cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm JNDIRealm.java
markt 2005/01/01 03:08:15 Modified:catalina/src/share/org/apache/catalina/realm JNDIRealm.java Log: Correct bugzilla URL Revision ChangesPath 1.17 +2 -2 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java Index: JNDIRealm.java === RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- JNDIRealm.java19 Nov 2004 15:07:39 - 1.16 +++ JNDIRealm.java1 Jan 2005 11:08:15 - 1.17 @@ -144,7 +144,7 @@ * pstrongWARNING/strong - There is a reported bug against the Netscape * provider code (com.netscape.jndi.ldap.LdapContextFactory) with respect to * successfully authenticated a non-existing user. The - * report is here: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11210 . + * report is here: http://issues.apache.org/bugzilla/show_bug.cgi?id=11210 . * With luck, Netscape has updated their provider code and this is not an * issue. /p * - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm JNDIRealm.java
markt 2004/06/18 16:22:31
Modified:catalina/src/share/org/apache/catalina/realm JNDIRealm.java
Log:
Fix bug 23572. The alternateURL should be used in more cases than just
a naming excetion (eg network error)
- Patch provided by Jean-Yves Collot
- Ported from TC4
Revision ChangesPath
1.13 +2 -2
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
Index: JNDIRealm.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- JNDIRealm.java26 May 2004 15:51:14 - 1.12
+++ JNDIRealm.java18 Jun 2004 23:22:31 - 1.13
@@ -1473,7 +1473,7 @@
// Ensure that we have a directory context available
context = new InitialDirContext(getDirectoryContextEnvironment());
-} catch (NamingException e) {
+} catch (Exception e) {
connectionAttempt = 1;
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm JNDIRealm.java
yoavs 2004/05/26 08:51:14
Modified:catalina/src/share/org/apache/catalina/realm JNDIRealm.java
Log:
Minor JavaDoc fixes (Bugzilla 28335)
Revision ChangesPath
1.12 +3 -3
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
Index: JNDIRealm.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- JNDIRealm.java27 Feb 2004 14:58:45 - 1.11
+++ JNDIRealm.java26 May 2004 15:51:14 - 1.12
@@ -1143,7 +1143,7 @@
* retrieved from the directory.
*
* @param context The directory context
- * @param user The User to be authenticated
+ * @param info The User to be authenticated
* @param credentials Authentication credentials
*
* @exception NamingException if a directory server error occurs
@@ -1640,7 +1640,7 @@
* \ - \5c
* \0 - \00
* @param inString string to escape according to RFC 2254 guidelines
- * @return
+ * @return String the escaped/encoded result
*/
protected String doRFC2254Encoding(String inString) {
StringBuffer buf = new StringBuffer(inString.length());
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm JNDIRealm.java
funkman 2004/02/05 17:50:02
Modified:catalina/src/share/org/apache/catalina/realm JNDIRealm.java
Log:
Bugzilla 26487
RFC 2254 done on whole string instead of just DN
Patch submitted by Jeff Tulley - jtulley A T novell.com
Revision ChangesPath
1.10 +5 -6
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
Index: JNDIRealm.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- JNDIRealm.java26 Jan 2004 19:47:16 - 1.9
+++ JNDIRealm.java6 Feb 2004 01:50:02 - 1.10
@@ -1340,8 +1340,7 @@
return (list);
// Set up parameters for an appropriate search
-String filter = roleFormat.format(new String[] { dn, username });
-filter = doRFC2254Encoding(filter);
+String filter = roleFormat.format(new String[] { doRFC2254Encoding(dn),
username });
SearchControls controls = new SearchControls();
if (roleSubtree)
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm JNDIRealm.java
funkman 2003/12/12 13:43:26
Modified:catalina/src/share/org/apache/catalina/realm JNDIRealm.java
Log:
Resync with 4.1 fixes, in particular - they include:
BZ 23190 16541
And Allow Multiple user patterns per
http://marc.theaimsgroup.com/?l=tomcat-devm=106254937722504w=2
Revision ChangesPath
1.8 +185 -37
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
Index: JNDIRealm.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- JNDIRealm.java2 Sep 2003 21:22:05 - 1.7
+++ JNDIRealm.java12 Dec 2003 21:43:26 - 1.8
@@ -61,6 +61,8 @@
*/
+
+
package org.apache.catalina.realm;
@@ -70,24 +72,25 @@
import java.util.Hashtable;
import java.util.List;
-import javax.naming.AuthenticationException;
-import javax.naming.CommunicationException;
import javax.naming.Context;
-import javax.naming.Name;
+import javax.naming.CommunicationException;
+import javax.naming.InvalidNameException;
import javax.naming.NameNotFoundException;
-import javax.naming.NameParser;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
+import javax.naming.NameParser;
+import javax.naming.Name;
+import javax.naming.AuthenticationException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
-
import org.apache.catalina.LifecycleException;
import org.apache.catalina.util.Base64;
+
/**
* pImplementation of strongRealm/strong that works with a directory
* server accessed via the Java Naming and Directory Interface (JNDI) APIs.
