larryi 02/02/08 04:48:04
Modified: src/share/org/apache/tomcat/modules/server
Ajp13Interceptor.java
Log:
Since the ajp13.id file is always written, a "shutdown" property is added
to the file to indicate that shutdown is enabled.
Added an authenticateRequests attribute so a secret may be set for
shutdown purposes and it still be able to work with Tomcat 3.3's mod_jk
based connectors. It defaults to not authenticating.
Revision Changes Path
1.19 +25 -10
jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Ajp13Interceptor.java
Index: Ajp13Interceptor.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Ajp13Interceptor.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- Ajp13Interceptor.java 7 Feb 2002 05:07:36 -0000 1.18
+++ Ajp13Interceptor.java 8 Feb 2002 12:48:04 -0000 1.19
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Ajp13Interceptor.java,v
1.18 2002/02/07 05:07:36 costin Exp $
- * $Revision: 1.18 $
- * $Date: 2002/02/07 05:07:36 $
+ * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Ajp13Interceptor.java,v
1.19 2002/02/08 12:48:04 larryi Exp $
+ * $Revision: 1.19 $
+ * $Date: 2002/02/08 12:48:04 $
*
* ====================================================================
*
@@ -86,8 +86,9 @@
private boolean decoded=true;
private int decodedNote;
- private String secret;
- private File ajpidFile;
+ private String secret=null;
+ private File ajpidFile=null;
+ private boolean authenticateRequests=false;
public Ajp13Interceptor()
{
@@ -122,6 +123,7 @@
*/
public void setUseSecret(boolean b ) {
secret=Double.toString(Math.random());
+ shutDownEnable=true;
}
/** Set the 'secret'. If this is set, all sensitive operations
@@ -140,8 +142,13 @@
public void setAjpidFile( String path ) {
ajpidFile=( path==null?null:new File(path));
}
-
-
+
+ /** Specify if Ajp13 requests must be authenticated
+ */
+ public void setAuthenticateRequests( boolean b ) {
+ authenticateRequests=b;
+ }
+
public void setDecodedUri( boolean b ) {
decoded=b;
}
@@ -163,7 +170,7 @@
{
if( state==ContextManager.STATE_START ) {
- // the engine is now started, create the ajp12.id
+ // the engine is now started, create the ajp13.id
// file that will allow us to stop the server and
// know that the server is started ok.
Ajp13Interceptor tcpCon=this;
@@ -193,6 +200,8 @@
} else {
// stopF.println();
}
+ if( shutDownEnable )
+ props.put( "shutdown", "enabled" );
// stopF.close();
props.save( stopF, "Automatically generated, don't edit" );
} catch( IOException ex ) {
@@ -266,9 +275,10 @@
boolean moreRequests = true;
boolean authenticated = false;
- // If we are not configured with a secret, assume
+ // If we are not configured with a secret or we are
+ // not authenticating requests, assume
// we trust the remote party ( as we did before )
- if( secret == null )
+ if( secret == null || !authenticateRequests )
authenticated=true;
while(moreRequests) {
@@ -291,6 +301,11 @@
}
if( status==-2) {
+ // check secret if set
+ if( secret != null && ! secret.equals(con.getSecret())) {
+ log("Shutdown command ignored. Secret didn't match.");
+ continue;
+ }
// special case - shutdown
// XXX need better communication, refactor it
if( !doShutdown(con,
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
