Sophie

Sophie

distrib > Mandriva > 2009.0 > x86_64 > media > main-testing-src > by-pkgid > a56b3c5ef69954a16626b9ce81d99069 > files > 23

tomcat5-5.5.27-0.3.0.2mdv2009.0.src.rpm

diff -Naur tomcat5-5.5.27/apache-tomcat-5.5.27-src/container/catalina/src/share/org/apache/catalina/realm/DataSourceRealm.java tomcat5-5.5.27.oden/apache-tomcat-5.5.27-src/container/catalina/src/share/org/apache/catalina/realm/DataSourceRealm.java
--- tomcat5-5.5.27/apache-tomcat-5.5.27-src/container/catalina/src/share/org/apache/catalina/realm/DataSourceRealm.java	2008-08-29 05:13:55.000000000 +0200
+++ tomcat5-5.5.27.oden/apache-tomcat-5.5.27-src/container/catalina/src/share/org/apache/catalina/realm/DataSourceRealm.java	2009-06-18 19:24:25.000000000 +0200
@@ -270,8 +270,9 @@
      */
     public Principal authenticate(String username, String credentials) {
     	
-    	// No user - can't possibly authenticate, don't bother the database then
-    	if (username == null) {
+    	// No user or no credentials
+        // Can't possibly authenticate, don't bother the database then
+    	if (username == null || credentials == null) {
     		return null;
     	}
         
diff -Naur tomcat5-5.5.27/apache-tomcat-5.5.27-src/container/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java tomcat5-5.5.27.oden/apache-tomcat-5.5.27-src/container/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java
--- tomcat5-5.5.27/apache-tomcat-5.5.27-src/container/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java	2008-08-29 05:13:55.000000000 +0200
+++ tomcat5-5.5.27.oden/apache-tomcat-5.5.27-src/container/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java	2009-06-18 19:24:25.000000000 +0200
@@ -393,9 +393,10 @@
                                                String username,
                                                String credentials) {
 
-        // No user - can't possibly authenticate
-        if (username == null) {
-            return (null);
+        // No user or no credentials
+        // Can't possibly authenticate, don't bother the database then
+        if (username == null || credentials == null) {
+            return null;
         }
 
         // Look up the user's credentials
diff -Naur tomcat5-5.5.27/apache-tomcat-5.5.27-src/container/catalina/src/share/org/apache/catalina/realm/MemoryRealm.java tomcat5-5.5.27.oden/apache-tomcat-5.5.27-src/container/catalina/src/share/org/apache/catalina/realm/MemoryRealm.java
--- tomcat5-5.5.27/apache-tomcat-5.5.27-src/container/catalina/src/share/org/apache/catalina/realm/MemoryRealm.java	2008-08-29 05:13:55.000000000 +0200
+++ tomcat5-5.5.27.oden/apache-tomcat-5.5.27-src/container/catalina/src/share/org/apache/catalina/realm/MemoryRealm.java	2009-06-18 19:24:25.000000000 +0200
@@ -147,7 +147,7 @@
             (GenericPrincipal) principals.get(username);
 
         boolean validated = false;
-        if (principal != null) {
+        if (principal != null && credentials != null) {
             if (hasMessageDigest()) {
                 // Hex hashes should be compared case-insensitive
                 validated = (digest(credentials)

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional