cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator SSLAuthenticator.java

Fri, 01 Nov 2002 10:50:44 -0800 

bobh        2002/11/01 10:48:52

  Modified:    catalina/src/share/org/apache/catalina/authenticator
                        SSLAuthenticator.java
  Log:
  To allow the underlying SSL implementation to perform the certificate
  exchange, the socket must be completely read.  If the request was a
  POST, then there is data still waiting on the socket.  We should read
  the entire POST and hold on to it.  This change just takes care of the
  case where the posted ContentType is application/x-www-form-urlencoded.
  I will work over the next few days to implement a more general
  solution.  Kinda hairy, cause if someone posts a huge document - like
  a movie file, then were do we buffer that? on disk?  So if the POST is
  bigger than size X, then start saving to a temporary file?  Then
  change Request.getInputStream() to read from the file?  Joy.
  
  Revision  Changes    Path
  1.5       +12 -4     
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/SSLAuthenticator.java
  
  Index: SSLAuthenticator.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/SSLAuthenticator.java,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- SSLAuthenticator.java     23 Sep 2002 00:24:32 -0000      1.4
  +++ SSLAuthenticator.java     1 Nov 2002 18:48:52 -0000       1.5
  @@ -148,6 +148,14 @@
               (HttpServletResponse) response.getResponse();
           if (debug >= 1)
               log(" Looking up certificates");
  +
  +        if ("POST".equalsIgnoreCase(request.getMethod())) {
  +            // Causes POST of  application/x-www-form-urlencoded to be read,
  +            // removing data from socket so that a cert exchange can happen if 
needed.
  +            // A more general solution for all POSTs is coming 01-Nov-2002 bobh
  +            ((HttpServletRequest) request.getRequest()).getParameterMap();
  +        }
  +
           X509Certificate certs[] = (X509Certificate[])
               request.getRequest().getAttribute(Globals.CERTIFICATES_ATTR);
           if ((certs == null) || (certs.length < 1)) {
  
  
  

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>

Reply via email to