This is an automated email from the ASF dual-hosted git repository.
rmaucher pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new fa8e7cc343 Return null on a non existing principal
fa8e7cc343 is described below
commit fa8e7cc3431efb124300fe7e5b293177a1fba998
Author: remm <[email protected]>
AuthorDate: Sat May 23 15:50:19 2026 +0200
Return null on a non existing principal
This does not have a consequence in practice as getPassword is used
first, which returns null.
---
java/org/apache/catalina/users/DataSourceUserDatabase.java | 2 ++
test/org/apache/catalina/users/TestDataSourceUserDatabase.java | 1 +
webapps/docs/changelog.xml | 4 ++++
3 files changed, 7 insertions(+)
diff --git a/java/org/apache/catalina/users/DataSourceUserDatabase.java
b/java/org/apache/catalina/users/DataSourceUserDatabase.java
index 548b4de750..7842ca25ff 100644
--- a/java/org/apache/catalina/users/DataSourceUserDatabase.java
+++ b/java/org/apache/catalina/users/DataSourceUserDatabase.java
@@ -920,6 +920,8 @@ public class DataSourceUserDatabase extends
SparseUserDatabase {
if (userFullNameCol != null) {
fullName = rs.getString(2);
}
+ } else {
+ return null;
}
dbCredentials = (dbCredentials != null) ? dbCredentials.trim()
: null;
diff --git a/test/org/apache/catalina/users/TestDataSourceUserDatabase.java
b/test/org/apache/catalina/users/TestDataSourceUserDatabase.java
index c331cb353d..ff09d226b2 100644
--- a/test/org/apache/catalina/users/TestDataSourceUserDatabase.java
+++ b/test/org/apache/catalina/users/TestDataSourceUserDatabase.java
@@ -154,6 +154,7 @@ public class TestDataSourceUserDatabase extends
LoggingBaseTest {
// Manager role cannot be saved, but remains valid in memory
managerRole = db.findRole("manager");
Assert.assertFalse("Unexpected role for user",
tomcatUser.isInRole(managerRole));
+ Assert.assertNull(db.findUser("foo"));
db.close();
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 9dc4828bf9..c6583fd204 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -272,6 +272,10 @@
<code>MemoryRealm</code> should not add a dummy role when none is
specified in the configuration. (remm)
</fix>
+ <fix>
+ <code>DataSourceUserDatabase</code> should return a null principal on
+ a non existing user. (remm)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
