This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 9a486fc74e Additional debug logging for FORM authentication
9a486fc74e is described below
commit 9a486fc74eab25b36001e9678baf0d8cfef8fe09
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Sun Aug 21 16:47:36 2022 +0100
Additional debug logging for FORM authentication
---
java/org/apache/catalina/authenticator/FormAuthenticator.java | 7 +++++++
java/org/apache/catalina/authenticator/LocalStrings.properties | 2 ++
2 files changed, 9 insertions(+)
diff --git a/java/org/apache/catalina/authenticator/FormAuthenticator.java
b/java/org/apache/catalina/authenticator/FormAuthenticator.java
index ed2caf6518..95bffc286a 100644
--- a/java/org/apache/catalina/authenticator/FormAuthenticator.java
+++ b/java/org/apache/catalina/authenticator/FormAuthenticator.java
@@ -258,6 +258,9 @@ public class FormAuthenticator
// Does session id match?
String expectedSessionId = (String)
session.getNote(Constants.SESSION_ID_NOTE);
if (expectedSessionId == null ||
!expectedSessionId.equals(request.getRequestedSessionId())) {
+ if (log.isDebugEnabled()) {
+
log.debug(sm.getString("formAuthenticator.sessionIdMismatch", session.getId(),
expectedSessionId));
+ }
session.expire();
session = null;
}
@@ -418,8 +421,12 @@ public class FormAuthenticator
if (getChangeSessionIdOnAuthentication()) {
Session session = request.getSessionInternal(false);
if (session != null) {
+ String oldSessionId = session.getId();
String newSessionId = changeSessionID(request, session);
session.setNote(Constants.SESSION_ID_NOTE, newSessionId);
+ if (log.isDebugEnabled()) {
+
log.debug(sm.getString("formAuthenticator.changeSessionIdLogin", oldSessionId,
newSessionId));
+ }
}
}
diff --git a/java/org/apache/catalina/authenticator/LocalStrings.properties
b/java/org/apache/catalina/authenticator/LocalStrings.properties
index 81acc29369..ccb4935a9c 100644
--- a/java/org/apache/catalina/authenticator/LocalStrings.properties
+++ b/java/org/apache/catalina/authenticator/LocalStrings.properties
@@ -36,11 +36,13 @@ basicAuthenticator.invalidCharset=The only permitted values
are null, the empty
digestAuthenticator.cacheRemove=A valid entry has been removed from client
nonce cache to make room for new entries. A replay attack is now possible. To
prevent the possibility of replay attacks, reduce nonceValidity or increase
nonceCacheSize. Further warnings of this type will be suppressed for 5 minutes.
+formAuthenticator.changeSessionIdLogin=Session ID changed during before
forwarding to login page during FORM authentication from [{0}] to [{1}]
formAuthenticator.forwardErrorFail=Unexpected error forwarding to error page
formAuthenticator.forwardLogin=Forwarding request for [{0}] made with method
[{1}] to login page [{2}] of context [{3}] using request method GET
formAuthenticator.forwardLoginFail=Unexpected error forwarding to login page
formAuthenticator.noErrorPage=No error page was defined for FORM
authentication in context [{0}]
formAuthenticator.noLoginPage=No login page was defined for FORM
authentication in context [{0}]
+formAuthenticator.sessionIdMismatch=Current session ID is [{0}] but FORM
authenticator was expecting [{1}]
singleSignOn.debug.associate=SSO associating application session [{1}] with
SSO session [{0}]
singleSignOn.debug.associateFail=SSO failed to associate application session
[{0}] since SSO session [{1}] does not exist
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