@@ -298,6 +301,17 @@
/**
+ * A string of LDAP user patterns or paths, :-separated
+ * These will be used to form the distinguished name of a
+ * user, with {0} marking the spot where the specified username
+ * goes.
+ * This is similar to userPattern, but allows for multiple searches
+ * for a user.
+ */
+protected String[] userPatternArray = null;
+
+
+/**
* The message format used to form the distinguished name of a
* user, with {0} marking the spot where the specified username
* goes.
@@ -306,10 +320,10 @@
/**
- * The MessageFormat object associated with the current
- * codeuserPattern/code.
+ * An array of MessageFormat objects associated with the current
+ * codeuserPatternArray/code.
*/
-protected MessageFormat userPatternFormat = null;
+protected MessageFormat[] userPatternFormatArray = null;
/**
@@ -361,6 +375,11 @@
*/
protected int connectionAttempt = 0;
+/**
+ * The current user pattern to be used for lookup and binding of a user.
+ */
+protected int curUserPattern = 0;
+
// - Properties
/**
@@ -726,6 +745,11 @@
/**
* Set the message format pattern for selecting users in this Realm.
+ * This may be one simple pattern, or multiple patterns to be tried,
+ * separated by parentheses. (for example, either cn={0}, or
+ * (cn={0})(cn={0},o=myorg) Full LDAP search strings are also supported,
+ * but only the OR, | syntax, so (|(cn={0})(cn={0},o=myorg)) is
+ * also valid. Complex search strings with , etc are NOT supported.
*
* @param userPattern The new user pattern
*/
@@ -733,12 +757,19 @@
this.userPattern = userPattern;
if (userPattern == null)
-userPatternFormat = null;
-else
-userPatternFormat = new MessageFormat(userPattern);
-
+userPatternArray = null;
+else {
+userPatternArray = parseUserPatternString(userPattern);
+int len = this.userPatternArray.length;
+userPatternFormatArray = new MessageFormat[len];
+for (int i=0; i len; i++) {
+userPatternFormatArray[i] =
+new MessageFormat(userPatternArray[i]);
+}
+}
}
+
/**
* Getter for property alternateURL.
*
@@ -750,6 +781,7 @@
}
+
/**
* Setter for property alternateURL.
*
@@ -870,21 +902,50 @@
|| credentials == null || credentials.equals())
return (null);
-// Retrieve user information
-User user =
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm JNDIRealm.java
funkman 2003/08/08 09:39:54
Modified:catalina/src/share/org/apache/catalina/realm JNDIRealm.java
Log:
Fix bug 22236.
addAttributeValues may return null. This could trigger a NPE
if debugging was turned up =2
Also addAttributeValues() returns null if attrId or attrs is null while
ignoring the third parameter values. So always return
values. I think this behavior is more consistent with the javadocs too.
