craigmcc 01/07/28 21:34:17
Modified: catalina/src/share/org/apache/catalina Context.java
catalina/src/share/org/apache/catalina/core
StandardContext.java StandardHost.java
catalina/src/share/org/apache/catalina/startup
ContextConfig.java
Log:
Correct handling of web application startup so that parsing errors in the
web.xml file cause the application to be marked unavailable. Previously,
the application was started anyway, which could cause security issues (for
example, confidential information might be visible because of an incorrect
security constraint definition that was therefore not installed at all).
PR: Bugzilla #2870
Submitted by: Remy Maucherat <[EMAIL PROTECTED]>
Revision Changes Path
1.17 +20 -4
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Context.java
Index: Context.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Context.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- Context.java 2001/04/05 19:30:39 1.16
+++ Context.java 2001/07/29 04:34:17 1.17
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Context.java,v
1.16 2001/04/05 19:30:39 craigmcc Exp $
- * $Revision: 1.16 $
- * $Date: 2001/04/05 19:30:39 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Context.java,v
1.17 2001/07/29 04:34:17 craigmcc Exp $
+ * $Revision: 1.17 $
+ * $Date: 2001/07/29 04:34:17 $
*
* ====================================================================
*
@@ -96,7 +96,7 @@
* <p>
*
* @author Craig R. McClanahan
- * @version $Revision: 1.16 $ $Date: 2001/04/05 19:30:39 $
+ * @version $Revision: 1.17 $ $Date: 2001/07/29 04:34:17 $
*/
public interface Context extends Container {
@@ -152,6 +152,22 @@
* @param mapper The new mapper
*/
public void setCharsetMapper(CharsetMapper mapper);
+
+
+ /**
+ * Return the "correctly configured" flag for this Context.
+ */
+ public boolean getConfigured();
+
+
+ /**
+ * Set the "correctly configured" flag for this Context. This can be
+ * set to false by startup listeners that detect a fatal configuration
+ * error to avoid the application from being made available.
+ *
+ * @param configured The new correctly configured flag
+ */
+ public void setConfigured(boolean configured);
/**
1.73 +49 -8
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContext.java
Index: StandardContext.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContext.java,v
retrieving revision 1.72
retrieving revision 1.73
diff -u -r1.72 -r1.73
--- StandardContext.java 2001/07/26 00:15:58 1.72
+++ StandardContext.java 2001/07/29 04:34:17 1.73
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContext.java,v
1.72 2001/07/26 00:15:58 remm Exp $
- * $Revision: 1.72 $
- * $Date: 2001/07/26 00:15:58 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContext.java,v
1.73 2001/07/29 04:34:17 craigmcc Exp $
+ * $Revision: 1.73 $
+ * $Date: 2001/07/29 04:34:17 $
*
* ====================================================================
*
@@ -142,7 +142,7 @@
*
* @author Craig R. McClanahan
* @author Remy Maucherat
- * @version $Revision: 1.72 $ $Date: 2001/07/26 00:15:58 $
+ * @version $Revision: 1.73 $ $Date: 2001/07/29 04:34:17 $
*/
public class StandardContext
@@ -208,6 +208,12 @@
/**
+ * The "correctly configured" flag for this Context.
+ */
+ private boolean configured = false;
+
+
+ /**
* The security constraints for this web application.
*/
private SecurityConstraint constraints[] = new SecurityConstraint[0];
@@ -626,6 +632,34 @@
/**
+ * Return the "correctly configured" flag for this Context.
+ */
+ public boolean getConfigured() {
+
+ return (this.configured);
+
+ }
+
+
+ /**
+ * Set the "correctly configured" flag for this Context. This can be
+ * set to false by startup listeners that detect a fatal configuration
+ * error to avoid the application from being made available.
+ *
+ * @param configured The new correctly configured flag
+ */
+ public void setConfigured(boolean configured) {
+
+ boolean oldConfigured = this.configured;
+ this.configured = configured;
+ support.firePropertyChange("configured",
+ new Boolean(oldConfigured),
+ new Boolean(this.configured));
+
+ }
+
+
+ /**
* Return the "use cookies for session ids" flag.
