
}
- }
+ }
// Perform access control based on the specified role(s)
if (constraint.getAuthConstraint()) {
@@ -505,11 +506,11 @@
if (!accessControl(hrequest, hresponse, constraint)) {
if (debug >= 1)
log(" Failed accessControl() test");
- // ASSERT: Access control method has already set the appropriate
+ // ASSERT: AccessControl method has already set the appropriate
// HTTP status code, so we do not have to do anything special
return;
}
- }
+ }
// Any and all specified constraints have been satisfied
if (debug >= 1)
@@ -644,22 +645,77 @@
throws IOException {
// Is there a relevant user data constraint?
- if (constraint == null)
+ if (constraint == null) {
+ if (debug >= 2)
+ log(" No applicable security constraint defined");
return (true);
+ }
String userConstraint = constraint.getUserConstraint();
- if (userConstraint == null)
+ if (userConstraint == null) {
+ if (debug >= 2)
+ log(" No applicable user data constraint defined");
return (true);
- if (userConstraint.equals(Constants.NONE_TRANSPORT))
+ }
+ if (userConstraint.equals(Constants.NONE_TRANSPORT)) {
+ if (debug >= 2)
+ log(" User data constraint has no restrictions");
return (true);
+ }
// Validate the request against the user data constraint
- if (!request.getRequest().isSecure()) {
- ((HttpServletResponse) response.getResponse()).sendError
- (HttpServletResponse.SC_BAD_REQUEST,
- sm.getString("authenticator.userDataConstraint"));
- return (false);
- }
- return (true);
+ if (request.getRequest().isSecure()) {
+ if (debug >= 2)
+ log(" User data constraint already satisfied");
+ return (true);
+ }
+
+ // Initialize variables we need to determine the appropriate action
+ HttpServletRequest hrequest =
+ (HttpServletRequest) request.getRequest();
+ HttpServletResponse hresponse =
+ (HttpServletResponse) response.getResponse();
+ int redirectPort = request.getConnector().getRedirectPort();
+
+ // Is redirecting disabled?
+ if (redirectPort <= 0) {
+ if (debug >= 2)
+ log(" SSL redirect is disabled");
+ hresponse.sendError
+ (HttpServletResponse.SC_FORBIDDEN,
+ hrequest.getRequestURI());
+ return (false);
+ }
+
+ // Redirect to the corresponding SSL port
+ String protocol = "https";
+ String host = hrequest.getServerName();
+ StringBuffer file = new StringBuffer(hrequest.getRequestURI());
+ String requestedSessionId = hrequest.getRequestedSessionId();
+ if ((requestedSessionId != null) &&
+ hrequest.isRequestedSessionIdFromURL()) {
+ file.append(";jsessionid=");
+ file.append(requestedSessionId);
+ }
+ String queryString = hrequest.getQueryString();
+ if (queryString != null) {
+ file.append('?');
+ file.append(queryString);
+ }
+ URL url = null;
+ try {
+ url = new URL(protocol, host, redirectPort, file.toString());
+ if (debug >= 2)
+ log(" Redirecting to " + url.toString());
+ hresponse.sendRedirect(url.toString());
+ return (false);
+ } catch (MalformedURLException e) {
+ if (debug >= 2)
+ log(" Cannot create new URL", e);
+ hresponse.sendError
+ (HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
+ hrequest.getRequestURI());
+ return (false);
+ }
}
