From eb8cb22d5f2eb3f5fbdd94866afca0dea2c8aed2 Mon Sep 17 00:00:00 2001
From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Wed, 16 Dec 2009 11:05:09 +0000
Subject: [PATCH] Fix bug 47841: CombinedRealm fails to switch to other realm
 https://issues.apache.org/bugzilla/show_bug.cgi?id=47841 Handle failure of
 sub-realm during combined realm start

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@891187 13f79535-47bb-0310-9956-ffa450edef68
---
 java/org/apache/catalina/realm/CombinedRealm.java      | 15 +++++++++++++--
 java/org/apache/catalina/realm/LocalStrings.properties |  1 +
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/catalina/realm/CombinedRealm.java b/java/org/apache/catalina/realm/CombinedRealm.java
index 9b5065b21..65ec2af41 100644
--- a/java/org/apache/catalina/realm/CombinedRealm.java
+++ b/java/org/apache/catalina/realm/CombinedRealm.java
@@ -20,6 +20,7 @@ package org.apache.catalina.realm;
 import java.security.Principal;
 
 import java.security.cert.X509Certificate;
+import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
 
@@ -227,9 +228,19 @@ public class CombinedRealm extends RealmBase {
     @Override
     public void start() throws LifecycleException {
         // Start 'sub-realms' then this one
-        for (Realm realm : realms) {
+    	Iterator<Realm> iter = realms.iterator();
+    	
+        while (iter.hasNext()) {
+        	Realm realm = iter.next();
             if (realm instanceof Lifecycle) {
-                ((Lifecycle) realm).start();
+            	try {
+            		((Lifecycle) realm).start();
+            	} catch (LifecycleException e) {
+            		// If realm doesn't start can't authenticate against it
+            		iter.remove();
+            		log.error(sm.getString("combinedRealm.realmStartFail",
+            				realm.getInfo()), e);
+            	}
             }
         }
         super.start();
diff --git a/java/org/apache/catalina/realm/LocalStrings.properties b/java/org/apache/catalina/realm/LocalStrings.properties
index 7276ab404..b2a6c4553 100644
--- a/java/org/apache/catalina/realm/LocalStrings.properties
+++ b/java/org/apache/catalina/realm/LocalStrings.properties
@@ -95,5 +95,6 @@ combinedRealm.authStart=Attempting to authenticate user "{0}" with realm "{1}"
 combinedRealm.authFailed=Failed to authenticate user "{0}" with realm "{1}"
 combinedRealm.authSucess=Authenticated user "{0}" with realm "{1}"
 combinedRealm.addRealm=Add "{0}" realm, making a total of "{1}" realms
+combinedRealm.realmStartFail=Failed to start "{0}" realm
 lockOutRealm.authLockedUser=An attempt was made to authenticate the locked user "{0}"
 lockOutRealm.removeWarning=User "{0}" was removed from the failed users cache after {1} seconds to keep the cache size within the limit set
-- 
2.11.0