This is an automated email from the ASF dual-hosted git repository.
rmaucher pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 15182a1e4e Minor code review fixes
15182a1e4e is described below
commit 15182a1e4e1d1367863865d7843c2191bfb3bd30
Author: remm <[email protected]>
AuthorDate: Fri Jun 26 17:08:15 2026 +0200
Minor code review fixes
---
java/org/apache/catalina/realm/JAASCallbackHandler.java | 5 +++--
java/org/apache/catalina/realm/JNDIRealm.java | 4 ++--
java/org/apache/catalina/realm/LockOutRealm.java | 3 ++-
java/org/apache/catalina/realm/NestedCredentialHandler.java | 5 +++--
java/org/apache/catalina/realm/RealmBase.java | 5 +++--
java/org/apache/catalina/session/LocalStrings.properties | 1 +
java/org/apache/catalina/session/ManagerBase.java | 5 +++--
java/org/apache/catalina/session/PersistentManagerBase.java | 4 ++--
java/org/apache/catalina/session/StandardManager.java | 3 ++-
java/org/apache/catalina/session/StandardSession.java | 3 ++-
java/org/apache/catalina/session/StandardSessionFacade.java | 2 +-
java/org/apache/catalina/session/StoreBase.java | 3 ++-
java/org/apache/catalina/ssi/ByteArrayServletOutputStream.java | 2 +-
java/org/apache/catalina/ssi/ExpressionParseTree.java | 3 ++-
14 files changed, 29 insertions(+), 19 deletions(-)
diff --git a/java/org/apache/catalina/realm/JAASCallbackHandler.java
b/java/org/apache/catalina/realm/JAASCallbackHandler.java
index 70e6e79199..2935c53a40 100644
--- a/java/org/apache/catalina/realm/JAASCallbackHandler.java
+++ b/java/org/apache/catalina/realm/JAASCallbackHandler.java
@@ -36,8 +36,9 @@ import org.apache.tomcat.util.res.StringManager;
* <code><Realm></code> element in <code>server.xml</code>.
* <p>
* At present, <code>JAASCallbackHandler</code> knows how to handle callbacks
of type
- * <code>javax.security.auth.callback.NameCallback</code> and
- * <code>javax.security.auth.callback.PasswordCallback</code>.
+ * <code>javax.security.auth.callback.NameCallback</code>,
+ * <code>javax.security.auth.callback.PasswordCallback</code> and
+ * <code>javax.security.auth.callback.TextInputCallback</code>.
*/
public class JAASCallbackHandler implements CallbackHandler {
diff --git a/java/org/apache/catalina/realm/JNDIRealm.java
b/java/org/apache/catalina/realm/JNDIRealm.java
index ab7a4e29e9..fc87ea15d9 100644
--- a/java/org/apache/catalina/realm/JNDIRealm.java
+++ b/java/org/apache/catalina/realm/JNDIRealm.java
@@ -824,7 +824,7 @@ public class JNDIRealm extends RealmBase {
/**
- * Set the "search subtree for roles" flag.
+ * Set the nested group search flag.
*
* @param roleNested The nested group search flag
*/
@@ -2283,7 +2283,7 @@ public class JNDIRealm extends RealmBase {
}
String valueString;
if (value instanceof byte[]) {
- valueString = new String((byte[]) value);
+ valueString = new String((byte[]) value, StandardCharsets.UTF_8);
} else {
valueString = value.toString();
}
diff --git a/java/org/apache/catalina/realm/LockOutRealm.java
b/java/org/apache/catalina/realm/LockOutRealm.java
index a667fe2417..29161280f5 100644
--- a/java/org/apache/catalina/realm/LockOutRealm.java
+++ b/java/org/apache/catalina/realm/LockOutRealm.java
@@ -257,6 +257,7 @@ public class LockOutRealm extends CombinedRealm {
synchronized (this) {
if (!failedUsers.containsKey(username)) {
lockRecord = new LockRecord();
+ lockRecord.registerFailure();
failedUsers.put(username, lockRecord);
} else {
lockRecord = failedUsers.get(username);
@@ -266,9 +267,9 @@ public class LockOutRealm extends CombinedRealm {
// expired so reset failure count
lockRecord.setFailures(0);
}
+ lockRecord.registerFailure();
}
}
- lockRecord.registerFailure();
}
diff --git a/java/org/apache/catalina/realm/NestedCredentialHandler.java
b/java/org/apache/catalina/realm/NestedCredentialHandler.java
index 3a16bd66f5..7d40f8870f 100644
--- a/java/org/apache/catalina/realm/NestedCredentialHandler.java
+++ b/java/org/apache/catalina/realm/NestedCredentialHandler.java
@@ -47,8 +47,9 @@ public class NestedCredentialHandler implements
CredentialHandler {
/**
- * The input credentials will be passed to the first nested {@link
CredentialHandler}. If no nested
- * {@link CredentialHandler} are configured then <code>null</code> will be
returned. {@inheritDoc}
+ * Delegates to the first nested {@link CredentialHandler}'s {@code
mutate()} method.