*/
public boolean getCookies() {
@@ -3226,7 +3260,10 @@
if (debug >= 1)
log("Starting");
+ if (debug >= 1)
+ log("Processing start(), current available=" + getAvailable());
setAvailable(false);
+ setConfigured(false);
boolean ok = true;
// Add missing components as necessary
@@ -3261,6 +3298,8 @@
if (debug >= 1)
log("Processing standard container startup");
super.start();
+ if (!getConfigured())
+ ok = false;
// Reading the "catalina.useNaming" environment variable
String useNamingProperty = System.getProperty("catalina.useNaming");
@@ -3271,7 +3310,7 @@
// Create and register the associated naming context, if internal
// naming is used
- if (isUseNaming()) {
+ if (ok && isUseNaming()) {
try {
createNamingContext();
} catch (NamingException e) {
@@ -3282,8 +3321,9 @@
}
// We put the resources into the servlet context
- getServletContext().setAttribute
- (Globals.RESOURCES_ATTR, getResources());
+ if (ok)
+ getServletContext().setAttribute
+ (Globals.RESOURCES_ATTR, getResources());
// Binding thread
ClassLoader oldCCL = bindThread();
@@ -3306,7 +3346,8 @@
}
// Load and initialize all "load on startup" servlets
- loadOnStartup(findChildren());
+ if (ok)
+ loadOnStartup(findChildren());
// Unbinding thread
unbindThread(oldCCL);
1.17 +4 -5
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardHost.java
Index: StandardHost.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardHost.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- StandardHost.java 2001/07/22 20:25:08 1.16
+++ StandardHost.java 2001/07/29 04:34:17 1.17
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardHost.java,v
1.16 2001/07/22 20:25:08 pier Exp $
- * $Revision: 1.16 $
- * $Date: 2001/07/22 20:25:08 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardHost.java,v
1.17 2001/07/29 04:34:17 craigmcc Exp $
+ * $Revision: 1.17 $
+ * $Date: 2001/07/29 04:34:17 $
*
* ====================================================================
*
@@ -100,7 +100,7 @@
* requests directed to a particular web application.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.16 $ $Date: 2001/07/22 20:25:08 $
+ * @version $Revision: 1.17 $ $Date: 2001/07/29 04:34:17 $
*/
public class StandardHost
@@ -755,7 +755,6 @@
log("standardHost.start " + contextPath);
try {
((Lifecycle) context).start();
- context.setAvailable(true);
} catch (LifecycleException e) {
log("standardHost.start " + contextPath + ": ", e);
throw new IllegalStateException
1.50 +7 -6
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java
Index: ContextConfig.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java,v
retrieving revision 1.49
retrieving revision 1.50
diff -u -r1.49 -r1.50
--- ContextConfig.java 2001/07/22 20:25:13 1.49
+++ ContextConfig.java 2001/07/29 04:34:17 1.50
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java,v
1.49 2001/07/22 20:25:13 pier Exp $
- * $Revision: 1.49 $
- * $Date: 2001/07/22 20:25:13 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java,v
1.50 2001/07/29 04:34:17 craigmcc Exp $
+ * $Revision: 1.50 $
+ * $Date: 2001/07/29 04:34:17 $
*
* ====================================================================
*
@@ -128,7 +128,7 @@
* of that Context, and the associated defined servlets.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.49 $ $Date: 2001/07/22 20:25:13 $
+ * @version $Revision: 1.50 $ $Date: 2001/07/29 04:34:17 $
*/
public final class ContextConfig
@@ -799,6 +799,7 @@
if (debug > 0)
log(sm.getString("contextConfig.start"));
+ context.setConfigured(false);
ok = true;
// Set properties based on DefaultContext
@@ -847,10 +848,10 @@
// Make our application available if no problems were encountered
if (ok)
- context.setAvailable(true);
+ context.setConfigured(true);
else {
log(sm.getString("contextConfig.unavailable"));
- context.setAvailable(false);
+ context.setConfigured(false);
}
}