Revision ChangesPath
1.6 +14 -10
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
Index: JNDIRealm.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- JNDIRealm.java6 Aug 2003 18:51:27 - 1.5
+++ JNDIRealm.java8 Aug 2003 16:39:54 - 1.6
@@ -1304,11 +1304,15 @@
list = addAttributeValues(roleName, attrs, list);
}
-// Return the augmented list of roles
+
if (debug = 2) {
-log( Returning + list.size() + roles);
-for (int i=0; ilist.size(); i++)
-log(Found role + list.get(i));
+if (list != null) {
+log( Returning + list.size() + roles);
+for (int i=0; ilist.size(); i++)
+log(Found role + list.get(i));
+} else {
+log( getRoles about to return null );
+}
}
return (list);
@@ -1366,12 +1370,12 @@
if (debug = 3)
log( retrieving values for attribute + attrId);
if (attrId == null || attrs == null)
-return null;
+return values;
if (values == null)
values = new ArrayList();
Attribute attr = attrs.get(attrId);
if (attr == null)
-return (null);
+return (values);
NamingEnumeration e = attr.getAll();
while(e.hasMore()) {
String value = (String)e.next();
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm JNDIRealm.java
funkman 2003/08/06 11:51:27
Modified:catalina/src/share/org/apache/catalina/realm JNDIRealm.java
Log:
Resync with 4.1 for the many bug fixes for JNDIRealm
Revision ChangesPath
1.5 +127 -98
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
Index: JNDIRealm.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- JNDIRealm.java11 Jan 2003 01:57:39 - 1.4
+++ JNDIRealm.java6 Aug 2003 18:51:27 - 1.5
@@ -86,7 +86,7 @@
import org.apache.catalina.LifecycleException;
import org.apache.catalina.Realm;
import org.apache.catalina.util.StringManager;
-
+import org.apache.catalina.util.Base64;
/**
* pImplementation of strongRealm/strong that works with a directory
@@ -107,7 +107,7 @@
* substituting the presented username into a pattern configured by the
* codeuserPattern/code property./li
*
- * liAlternatively, if the codeuserPattern/code property is not
+ * liAlternatively, if the codeuserPattern/code property is not
* specified, a unique element can be located by searching the directory
* context. In this case:
* ul
@@ -122,7 +122,7 @@
* requests a search of only the current level./li
*/ul
* /li
- *
+ *
* liThe user may be authenticated by binding to the directory with the
* username and password presented. This method is used when the
* codeuserPassword/code property is not specified./li
@@ -183,6 +183,13 @@
* format objects) so that codeauthenticate()/code does not have to be
* synchronized./p
*
+ * pstrongWARNING/strong - There is a reported bug against the Netscape
+ * provider code (com.netscape.jndi.ldap.LdapContextFactory) with respect to
+ * successfully authenticated a non-existing user. The
+ * report is here: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11210 .
+ * With luck, Netscape has updated their provider code and this is not an
+ * issue. /p
+ *
* @author John Holman
* @author Craig R. McClanahan
* @version $Revision$ $Date$
@@ -244,19 +251,20 @@
/**
- * The protocol that will be used in the communication with the directory
server.
+ * The protocol that will be used in the communication with the
+ * directory server.
*/
protected String protocol = null;
/**
- * How should we handle referrals? Microsoft Active Directory can't handle
- * the default case, so an application authenticating against AD must
+ * How should we handle referrals? Microsoft Active Directory can't handle
+ * the default case, so an application authenticating against AD must
* set referrals to follow.
*/
protected String referrals = null;
-
-
+
+
/**
* The base element for user searches.
*/
@@ -292,7 +300,7 @@
/**
* The message format used to form the distinguished name of a
* user, with {0} marking the spot where the specified username
- * goes.
+ * goes.
*/
protected String userPattern = null;
@@ -342,11 +350,11 @@
*/
protected boolean roleSubtree = false;
-/**
+/**
* An alternate URL, to which, we should connect if connectionURL fails.
*/
-protected String alternateURL;
-
+protected String alternateURL;
+
/**
* The number of connection attempts. If greater than zero we use the
* alternate url.
@@ -357,24 +365,24 @@
/**
* Return the type of authentication to use.
- */
+ */
public String getAuthentication() {
return authentication;
-
+
}
-
+
/**
* Set the type of authentication to use.
*
* @param authentication The authentication
*/
public void setAuthentication(String authentication) {
-
+
this.authentication = authentication;
-
+
}
-
+
/**
* Return the connection username for this Realm.
*/
@@ -467,20 +475,20 @@
* Return the protocol to be used.
*/
public String getProtocol() {
-
+
return protocol;
-
+
}
-
+
/**
* Set the protocol for this Realm.
*
* @param protocol The new protocol.
