From 3950eb0ab217c729df96f8759ca0369898800792 Mon Sep 17 00:00:00 2001 From: markt Date: Tue, 18 May 2010 19:42:06 +0000 Subject: [PATCH] Make list of user roles immutable Modify a copy in getRoles() git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@945841 13f79535-47bb-0310-9956-ffa450edef68 --- java/org/apache/catalina/realm/JNDIRealm.java | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/java/org/apache/catalina/realm/JNDIRealm.java b/java/org/apache/catalina/realm/JNDIRealm.java index d7f26a3fa..693f576b8 100644 --- a/java/org/apache/catalina/realm/JNDIRealm.java +++ b/java/org/apache/catalina/realm/JNDIRealm.java @@ -24,6 +24,7 @@ import java.security.Principal; import java.text.MessageFormat; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collections; import java.util.HashMap; import java.util.Hashtable; import java.util.Iterator; @@ -1618,9 +1619,10 @@ public class JNDIRealm extends RealmBase { containerLog.trace(" getRoles(" + dn + ")"); // Start with roles retrieved from the user entry - List list = user.getRoles(); - if (list == null) { - list = new ArrayList(); + List list = new ArrayList(); + List userRoles = user.getRoles(); + if (userRoles != null) { + list.addAll(userRoles); } if (commonRole != null) list.add(commonRole); @@ -2228,15 +2230,17 @@ public class JNDIRealm extends RealmBase { final private String username; final private String dn; final private String password; - final private List roles = new ArrayList(); + final private List roles; public User(String username, String dn, String password, List roles) { this.username = username; this.dn = dn; this.password = password; - if (roles != null) { - this.roles.addAll(roles); + if (roles == null) { + this.roles = Collections.emptyList(); + } else { + this.roles = Collections.unmodifiableList(roles); } } -- 2.11.0