This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 34c94915e5 Ensure user credentials are removed when no longer required
34c94915e5 is described below
commit 34c94915e56ef6def169fd4abb9a213c9c8810f7
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Feb 19 16:38:24 2025 +0000
Ensure user credentials are removed when no longer required
---
java/org/apache/catalina/realm/JNDIRealm.java | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/java/org/apache/catalina/realm/JNDIRealm.java
b/java/org/apache/catalina/realm/JNDIRealm.java
index 600f151f31..4266aa6ac5 100644
--- a/java/org/apache/catalina/realm/JNDIRealm.java
+++ b/java/org/apache/catalina/realm/JNDIRealm.java
@@ -1837,11 +1837,11 @@ public class JNDIRealm extends RealmBase {
containerLog.trace(" validating credentials by binding as the
user");
}
- userCredentialsAdd(context, dn, credentials);
-
- // Elicit an LDAP bind operation
boolean validated = false;
+
+ // Elicit an LDAP bind operation using the provided user credentials
try {
+ userCredentialsAdd(context, dn, credentials);
if (containerLog.isTraceEnabled()) {
containerLog.trace(" binding as " + dn);
}
@@ -1851,10 +1851,10 @@ public class JNDIRealm extends RealmBase {
if (containerLog.isTraceEnabled()) {
containerLog.trace(" bind attempt failed");
}
+ } finally {
+ userCredentialsRemove(context);
}
- userCredentialsRemove(context);
-
return validated;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
