cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/aaa AccessInterceptor.java

Fri, 24 Aug 2001 20:13:12 -0700 

nacho       01/08/24 16:57:45

  Modified:    src/share/org/apache/tomcat/modules/aaa
                        AccessInterceptor.java
  Log:
  Fix for Bugzilla#2118
  
  Incosistent behaviuor updating OriginalLocation in FormAuthHandler Class
  
  Reported by Juan Jose Muņoz ( jmartine at alhsys.es ), mark.shotton at 
micromass.co.uk
  
  Revision  Changes    Path
  1.14      +15 -12    
jakarta-tomcat/src/share/org/apache/tomcat/modules/aaa/AccessInterceptor.java
  
  Index: AccessInterceptor.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/aaa/AccessInterceptor.java,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -r1.13 -r1.14
  --- AccessInterceptor.java    2001/08/23 14:59:14     1.13
  +++ AccessInterceptor.java    2001/08/24 23:57:45     1.14
  @@ -505,24 +505,13 @@
        String username=(String)session.getAttribute( "j_username" );
   
        if( debug>0) log( "Username = " + username);
  -     if( username != null ) {
  -         // 401 with existing j_username - that means wrong credentials.
  -         // Next time we'll have a fresh start
  -         session.removeAttribute( "j_username");
  -         session.removeAttribute( "j_password");
  -         req.setAttribute("javax.servlet.error.message",
  -                          errorPage );
  -         if( debug>0) log( "Redirecting to " + errorPage );
  -         contextM.handleStatus( req, res, 302 ); // redirect
  -         return;
  -     }
   
        String originalLocation = req.requestURI().toString();
        if (req.queryString().toString() != null
                   && !req.queryString().toString().equals(""))
            originalLocation += "?" + req.queryString().toString();
           //XXX is needed to put the JVM route too?
  -        if (noSession 
  +        if (noSession
            || Request.SESSIONID_FROM_URL.equals(req.getSessionIdSource()))  {
            // If new session we have no way to know if cookies are supported
            String id=";jsessionid="+req.getSessionId() ;
  @@ -531,6 +520,20 @@
        }
        session.setAttribute( "tomcat.auth.originalLocation",
                              originalLocation);
  +
  +
  +     if( username != null ) {
  +         // 401 with existing j_username - that means wrong credentials.
  +         // Next time we'll have a fresh start
  +         session.removeAttribute( "j_username");
  +         session.removeAttribute( "j_password");
  +         req.setAttribute("javax.servlet.error.message",
  +                          errorPage );
  +         if( debug>0) log( "Redirecting to " + errorPage );
  +         contextM.handleStatus( req, res, 302 ); // redirect
  +         return;
  +     }
  +
        if( debug > 0 )
            log("Redirect1: " + page  + " originalUri=" +
                originalLocation );

Reply via email to