From 7d13988cb2aafc89fbff1f42beb0538c0fc7e7b0 Mon Sep 17 00:00:00 2001 From: markt Date: Thu, 30 Jun 2011 15:41:27 +0000 Subject: [PATCH] Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51453 Fix a regression in the preemptive authentication support (enhancement 12428) that could trigger authentication even if preemptive authentication was disabled. git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1141578 13f79535-47bb-0310-9956-ffa450edef68 --- java/org/apache/catalina/authenticator/AuthenticatorBase.java | 4 ++-- webapps/docs/changelog.xml | 5 +++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/java/org/apache/catalina/authenticator/AuthenticatorBase.java b/java/org/apache/catalina/authenticator/AuthenticatorBase.java index fa99f81e1..d84ae45dd 100644 --- a/java/org/apache/catalina/authenticator/AuthenticatorBase.java +++ b/java/org/apache/catalina/authenticator/AuthenticatorBase.java @@ -516,13 +516,13 @@ public abstract class AuthenticatorBase extends ValveBase } } - if (!authRequired) { + if (!authRequired && context.getPreemptiveAuthentication()) { authRequired = request.getCoyoteRequest().getMimeHeaders().getValue( "authorization") != null; } - if (!authRequired) { + if (!authRequired && context.getPreemptiveAuthentication()) { X509Certificate[] certs = (X509Certificate[]) request.getAttribute( Globals.CERTIFICATES_ATTR); authRequired = certs != null && certs.length > 0; diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 0a18d55c9..7ad533db2 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -181,6 +181,11 @@ implement SingleThreadModel. Based on a patch by Felix Schumacher. (markt) + + 51453: Fix a regression in the preemptive authentication + support (enhancement 12428) that could trigger authentication + even if preemptive authentication was disabled. (markt) + -- 2.11.0