subject:"\[tomcat\] 01\/01\: Frist draft"

[tomcat] 01/01: Frist draft

2019-10-08 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch BZ-63681/8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 6be96ebba4e7056d5c9621bada2c496f8c0a82d0
Author: Michael Osipov 
AuthorDate: Wed Aug 21 23:23:19 2019 +0200

Frist draft

changelog.xml pending
---
 java/org/apache/catalina/Realm.java   | 13 +
 java/org/apache/catalina/realm/CombinedRealm.java | 34 
 java/org/apache/catalina/realm/LockOutRealm.java  | 12 
 java/org/apache/catalina/realm/RealmBase.java | 67 +++
 4 files changed, 116 insertions(+), 10 deletions(-)

diff --git a/java/org/apache/catalina/Realm.java 
b/java/org/apache/catalina/Realm.java
index a6360cc..412e845 100644
--- a/java/org/apache/catalina/Realm.java
+++ b/java/org/apache/catalina/Realm.java
@@ -25,6 +25,8 @@ import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
 import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
 import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSCredential;
+import org.ietf.jgss.GSSName;
 
 /**
  * A Realm is a read-only facade for an underlying security realm
@@ -135,6 +137,17 @@ public interface Realm {
 
 
 /**
+ * Try to authenticate using a {@link GSSName}
+ *
+ * @param gssName The {@link GSSName} of the principal to look up
+ * @param gssCredential The {@link GSSCredential} of the principal, may be
+ *  {@code null}
+ * @return the associated principal, or {@code null} if there is none
+ */
+public Principal authenticate(GSSName gssName, GSSCredential 
gssCredential);
+
+
+/**
  * Try to authenticate using {@link X509Certificate}s
  *
  * @param certs Array of client certificates, with the first one in
diff --git a/java/org/apache/catalina/realm/CombinedRealm.java 
b/java/org/apache/catalina/realm/CombinedRealm.java
index 59511fa..5645457 100644
--- a/java/org/apache/catalina/realm/CombinedRealm.java
+++ b/java/org/apache/catalina/realm/CombinedRealm.java
@@ -32,6 +32,7 @@ import org.apache.catalina.Realm;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSCredential;
 import org.ietf.jgss.GSSException;
 import org.ietf.jgss.GSSName;
 
@@ -393,6 +394,39 @@ public class CombinedRealm extends RealmBase {
 return null;
 }
 
+/**
+ * {@inheritDoc}
+ */
+@Override
+public Principal authenticate(GSSName gssName, GSSCredential 
gssCredentail) {
+Principal authenticatedUser = null;
+
+String username = String.valueOf(gssName);
+
+for (Realm realm : realms) {
+if (log.isDebugEnabled()) {
+log.debug(sm.getString("combinedRealm.authStart",
+username, realm.getClass().getName()));
+}
+
+authenticatedUser = realm.authenticate(gssName, gssCredentail);
+
+if (authenticatedUser == null) {
+if (log.isDebugEnabled()) {
+log.debug(sm.getString("combinedRealm.authFail",
+username, realm.getClass().getName()));
+}
+} else {
+if (log.isDebugEnabled()) {
+log.debug(sm.getString("combinedRealm.authSuccess",
+username, realm.getClass().getName()));
+}
+break;
+}
+}
+return authenticatedUser;
+}
+
 @Override
 @Deprecated
 protected String getName() {
diff --git a/java/org/apache/catalina/realm/LockOutRealm.java 
b/java/org/apache/catalina/realm/LockOutRealm.java
index b2dc29e..46e6a97 100644
--- a/java/org/apache/catalina/realm/LockOutRealm.java
+++ b/java/org/apache/catalina/realm/LockOutRealm.java
@@ -27,6 +27,7 @@ import org.apache.catalina.LifecycleException;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSCredential;
 import org.ietf.jgss.GSSException;
 import org.ietf.jgss.GSSName;
 
@@ -205,6 +206,17 @@ public class LockOutRealm extends CombinedRealm {
 return null;
 }
 
+/**
+ * {@inheritDoc}
+ */
+@Override
+public Principal authenticate(GSSName gssName, GSSCredential 
gssCredential) {
+String username = String.valueOf(gssName);
+
+Principal authenticatedUser = super.authenticate(gssName, 
gssCredential);
+return filterLockedAccounts(username, authenticatedUser);
+}
+
 
 /*
  * Filters authenticated principals to ensure that null is
diff --git a/java/org/apache/catalina/realm/RealmBase.java 
b/java/org/apache/catalina/realm/RealmBase.java
index d321c56..f300810 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -499,16

[tomcat] 01/01: Frist draft

2019-09-18 Thread michaelo

This is an automated email from the ASF dual-hosted git repository.

