Skip to content

Commit

Permalink
Extracted login and non-login actions
Browse files Browse the repository at this point in the history 
Patch by fjodorver

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1689071 13f79535-47bb-0310-9956-ffa450edef68
  • Loading branch information
@markt-asf
markt-asf committed Jul 3, 2015
1 parent 711d8e3 commit 39c11b9
Showing 1 changed file with 47 additions and 22 deletions.
69 changes: 47 additions & 22 deletions java/org/apache/catalina/authenticator/jaspic/provider/modules/FormAuthModule.java
View file
Expand Up @@ -182,27 +182,54 @@ private AuthStatus validate(MessageInfo messageInfo, Subject clientSubject) thro
boolean loginAction = requestURI.startsWith(contextPath)
&& requestURI.endsWith(Constants.FORM_ACTION);

// No -- Save this request and redirect to the form login page
if (!loginAction) {
session = request.getSessionInternal(true);
if (log.isDebugEnabled()) {
log.debug("Save request in session '" + session.getIdInternal() + "'");
}
try {
saveRequest(request, session);
} catch (IOException ioe) {
log.debug("Request body too big to save during authentication");
response.sendError(HttpServletResponse.SC_FORBIDDEN,
sm.getString("authenticator.requestBodyTooBig"));
return AuthStatus.FAILURE;
}
forwardToLoginPage(request, response);
return AuthStatus.SEND_CONTINUE;
return handleNoLoginAction(request, response);
}

// Yes -- Acknowledge the request, validate the specified
// credentials
// and redirect to the error page if they are not correct
return handleLoginAction(request, response);
}


/**
* Save this request and redirect to the form login page
*
* @param request
* @param response
* @return
* @throws IOException
*/
private AuthStatus handleNoLoginAction(Request request, HttpServletResponse response)
throws IOException {
Session session = request.getSessionInternal(true);
if (log.isDebugEnabled()) {
log.debug("Save request in session '" + session.getIdInternal() + "'");
}
try {
saveRequest(request, session);
} catch (IOException ioe) {
log.debug("Request body too big to save during authentication");
response.sendError(HttpServletResponse.SC_FORBIDDEN,
sm.getString("authenticator.requestBodyTooBig"));
return AuthStatus.FAILURE;
}

forwardToLoginPage(request, response);
return AuthStatus.SEND_CONTINUE;
}


/**
* Acknowledge the request, validate the specified and redirect to the error
* page if they are not correct
*
* @param request
* @param response
* @return
* @throws IOException
*/
private AuthStatus handleLoginAction(Request request, HttpServletResponse response)
throws IOException {

request.getResponse().sendAcknowledgement();

// TODO fix character encoding
Expand All @@ -215,7 +242,7 @@ private AuthStatus validate(MessageInfo messageInfo, Subject clientSubject) thro
if (log.isDebugEnabled()) {
log.debug("Authenticating username '" + username + "'");
}
principal = realm.authenticate(username, password);
Principal principal = realm.authenticate(username, password);
if (principal == null) {
forwardToErrorPage(request, response);
return AuthStatus.FAILURE;
Expand All @@ -225,9 +252,7 @@ private AuthStatus validate(MessageInfo messageInfo, Subject clientSubject) thro
log.debug("Authentication of '" + username + "' was successful");
}

if (session == null) {
session = request.getSessionInternal(false);
}
Session session = request.getSessionInternal(false);
if (session == null) {
handleSessionExpired(request, response);
return AuthStatus.FAILURE;
Expand Down

0 comments on commit 39c11b9

Please sign in to comment.