[tomcat] branch 8.5.x updated (bb8649c -> 389180e)

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[tomcat] branch 8.5.x updated (bb8649c -> 389180e)

Mark Thomas-2
This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


    from bb8649c  Harmonize again writes, thanks to Mark for the review.
     new 9ca49b5  Alternative wording
     new 7bbc64e  Force Locale for to[Upper|Lower]Case()
     new 389180e  Remove leading spaces from debug messages

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../catalina/authenticator/AuthenticatorBase.java  | 25 +++++------
 webapps/docs/config/valve.xml                      | 48 +++++++++++-----------
 2 files changed, 37 insertions(+), 36 deletions(-)


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[tomcat] 01/03: Alternative wording

Mark Thomas-2
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 9ca49b51b49f93529b4cbed73c91429a7991709d
Author: Mark Thomas <[hidden email]>
AuthorDate: Mon Dec 2 20:28:31 2019 +0000

    Alternative wording
---
 webapps/docs/config/valve.xml | 48 +++++++++++++++++++++----------------------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/webapps/docs/config/valve.xml b/webapps/docs/config/valve.xml
index 0ceca00..c376c9a 100644
--- a/webapps/docs/config/valve.xml
+++ b/webapps/docs/config/valve.xml
@@ -1208,12 +1208,12 @@
         <code>always</code>. <code>never</code> means that a request will never
         bypass authentication even if it appears to be a CORS preflight request.
         <code>filter</code> means that a request will bypass authentication if
-        it appears to be a CORS preflight request and the web application the
-        request maps to has the <a href="filter.html#CORS_Filter">CORS
-        Filter</a> enabled and mapped to <code>/*</code>. <code>always</code>
-        means that all requests that appear to be CORS preflight requests will
-        bypass authentication. If not set, the default value is
-        <code>never</code>.</p>
+        it appears to be a CORS preflight request; it is mapped to a web
+        application that has the <a href="filter.html#CORS_Filter">CORS
+        Filter</a> enabled; and the CORS Filter is mapped to <code>/*</code>.
+        <code>always</code> means that all requests that appear to be CORS
+        preflight requests will bypass authentication. If not set, the default
+        value is <code>never</code>.</p>
       </attribute>
 
       <attribute name="alwaysUseSession" required="false">
@@ -1366,12 +1366,12 @@
         <code>always</code>. <code>never</code> means that a request will never
         bypass authentication even if it appears to be a CORS preflight request.
         <code>filter</code> means that a request will bypass authentication if
-        it appears to be a CORS preflight request and the web application the
-        request maps to has the <a href="filter.html#CORS_Filter">CORS
-        Filter</a> enabled and mapped to <code>/*</code>. <code>always</code>
-        means that all requests that appear to be CORS preflight requests will
-        bypass authentication. If not set, the default value is
-        <code>never</code>.</p>
+        it appears to be a CORS preflight request; it is mapped to a web
+        application that has the <a href="filter.html#CORS_Filter">CORS
+        Filter</a> enabled; and the CORS Filter is mapped to <code>/*</code>.
+        <code>always</code> means that all requests that appear to be CORS
+        preflight requests will bypass authentication. If not set, the default
+        value is <code>never</code>.</p>
       </attribute>
 
       <attribute name="alwaysUseSession" required="false">
@@ -1548,12 +1548,12 @@
         <code>always</code>. <code>never</code> means that a request will never
         bypass authentication even if it appears to be a CORS preflight request.
         <code>filter</code> means that a request will bypass authentication if
-        it appears to be a CORS preflight request and the web application the
-        request maps to has the <a href="filter.html#CORS_Filter">CORS
-        Filter</a> enabled and mapped to <code>/*</code>. <code>always</code>
-        means that all requests that appear to be CORS preflight requests will
-        bypass authentication. If not set, the default value is
-        <code>never</code>.</p>
+        it appears to be a CORS preflight request; it is mapped to a web
+        application that has the <a href="filter.html#CORS_Filter">CORS
+        Filter</a> enabled; and the CORS Filter is mapped to <code>/*</code>.
+        <code>always</code> means that all requests that appear to be CORS
+        preflight requests will bypass authentication. If not set, the default
+        value is <code>never</code>.</p>
       </attribute>
 
       <attribute name="changeSessionIdOnAuthentication" required="false">
@@ -1689,12 +1689,12 @@
         <code>always</code>. <code>never</code> means that a request will never
         bypass authentication even if it appears to be a CORS preflight request.
         <code>filter</code> means that a request will bypass authentication if
-        it appears to be a CORS preflight request and the web application the
-        request maps to has the <a href="filter.html#CORS_Filter">CORS
-        Filter</a> enabled and mapped to <code>/*</code>. <code>always</code>
-        means that all requests that appear to be CORS preflight requests will
-        bypass authentication. If not set, the default value is
-        <code>never</code>.</p>
+        it appears to be a CORS preflight request; it is mapped to a web
+        application that has the <a href="filter.html#CORS_Filter">CORS
+        Filter</a> enabled; and the CORS Filter is mapped to <code>/*</code>.
+        <code>always</code> means that all requests that appear to be CORS
+        preflight requests will bypass authentication. If not set, the default
+        value is <code>never</code>.</p>
       </attribute>
 
       <attribute name="cache" required="false">


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[tomcat] 02/03: Force Locale for to[Upper|Lower]Case()

Mark Thomas-2
In reply to this post by Mark Thomas-2
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 7bbc64ea394a4180f199a0e14158951065fc9e50
Author: Mark Thomas <[hidden email]>
AuthorDate: Mon Dec 2 20:29:19 2019 +0000