michaelo pushed a commit to branch BZ-63681/8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 6be96ebba4e7056d5c9621bada2c496f8c0a82d0
Author: Michael Osipov 
AuthorDate: Wed Aug 21 23:23:19 2019 +0200

Frist draft

changelog.xml pending
---
 java/org/apache/catalina/Realm.java   | 13 +
 java/org/apache/catalina/realm/CombinedRealm.java | 34 
 java/org/apache/catalina/realm/LockOutRealm.java  | 12 
 java/org/apache/catalina/realm/RealmBase.java | 67 +++
 4 files changed, 116 insertions(+), 10 deletions(-)

diff --git a/java/org/apache/catalina/Realm.java 
b/java/org/apache/catalina/Realm.java
index a6360cc..412e845 100644
--- a/java/org/apache/catalina/Realm.java
+++ b/java/org/apache/catalina/Realm.java
@@ -25,6 +25,8 @@ import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
 import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
 import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSCredential;
+import org.ietf.jgss.GSSName;
 
 /**
  * A Realm is a read-only facade for an underlying security realm
@@ -135,6 +137,17 @@ public interface Realm {
 
 
 /**
+ * Try to authenticate using a {@link GSSName}
+ *
+ * @param gssName The {@link GSSName} of the principal to look up
+ * @param gssCredential The {@link GSSCredential} of the principal, may be
+ *  {@code null}
+ * @return the associated principal, or {@code null} if there is none
+ */
+public Principal authenticate(GSSName gssName, GSSCredential 
gssCredential);
+
+
+/**
  * Try to authenticate using {@link X509Certificate}s
  *
  * @param certs Array of client certificates, with the first one in
diff --git a/java/org/apache/catalina/realm/CombinedRealm.java 
b/java/org/apache/catalina/realm/CombinedRealm.java
index 59511fa..5645457 100644
--- a/java/org/apache/catalina/realm/CombinedRealm.java
+++ b/java/org/apache/catalina/realm/CombinedRealm.java
@@ -32,6 +32,7 @@ import org.apache.catalina.Realm;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSCredential;
 import org.ietf.jgss.GSSException;
 import org.ietf.jgss.GSSName;
 
@@ -393,6 +394,39 @@ public class CombinedRealm extends RealmBase {
 return null;
 }
 
+/**
+ * {@inheritDoc}
+ */
+@Override
+public Principal authenticate(GSSName gssName, GSSCredential 
gssCredentail) {
+Principal authenticatedUser = null;
+
+String username = String.valueOf(gssName);
+
+for (Realm realm : realms) {
+if (log.isDebugEnabled()) {
+log.debug(sm.getString("combinedRealm.authStart",
+username, realm.getClass().getName()));
+}
+
+authenticatedUser = realm.authenticate(gssName, gssCredentail);
+
+if (authenticatedUser == null) {
+if (log.isDebugEnabled()) {
+log.debug(sm.getString("combinedRealm.authFail",
+username, realm.getClass().getName()));
+}
+} else {
+if (log.isDebugEnabled()) {
+log.debug(sm.getString("combinedRealm.authSuccess",
+username, realm.getClass().getName()));
+}
+break;
+}
+}
+return authenticatedUser;
+}
+
 @Override
 @Deprecated
 protected String getName() {
diff --git a/java/org/apache/catalina/realm/LockOutRealm.java 
b/java/org/apache/catalina/realm/LockOutRealm.java
index b2dc29e..46e6a97 100644
--- a/java/org/apache/catalina/realm/LockOutRealm.java
+++ b/java/org/apache/catalina/realm/LockOutRealm.java
@@ -27,6 +27,7 @@ import org.apache.catalina.LifecycleException;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSCredential;
 import org.ietf.jgss.GSSException;
 import org.ietf.jgss.GSSName;
 
@@ -205,6 +206,17 @@ public class LockOutRealm extends CombinedRealm {
 return null;
 }
 
+/**
+ * {@inheritDoc}
+ */
+@Override
+public Principal authenticate(GSSName gssName, GSSCredential 
gssCredential) {
+String username = String.valueOf(gssName);
+
+Principal authenticatedUser = super.authenticate(gssName, 
gssCredential);
+return filterLockedAccounts(username, authenticatedUser);
+}
+
 
 /*
  * Filters authenticated principals to ensure that null is
diff --git a/java/org/apache/catalina/realm/RealmBase.java 
b/java/org/apache/catalina/realm/RealmBase.java
index d321c56..f300810 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -499,16

[tomcat] 01/01: Frist draft

2019-08-21 Thread michaelo

This is an automated email from the ASF dual-hosted git repository.

