Author: markt
Date: Mon May 25 09:51:18 2009
New Revision: 778370
URL: http://svn.apache.org/viewvc?rev=778370&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=42579
Handle both relative and absolute search results
Patch provided by Brandon DuRette
Note: Needed to port part of r711355 (rjung) to support this fix.
Modified:
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
tomcat/container/tc5.5.x/webapps/docs/changelog.xml
tomcat/current/tc5.5.x/STATUS.txt
Modified:
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
URL:
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java?rev=778370&r1=778369&r2=778370&view=diff
==============================================================================
---
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
(original)
+++
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
Mon May 25 09:51:18 2009
@@ -18,6 +18,8 @@
package org.apache.catalina.realm;
import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
import java.security.Principal;
import java.text.MessageFormat;
import java.util.ArrayList;
@@ -1083,17 +1085,7 @@
return (null);
}
- // Get the entry's distinguished name
- NameParser parser = context.getNameParser("");
- Name contextName = parser.parse(context.getNameInNamespace());
- Name baseName = parser.parse(userBase);
-
- // Bugzilla 32269
- Name entryName = parser.parse(new
CompositeName(result.getName()).get(0));
-
- Name name = contextName.addAll(baseName);
- name = name.addAll(entryName);
- String dn = name.toString();
+ String dn = getDistinguishedName(context, userBase, result);
if (containerLog.isTraceEnabled())
containerLog.trace(" entry found for " + username + " with dn " +
dn);
@@ -1805,6 +1797,62 @@
}
+ /**
+ * Returns the distinguished name of a search result.
+ *
+ * @param context Our DirContext
+ * @param base The base DN
+ * @param result The search result
+ * @return String containing the distinguished name
+ */
+ protected String getDistinguishedName(DirContext context, String base,
+ SearchResult result) throws NamingException {
+ // Get the entry's distinguished name. For relative results, this
means
+ // we need to composite a name with the base name, the context name,
and
+ // the result name. For non-relative names, use the returned name.
+ if (result.isRelative()) {
+ if (containerLog.isTraceEnabled()) {
+ containerLog.trace(" search returned relative name: " +
+ result.getName());
+ }
+ NameParser parser = context.getNameParser("");
+ Name contextName = parser.parse(context.getNameInNamespace());
+ Name baseName = parser.parse(base);
+
+ // Bugzilla 32269
+ Name entryName =
+ parser.parse(new CompositeName(result.getName()).get(0));
+
+ Name name = contextName.addAll(baseName);
+ name = name.addAll(entryName);
+ return name.toString();
+ } else {
+ String absoluteName = result.getName();
+ if (containerLog.isTraceEnabled())
+ containerLog.trace(" search returned absolute name: " +
+ result.getName());
+ try {
+ // Normalize the name by running it through the name parser.
+ NameParser parser = context.getNameParser("");
+ URI userNameUri = new URI(absoluteName);
+ String pathComponent = userNameUri.getPath();
+ // Should not ever have an empty path component, since that is
/{DN}
+ if (pathComponent.length() < 1 ) {
+ throw new InvalidNameException(
+ "Search returned unparseable absolute name: " +
+ absoluteName );
+ }
+ Name name = parser.parse(pathComponent.substring(1));
+ return name.toString();
+ } catch ( URISyntaxException e ) {
+ throw new InvalidNameException(
+ "Search returned unparseable absolute name: " +
+ absoluteName );
+ }
+ }
+ }
+
+
}
// ------------------------------------------------------ Private Classes
Modified: tomcat/container/tc5.5.x/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/webapps/docs/changelog.xml?rev=778370&r1=778369&r2=778370&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/webapps/docs/changelog.xml (original)
+++ tomcat/container/tc5.5.x/webapps/docs/changelog.xml Mon May 25 09:51:18 2009
@@ -55,6 +55,11 @@
session cookie and session path parameter to be configured. (markt)
</add>
<fix>
+ <bug>42579</bug>: Support both relative and absolute search results in
+ the JNDI Realm implementation. Patch provided by Brandon DuRette.
+ (markt)
+ </fix>
+ <fix>
<bug>45576</bug>: JAAS Realm now works with DIGEST authentication.
(markt)
</fix>
Modified: tomcat/current/tc5.5.x/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/current/tc5.5.x/STATUS.txt?rev=778370&r1=778369&r2=778370&view=diff
==============================================================================
--- tomcat/current/tc5.5.x/STATUS.txt (original)
+++ tomcat/current/tc5.5.x/STATUS.txt Mon May 25 09:51:18 2009
@@ -216,13 +216,6 @@
+1: markt, rjung
-1:
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=42579
- Handle both relative and absolute search results
- Patch provided by Brandon DuRette
- http://svn.apache.org/viewvc?rev=763706&view=rev
- +1: markt, rjung, kkolinko
- -1:
-
* Update native to 1.1.16
http://svn.apache.org/viewvc?view=rev&revision=762868
+1: markt, rjung, kkolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