    Force Locale for to[Upper|Lower]Case()
---
 java/org/apache/catalina/authenticator/AuthenticatorBase.java | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/catalina/authenticator/AuthenticatorBase.java b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
index ee713d5..e438738 100644
--- a/java/org/apache/catalina/authenticator/AuthenticatorBase.java
+++ b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
@@ -19,6 +19,7 @@ package org.apache.catalina.authenticator;
 import java.io.IOException;
 import java.security.Principal;
 import java.security.cert.X509Certificate;
+import java.util.Locale;
 import java.util.Map;
 import java.util.Set;
 
@@ -253,11 +254,11 @@ public abstract class AuthenticatorBase extends ValveBase
     // ------------------------------------------------------------- Properties
 
     public String getAllowCorsPreflight() {
-        return allowCorsPreflight.name().toLowerCase();
+        return allowCorsPreflight.name().toLowerCase(Locale.ENGLISH);
     }
 
     public void setAllowCorsPreflight(String allowCorsPreflight) {
-        this.allowCorsPreflight = AllowCorsPreflight.valueOf(allowCorsPreflight.trim().toUpperCase());
+        this.allowCorsPreflight = AllowCorsPreflight.valueOf(allowCorsPreflight.trim().toUpperCase(Locale.ENGLISH));
     }
 
     public boolean getAlwaysUseSession() {


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[tomcat] 03/03: Remove leading spaces from debug messages

Mark Thomas-2
In reply to this post by Mark Thomas-2
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 389180e6f945c7eef0fbce28f20ce7e1fb2d6d67
Author: Mark Thomas <[hidden email]>
AuthorDate: Mon Dec 2 20:30:33 2019 +0000

    Remove leading spaces from debug messages
---
 .../catalina/authenticator/AuthenticatorBase.java    | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/java/org/apache/catalina/authenticator/AuthenticatorBase.java b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
index e438738..2b5a502 100644
--- a/java/org/apache/catalina/authenticator/AuthenticatorBase.java
+++ b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
@@ -539,7 +539,7 @@ public abstract class AuthenticatorBase extends ValveBase
 
         if (constraints == null && !context.getPreemptiveAuthentication() && !authRequired) {
             if (log.isDebugEnabled()) {
-                log.debug(" Not subject to any constraint");
+                log.debug("Not subject to any constraint");
             }
             getNext().invoke(request, response);
             return;
@@ -562,11 +562,11 @@ public abstract class AuthenticatorBase extends ValveBase
         if (constraints != null) {
             // Enforce any user data constraint for this security constraint
             if (log.isDebugEnabled()) {
-                log.debug(" Calling hasUserDataPermission()");
+                log.debug("Calling hasUserDataPermission()");
             }
             if (!realm.hasUserDataPermission(request, response, constraints)) {
                 if (log.isDebugEnabled()) {
-                    log.debug(" Failed hasUserDataPermission() test");
+                    log.debug("Failed hasUserDataPermission() test");
                 }
                 /*
                  * ASSERT: Authenticator already set the appropriate HTTP status
@@ -613,7 +613,7 @@ public abstract class AuthenticatorBase extends ValveBase
 
         if ((authRequired || constraints != null) && allowCorsPreflightBypass(request)) {
             if (log.isDebugEnabled()) {
-                log.debug(" CORS Preflight request bypassing authentication");
+                log.debug("CORS Preflight request bypassing authentication");
             }
             getNext().invoke(request, response);
             return;
@@ -621,7 +621,7 @@ public abstract class AuthenticatorBase extends ValveBase
 
         if (authRequired) {
             if (log.isDebugEnabled()) {
-                log.debug(" Calling authenticate()");
+                log.debug("Calling authenticate()");
             }
 
             if (jaspicProvider != null) {
@@ -635,7 +635,7 @@ public abstract class AuthenticatorBase extends ValveBase
                     jaspicProvider != null &&
                             !authenticateJaspic(request, response, jaspicState, false)) {
                 if (log.isDebugEnabled()) {
-                    log.debug(" Failed authenticate() test");
+                    log.debug("Failed authenticate() test");
                 }
                 /*
                  * ASSERT: Authenticator already set the appropriate HTTP status
@@ -648,11 +648,11 @@ public abstract class AuthenticatorBase extends ValveBase
 
         if (constraints != null) {
             if (log.isDebugEnabled()) {
-                log.debug(" Calling accessControl()");
+                log.debug("Calling accessControl()");
             }
             if (!realm.hasResourcePermission(request, response, constraints, this.context)) {
                 if (log.isDebugEnabled()) {
-                    log.debug(" Failed accessControl() test");
+                    log.debug("Failed accessControl() test");
                 }
                 /*
                  * ASSERT: AccessControl method has already set the appropriate
@@ -664,7 +664,7 @@ public abstract class AuthenticatorBase extends ValveBase
 
         // Any and all specified constraints have been satisfied
         if (log.isDebugEnabled()) {
-            log.debug(" Successfully passed all security constraints");
+            log.debug("Successfully passed all security constraints");
         }
         getNext().invoke(request, response);
 
@@ -1070,7 +1070,7 @@ public abstract class AuthenticatorBase extends ValveBase
             associate(ssoId, request.getSessionInternal(true));
 
             if (log.isDebugEnabled()) {
-                log.debug(" Reauthenticated cached principal '" +
+                log.debug("Reauthenticated cached principal '" +
                         request.getUserPrincipal().getName() +
                         "' with auth type '" + request.getAuthType() + "'");
             }


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]