+ * Returns {@code null} if no nested handlers are configured, or if the
first handler's
+ * {@code mutate()} returns {@code null}.
*/
@Override
public String mutate(String inputCredentials) {
diff --git a/java/org/apache/catalina/realm/RealmBase.java
b/java/org/apache/catalina/realm/RealmBase.java
index a4bfd41fe8..9a9e4e6916 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -68,8 +68,9 @@ import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSName;
/**
- * Simple implementation of <b>Realm</b> that reads an XML file to configure
the valid users, passwords, and roles. The
- * file format (and default file location) are identical to those currently
supported by Tomcat 3.X.
+ * Abstract base class for Realm implementations.
+ * Provides common functionality including credential handling, security
constraint evaluation,
+ * and GSS-API authentication support.
*/
public abstract class RealmBase extends LifecycleMBeanBase implements Realm {
diff --git a/java/org/apache/catalina/session/LocalStrings.properties
b/java/org/apache/catalina/session/LocalStrings.properties
index d2064d5abc..6669906484 100644
--- a/java/org/apache/catalina/session/LocalStrings.properties
+++ b/java/org/apache/catalina/session/LocalStrings.properties
@@ -46,6 +46,7 @@ managerBase.contextNull=The Context must be set to a non-null
value before the M
managerBase.createSession.ise=createSession: Too many active sessions
managerBase.sessionAttributeNameFilter=Skipped session attribute named [{0}]
because it did not match the name filter [{1}]
managerBase.sessionAttributeValueClassNameFilter=Skipped session attribute
named [{0}] because the value type [{1}] did not match the filter [{2}]
+managerBase.sessionIdGeneratorInitFailed=Failed creation of session id
generator with class [{0}]
managerBase.sessionNotFound=The session [{0}] was not found
managerBase.sessionTimeout=Invalid session timeout setting [{0}]
managerBase.setContextNotNew=It is illegal to call setContext() to change the
Context associated with a Manager if the Manager is not in the NEW state
diff --git a/java/org/apache/catalina/session/ManagerBase.java
b/java/org/apache/catalina/session/ManagerBase.java
index 888b802f79..84b5869bff 100644
--- a/java/org/apache/catalina/session/ManagerBase.java
+++ b/java/org/apache/catalina/session/ManagerBase.java
@@ -419,7 +419,8 @@ public abstract class ManagerBase extends
LifecycleMBeanBase implements Manager
sessionIdGenerator =
sessionIdGeneratorClass.getConstructor().newInstance();
return sessionIdGenerator;
} catch (ReflectiveOperationException ex) {
- // Ignore
+
log.warn(sm.getString("managerBase.sessionIdGeneratorInitFailed",
+ sessionIdGeneratorClass.getName()), ex);
}
}
return null;
@@ -636,7 +637,7 @@ public abstract class ManagerBase extends
LifecycleMBeanBase implements Manager
}
/**
- * Invalidate all sessions that have expired.
+ * Check all sessions validity to trigger their expiration if needed.
*/
public void processExpires() {
diff --git a/java/org/apache/catalina/session/PersistentManagerBase.java
b/java/org/apache/catalina/session/PersistentManagerBase.java
index 225f69c4f1..b994ca4a5f 100644
--- a/java/org/apache/catalina/session/PersistentManagerBase.java
+++ b/java/org/apache/catalina/session/PersistentManagerBase.java
@@ -191,7 +191,7 @@ public abstract class PersistentManagerBase extends
ManagerBase implements Store
* Indicates how many seconds old a session can get, after its last use in
a request, before it should be backed up
* to the store. {@code -1} means sessions are not backed up.
*
- * @return the timeout after which sessions are ripe for back up
+ * @return the timeout after which sessions are ripe for backup
*/
public int getMaxIdleBackup() {
@@ -336,7 +336,7 @@ public abstract class PersistentManagerBase extends
ManagerBase implements Store
* Indicates whether sessions are saved when the Manager is shut down
properly. This requires the {@link #unload()}
* method to be called.