michaelo pushed a commit to branch BZ-63681/8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 8a2343878a7f9eaca5c795ead752bd213edc4de1
Author: Michael Osipov 
AuthorDate: Wed Aug 21 23:23:19 2019 +0200

Frist draft

changelog.xml pending
---
 java/org/apache/catalina/Realm.java   | 13 +
 java/org/apache/catalina/realm/CombinedRealm.java | 34 
 java/org/apache/catalina/realm/LockOutRealm.java  | 12 
 java/org/apache/catalina/realm/RealmBase.java | 67 +++
 4 files changed, 116 insertions(+), 10 deletions(-)

diff --git a/java/org/apache/catalina/Realm.java 
b/java/org/apache/catalina/Realm.java
index a6360cc..412e845 100644
--- a/java/org/apache/catalina/Realm.java
+++ b/java/org/apache/catalina/Realm.java
@@ -25,6 +25,8 @@ import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
 import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
 import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSCredential;
+import org.ietf.jgss.GSSName;
 
 /**
  * A Realm is a read-only facade for an underlying security realm
@@ -135,6 +137,17 @@ public interface Realm {
 
 
 /**
+ * Try to authenticate using a {@link GSSName}
+ *
+ * @param gssName The {@link GSSName} of the principal to look up
+ * @param gssCredential The {@link GSSCredential} of the principal, may be
+ *  {@code null}
+ * @return the associated principal, or {@code null} if there is none
+ */
+public Principal authenticate(GSSName gssName, GSSCredential 
gssCredential);
+
+
+/**
  * Try to authenticate using {@link X509Certificate}s
  *
  * @param certs Array of client certificates, with the first one in
diff --git a/java/org/apache/catalina/realm/CombinedRealm.java 
b/java/org/apache/catalina/realm/CombinedRealm.java
index 59511fa..5645457 100644
--- a/java/org/apache/catalina/realm/CombinedRealm.java
+++ b/java/org/apache/catalina/realm/CombinedRealm.java
@@ -32,6 +32,7 @@ import org.apache.catalina.Realm;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSCredential;
 import org.ietf.jgss.GSSException;
 import org.ietf.jgss.GSSName;
 
@@ -393,6 +394,39 @@ public class CombinedRealm extends RealmBase {
 return null;
 }
 
+/**
+ * {@inheritDoc}
+ */
+@Override
+public Principal authenticate(GSSName gssName, GSSCredential 
gssCredentail) {
+Principal authenticatedUser = null;
+
+String username = String.valueOf(gssName);
+
+for (Realm realm : realms) {
+if (log.isDebugEnabled()) {
+log.debug(sm.getString("combinedRealm.authStart",
+username, realm.getClass().getName()));
+}
+
+authenticatedUser = realm.authenticate(gssName, gssCredentail);
+
+if (authenticatedUser == null) {
+if (log.isDebugEnabled()) {
+log.debug(sm.getString("combinedRealm.authFail",
+username, realm.getClass().getName()));
+}
+} else {
+if (log.isDebugEnabled()) {
+log.debug(sm.getString("combinedRealm.authSuccess",
+username, realm.getClass().getName()));
+}
+break;
+}
+}
+return authenticatedUser;
+}
+
 @Override
 @Deprecated
 protected String getName() {
diff --git a/java/org/apache/catalina/realm/LockOutRealm.java 
b/java/org/apache/catalina/realm/LockOutRealm.java
index b2dc29e..46e6a97 100644
--- a/java/org/apache/catalina/realm/LockOutRealm.java
+++ b/java/org/apache/catalina/realm/LockOutRealm.java
@@ -27,6 +27,7 @@ import org.apache.catalina.LifecycleException;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSCredential;
 import org.ietf.jgss.GSSException;
 import org.ietf.jgss.GSSName;
 
@@ -205,6 +206,17 @@ public class LockOutRealm extends CombinedRealm {
 return null;
 }
 
+/**
+ * {@inheritDoc}
+ */
+@Override
+public Principal authenticate(GSSName gssName, GSSCredential 
gssCredential) {
+String username = String.valueOf(gssName);
+
+Principal authenticatedUser = super.authenticate(gssName, 
gssCredential);
+return filterLockedAccounts(username, authenticatedUser);
+}
+
 
 /*
  * Filters authenticated principals to ensure that null is
diff --git a/java/org/apache/catalina/realm/RealmBase.java 
b/java/org/apache/catalina/realm/RealmBase.java
index dd1761c..26f94d2 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -499,16

[tomcat] 01/01: Frist draft

[tomcat] 01/01: Frist draft

[tomcat] 01/01: Frist draft

3 matches

Site Navigation

Mail list logo

Footer information