*/
public void setProtocol(String protocol) {
-
+
this.protocol = protocol;
-
+
}
@@ -493,13 +501,13 @@
/**
- * How do we handle JNDI referrals? ignore, follow, or throw
+ * How do we handle JNDI
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm JNDIRealm.java
amyroh 2002/11/18 17:27:59
Modified:catalina/src/share/org/apache/catalina/realm JNDIRealm.java
Log:
Port change to configure how JNDI should handle referrals returned by the server.
Revision ChangesPath
1.3 +31 -4
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
Index: JNDIRealm.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- JNDIRealm.java12 Nov 2002 20:09:29 - 1.2
+++ JNDIRealm.java19 Nov 2002 01:27:59 - 1.3
@@ -247,6 +247,14 @@
/**
+ * How should we handle referrals? Microsoft Active Directory can't handle
+ * the default case, so an application authenticating against AD must
+ * set referrals to follow.
+ */
+protected String referrals = null;
+
+
+/**
* The base element for user searches.
*/
protected String userBase = ;
@@ -469,6 +477,23 @@
/**
+ * Returns the current settings for handling JNDI referrals.
+ */
+public String getReferrals () {
+return referrals;
+}
+
+
+/**
+ * How do we handle JNDI referrals? ignore, follow, or throw
+ * (see javax.naming.Context.REFERRAL for more information).
+ */
+public void setReferrals (String referrals) {
+this.referrals = referrals;
+}
+
+
+/**
* Return the base element for user searches.
*/
public String getUserBase() {
@@ -1355,6 +1380,8 @@
env.put(Context.SECURITY_AUTHENTICATION, authentication);
if (protocol != null)
env.put(Context.SECURITY_PROTOCOL, protocol);
+if (referrals != null)
+env.put(Context.REFERRAL, referrals);
context = new InitialDirContext(env);
return (context);
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm JNDIRealm.java
amyroh 2002/11/12 12:09:30
Modified:catalina/src/share/org/apache/catalina/realm JNDIRealm.java
Log:
Port SSL support for JNDIRealm.
Revision ChangesPath
1.2 +66 -5
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
Index: JNDIRealm.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- JNDIRealm.java18 Jul 2002 16:47:55 - 1.1
+++ JNDIRealm.java12 Nov 2002 20:09:29 - 1.2
-190,6 +190,12
/**
+ * The type of authentication to use
+ */
+protected String authentication = null;
+
+
+/**
* The connection username for the server we will contact.
*/
protected String connectionName = null;
-235,6 +241,12
/**
+ * The protocol that will be used in the communication with the directory
server.
+ */
+protected String protocol = null;
+
+
+/**
* The base element for user searches.
*/
protected String userBase = ;
-325,6 +337,28
/**
+ * Return the type of authentication to use.
+ */
+public String getAuthentication() {
+
+return authentication;
+
+}
+
+
+/**
+ * Set the type of authentication to use.
+ *
+ * param authentication The authentication
+ */
+public void setAuthentication(String authentication) {
+
+this.authentication = authentication;
+
+}
+
+
+/**
* Return the connection username for this Realm.
*/
public String getConnectionName() {
-411,6 +445,29
}
+
+/**
+ * Return the protocol to be used.
+ */
+public String getProtocol() {
+
+return protocol;
+
+}
+
+
+/**
+ * Set the protocol for this Realm.
+ *
+ * param protocol The new protocol.
+ */
+public void setProtocol(String protocol) {
+
+this.protocol = protocol;
+
+}
+
+
/**
* Return the base element for user searches.
*/
-1294,6 +1351,11
env.put(Context.SECURITY_CREDENTIALS, connectionPassword);
if (connectionURL != null)
env.put(Context.PROVIDER_URL, connectionURL);
+if (authentication != null)
+env.put(Context.SECURITY_AUTHENTICATION, authentication);
+if (protocol != null)
+env.put(Context.SECURITY_PROTOCOL, protocol);
+
context = new InitialDirContext(env);
return (context);
-1378,4 +1440,3
}
}
-
--
To unsubscribe, e-mail: mailto:tomcat-dev-unsubscribe;jakarta.apache.org
For additional commands, e-mail: mailto:tomcat-dev-help;jakarta.apache.org