*
- * @return {@code true}, when sessions should be saved on restart, {code
false} otherwise
+ * @return {@code true}, when sessions should be saved on restart, {@code
false} otherwise
*/
public boolean getSaveOnRestart() {
diff --git a/java/org/apache/catalina/session/StandardManager.java
b/java/org/apache/catalina/session/StandardManager.java
index 8b808f63c0..fcea21b259 100644
--- a/java/org/apache/catalina/session/StandardManager.java
+++ b/java/org/apache/catalina/session/StandardManager.java
@@ -226,7 +226,8 @@ public class StandardManager extends ManagerBase {
}
}
} finally {
- // Delete the persistent storage file
+ // Delete the persistent storage file in all cases, since
retrying after an exception
+ // is not an option
if (file.exists()) {
if (!file.delete()) {
log.warn(sm.getString("standardManager.deletePersistedFileFail", file));
diff --git a/java/org/apache/catalina/session/StandardSession.java
b/java/org/apache/catalina/session/StandardSession.java
index 3dbcb22ad2..42c3b4a93a 100644
--- a/java/org/apache/catalina/session/StandardSession.java
+++ b/java/org/apache/catalina/session/StandardSession.java
@@ -775,6 +775,7 @@ public class StandardSession implements HttpSession,
Session, Serializable {
// Reset the instance variables associated with this Session
attributes.clear();
+ listeners.clear();
setAuthType(null);
creationTime = 0L;
expiring = false;
@@ -1034,7 +1035,7 @@ public class StandardSession implements HttpSession,
Session, Serializable {
* calls <code>valueBound()</code> on the object.
*
* @param name Name to which the object is bound, cannot be null
- * @param value Object to be bound, cannot be null
+ * @param value Object to be bound, or null to remove the attribute
(equivalent to removeAttribute)
* @param notify whether to notify session listeners
*
* @exception IllegalArgumentException if an attempt is made to add a
non-serializable object in an environment
diff --git a/java/org/apache/catalina/session/StandardSessionFacade.java
b/java/org/apache/catalina/session/StandardSessionFacade.java
index 1386661a4b..03b0f75e27 100644
--- a/java/org/apache/catalina/session/StandardSessionFacade.java
+++ b/java/org/apache/catalina/session/StandardSessionFacade.java
@@ -22,7 +22,7 @@ import javax.servlet.ServletContext;
import javax.servlet.http.HttpSession;
/**
- * Facade for the StandardSession object.
+ * Facade for a HttpSession object.
*/
public class StandardSessionFacade implements HttpSession {
diff --git a/java/org/apache/catalina/session/StoreBase.java
b/java/org/apache/catalina/session/StoreBase.java
index 3ec04a637c..5cdd5d6faa 100644
--- a/java/org/apache/catalina/session/StoreBase.java
+++ b/java/org/apache/catalina/session/StoreBase.java
@@ -26,6 +26,7 @@ import java.io.ObjectInputStream;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.LifecycleState;
import org.apache.catalina.Manager;
+import org.apache.catalina.Session;
import org.apache.catalina.Store;
import org.apache.catalina.util.CustomObjectInputStream;
import org.apache.catalina.util.LifecycleBase;
@@ -141,7 +142,7 @@ public abstract class StoreBase extends LifecycleBase
implements Store {
for (String key : keys) {
try {
- StandardSession session = (StandardSession) load(key);
+ Session session = load(key);
if (session == null) {
continue;
}
diff --git a/java/org/apache/catalina/ssi/ByteArrayServletOutputStream.java
b/java/org/apache/catalina/ssi/ByteArrayServletOutputStream.java
index df014d471c..4262ae3960 100644
--- a/java/org/apache/catalina/ssi/ByteArrayServletOutputStream.java
+++ b/java/org/apache/catalina/ssi/ByteArrayServletOutputStream.java
@@ -23,7 +23,7 @@ import javax.servlet.WriteListener;
/**
- * Class that extends ServletOutputStream, used as a wrapper from within
<code>SsiInclude</code>
+ * Class that extends ServletOutputStream, used as a wrapper from within
<code>SSIInclude</code>
*
* @see ServletOutputStream and ByteArrayOutputStream
*/
diff --git a/java/org/apache/catalina/ssi/ExpressionParseTree.java
b/java/org/apache/catalina/ssi/ExpressionParseTree.java
index 67f0ab7da6..736b60cb6a 100644
--- a/java/org/apache/catalina/ssi/ExpressionParseTree.java
+++ b/java/org/apache/catalina/ssi/ExpressionParseTree.java
@@ -407,7 +407,8 @@ public class ExpressionParseTree {
}
} catch (PatternSyntaxException pse) {
ssiMediator.log(sm.getString("expressionParseTree.invalidExpression", expr),
pse);
- return 0;
+ // Return non-zero (no match) instead of 0 (match)
+ return -1;
}
}
return val1.compareTo(val2);
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
