glenn 2003/01/10 17:47:13
Modified: . RELEASE-NOTES-4.1.txt
catalina/src/share/org/apache/catalina/realm JNDIRealm.java
webapps/tomcat-docs realm-howto.xml
Log:
Apply JNDIRealm patch to add alternateURL provided by Brad Handy
Revision Changes Path
1.45 +6 -1 jakarta-tomcat-4.0/RELEASE-NOTES-4.1.txt
Index: RELEASE-NOTES-4.1.txt
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/RELEASE-NOTES-4.1.txt,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- RELEASE-NOTES-4.1.txt 10 Jan 2003 15:52:17 -0000 1.44
+++ RELEASE-NOTES-4.1.txt 11 Jan 2003 01:47:13 -0000 1.45
@@ -111,6 +111,11 @@
A new Realm implementation which can use a JNDI named JDBC
DataSource has been added.
+[4.1.19] JNDIRealm:
+ Added support for using an alternateURL if a socket connection
+ can not be made to the provider at the connectionURL.
+
+
-------------------
Jasper New Features:
-------------------
1.11 +115 -16
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java
Index: JNDIRealm.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- JNDIRealm.java 19 Nov 2002 01:26:38 -0000 1.10
+++ JNDIRealm.java 11 Jan 2003 01:47:13 -0000 1.11
@@ -70,6 +70,7 @@
import java.util.Hashtable;
import java.util.List;
import javax.naming.Context;
+import javax.naming.CommunicationException;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
@@ -98,6 +99,10 @@
* element in the top level <code>DirContext</code> that is accessed
* via the <code>connectionURL</code> property.</li>
*
+ * <li>If a socket connection can not be made to the <code>connectURL</code>
+ * an attempt will be made to use the <code>alternateURL</code> if it
+ * exists.</li>
+ *
* <li>Each user element has a distinguished name that can be formed by
* substituting the presented username into a pattern configured by the
* <code>userPattern</code> property.</li>
@@ -337,6 +342,16 @@
*/
protected boolean roleSubtree = false;
+ /**
+ * An alternate URL, to which, we should connect if connectionURL fails.
+ */
+ protected String alternateURL;
+
+ /**
+ * The number of connection attempts. If greater than zero we use the
+ * alternate url.
+ */
+ protected int connectionAttempt = 0;
// ------------------------------------------------------------- Properties
@@ -716,6 +731,28 @@
}
+ /**
+ * Getter for property alternateURL.
+ *
+ * @return Value of property alternateURL.
+ */
+ public String getAlternateURL() {
+
+ return this.alternateURL;
+
+ }
+
+ /**
+ * Setter for property alternateURL.
+ *
+ * @param alternateURL New value of property alternateURL.
+ */
+ public void setAlternateURL(String alternateURL) {
+
+ this.alternateURL = alternateURL;
+
+ }
+
// ---------------------------------------------------------- Realm Methods
@@ -736,15 +773,41 @@
public Principal authenticate(String username, String credentials) {
DirContext context = null;
+ Principal principal = null;
try {
// Ensure that we have a directory context available
context = open();
-
- // Authenticate the specified username if possible
- Principal principal = authenticate(context,
- username, credentials);
+
+ // Occassionally the directory context will timeout. Try one more
+ // time before giving up.
+ try {
+
+ // Authenticate the specified username if possible
+ principal = authenticate(context, username, credentials);
+
+ } catch (CommunicationException e) {
+
+ // If not a "Socket closed." error then rethrow.
+ if (e.getMessage().indexOf("Socket closed") < 0)
+ throw(e);
+
+ // log the exception so we know it's there.
+ log(sm.getString("jndiRealm.exception"), e);
+
+ // close the connection so we know it will be reopened.
+ if (context != null)
+ close(context);
+
+ // open a new directory context.
+ context = open();
+
+ // Try the authentication again.
+ principal = authenticate(context, username, credentials);
+
+ }
+
// Release this context
release(context);
@@ -1358,17 +1421,54 @@
if (context != null)
return (context);
- // Establish a connection and retrieve the initial context
- if (debug >= 1)
- log("Connecting to URL " + connectionURL);
+ try {
+
+ // Ensure that we have a directory context available
+ context = new InitialDirContext(getDirectoryContextEnvironment());
+
+ } catch (NamingException e) {
+
+ connectionAttempt = 1;
+
+ // log the first exception.
+ log(sm.getString("jndiRealm.exception"), e);
+
+ // Try connecting to the alternate url.
+ context = new InitialDirContext(getDirectoryContextEnvironment());
+
+ // reset it in case the connection times out.
+ // the primary may come back.
+ connectionAttempt = 0;
+
+ }
+
+ return (context);
+
+ }
+
+ /**
+ * Create our directory context configuration.
+ *
+ * @return java.util.Hashtable the configuration for the directory context.
+ */
+ protected Hashtable getDirectoryContextEnvironment() {
+
Hashtable env = new Hashtable();
+
+ // Configure our directory context environment.
+ if (debug >= 1 && connectionAttempt == 0)
+ log("Connecting to URL " + connectionURL);
+ else if (debug >= 1 && connectionAttempt > 0)
+ log("Connecting to URL " + alternateURL);
env.put(Context.INITIAL_CONTEXT_FACTORY, contextFactory);
if (connectionName != null)
env.put(Context.SECURITY_PRINCIPAL, connectionName);
if (connectionPassword != null)
env.put(Context.SECURITY_CREDENTIALS, connectionPassword);
- if (connectionURL != null)
+ if (connectionURL != null && connectionAttempt == 0)
env.put(Context.PROVIDER_URL, connectionURL);
+ else if (alternateURL != null && connectionAttempt > 0)
+ env.put(Context.PROVIDER_URL, alternateURL);
if (authentication != null)
env.put(Context.SECURITY_AUTHENTICATION, authentication);
if (protocol != null)
@@ -1376,9 +1476,8 @@
if (referrals != null)
env.put(Context.REFERRAL, referrals);
- context = new InitialDirContext(env);
- return (context);
-
+ return env;
+
}
@@ -1433,7 +1532,7 @@
close(this.context);
}
-
+
}
1.10 +5 -0 jakarta-tomcat-4.0/webapps/tomcat-docs/realm-howto.xml
Index: realm-howto.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/tomcat-docs/realm-howto.xml,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- realm-howto.xml 10 Jan 2003 01:31:09 -0000 1.9
+++ realm-howto.xml 11 Jan 2003 01:47:13 -0000 1.10
@@ -535,6 +535,11 @@
to, and optionally the port number and distinguished name (DN) of the
required root naming context.</p>
+<p>If you have more than one provider you can configure an
+<strong>alternateURL</strong>. If a socket connection can not be
+made to the provider at the <strong>connectionURL</strong> an
+attempt will be made to use the <strong>alternateURL</strong>.</p>
+
<p>When making a connection in order to search the directory and
retrieve user and role information, the realm authenticates itself to
the directory with the username and password specified by the
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
