svn commit: r1303194 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/valves/RequestFilterValve.java java/org/apache/catalina/valves/mbeans-descriptors.xml webapps/docs/changelog.xml webapps/docs/config/valve.xml

Tue, 20 Mar 2012 16:03:19 -0700 

Author: kkolinko
Date: Tue Mar 20 23:02:55 2012
New Revision: 1303194

URL: http://svn.apache.org/viewvc?rev=1303194&view=rev
Log:
Add "denyStatus" attribute to RequestFilterValve.
Add overridable denyRequest() method to RequestFilterValve.
The denyStatus attribute is used to change HTTP status code that is used when 
rejecting denied request.
E.g. to be 404 instead of default 403.

Backport of r1202565 in trunk, r1202570 in TC7.

Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt
    tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/RequestFilterValve.java
    tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/mbeans-descriptors.xml
    tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
    tomcat/tc6.0.x/trunk/webapps/docs/config/valve.xml

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1303194&r1=1303193&r2=1303194&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Mar 20 23:02:55 2012
@@ -61,14 +61,6 @@ PATCHES PROPOSED TO BACKPORT:
   +1: kkolinko
   -1:
 
-* Add denyStatus attribute to RequestFilterValve
-  (RemoteAddrValve, RemoteHostValve valves). It allows to use different
-  HTTP response code when rejecting denied request. E.g. 404 instead of 403.
-  
http://people.apache.org/~kkolinko/patches/2011-11-16_tc6_RequestFilterValve_denyStatus.patch
-  (r1202565 in trunk, r1202570 in TC7)
-  +1: kkolinko, rjung, fhanik
-  -1:
-
 * Backport SetCharacterEncodingFilter
   1) patch
    
http://people.apache.org/~kkolinko/patches/2011-12-22_tc6_SetCharacterEncodingFilter.patch

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/RequestFilterValve.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/RequestFilterValve.java?rev=1303194&r1=1303193&r2=1303194&view=diff
==============================================================================
--- 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/RequestFilterValve.java 
(original)
+++ 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/RequestFilterValve.java 
Tue Mar 20 23:02:55 2012
@@ -133,6 +133,12 @@ public abstract class RequestFilterValve
     protected volatile boolean denyValid = true;
 
     /**
+     * The HTTP response status code that is used when rejecting denied
+     * request. It is 403 by default, but may be changed to be 404.
+     */
+    protected int denyStatus = HttpServletResponse.SC_FORBIDDEN;
+
+    /**
      * The lifecycle event support for this component.
      */
     protected LifecycleSupport lifecycle = new LifecycleSupport(this);
@@ -224,6 +230,22 @@ public abstract class RequestFilterValve
 
 
     /**
+     * Return response status code that is used to reject denied request.
+     */
+    public int getDenyStatus() {
+        return denyStatus;
+    }
+
+
+    /**
+     * Set response status code that is used to reject denied request.
+     */
+    public void setDenyStatus(int denyStatus) {
+        this.denyStatus = denyStatus;
+    }
+
+
+    /**
      * Return descriptive information about this Valve implementation.
      */
     public String getInfo() {
@@ -318,8 +340,22 @@ public abstract class RequestFilterValve
         }
 
         // Deny this request
-        response.sendError(HttpServletResponse.SC_FORBIDDEN);
+        denyRequest(request, response);
+
+    }
 
+
+    /**
+     * Reject the request that was denied by this valve.
+     *
+     * @param request The servlet request to be processed
+     * @param response The servlet response to be processed
+     * @exception IOException if an input/output error occurs
+     * @exception ServletException if a servlet error occurs
+     */
+    protected void denyRequest(Request request, Response response)
+            throws IOException, ServletException {
+        response.sendError(denyStatus);
     }
 
 

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/mbeans-descriptors.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/mbeans-descriptors.xml?rev=1303194&r1=1303193&r2=1303194&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/mbeans-descriptors.xml 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/mbeans-descriptors.xml 
Tue Mar 20 23:02:55 2012
@@ -306,6 +306,10 @@
                description="The comma-delimited set of deny expressions"
                type="java.lang.String"/>
 
+    <attribute name="denyStatus"
+               description="HTTP response status code that is used when 
rejecting denied request"
+               type="int"/>
+
     <attribute name="denyValid"
                description="Becomes false if assigned value of deny expression 
is not syntactically correct"
                is="true"
@@ -353,6 +357,10 @@
                description="The comma-delimited set of deny expressions"
                type="java.lang.String"/>
 
+    <attribute name="denyStatus"
+               description="HTTP response status code that is used when 
rejecting denied request"
+               type="int"/>
+
     <attribute name="denyValid"
                description="Becomes false if assigned value of deny expression 
is not syntactically correct"
                is="true"

Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1303194&r1=1303193&r2=1303194&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Tue Mar 20 23:02:55 2012
@@ -107,6 +107,12 @@
         Slightly improve performance of UDecoder.convert(). Align
         <code>%2f</code> handling between implementations. (kkolinko)
       </fix>
+      <add>
+        Add <code>denyStatus</code> attribute to 
<code>RequestFilterValve</code>
+        (<code>RemoteAddrValve</code>, <code>RemoteHostValve</code> valves).
+        It allows to use different HTTP response code when rejecting denied
+        request. E.g. 404 instead of 403. (kkolinko)
+      </add>
     </changelog>
   </subsection>
   <subsection name="Coyote">

Modified: tomcat/tc6.0.x/trunk/webapps/docs/config/valve.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/config/valve.xml?rev=1303194&r1=1303193&r2=1303194&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/config/valve.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/config/valve.xml Tue Mar 20 23:02:55 2012
@@ -282,6 +282,12 @@
         governed solely by the <code>accept</code> attribute.</p>
       </attribute>
 
+      <attribute name="denyStatus" required="false">
+        <p>HTTP response status code that is used when rejecting denied
+        request. The default value is <code>403</code>. For example,
+        it can be set to the value <code>404</code>.</p>
+      </attribute>
+
     </attributes>
 
   </subsection>
@@ -338,6 +344,12 @@
         governed solely by the <code>accept</code> attribute.</p>
       </attribute>
 
+      <attribute name="denyStatus" required="false">
+        <p>HTTP response status code that is used when rejecting denied
+        request. The default value is <code>403</code>. For example,
+        it can be set to the value <code>404</code>.</p>
+      </attribute>
+
     </attributes>
 
   </subsection>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to