JBossWeb SVN: r2076 - in trunk: webapps/docs and 1 other directory. - jbossweb-commits

Friday, 31 August 2012

Author: remy.maucherat(a)jboss.com
Date: 2012-08-31 10:54:47 -0400 (Fri, 31 Aug 2012)
New Revision: 2076

Modified:
   trunk/src/main/java/org/apache/catalina/realm/RealmBase.java
   trunk/webapps/docs/changelog.xml
Log:
Port patch for security constraints matching (53801). Risky, so no backport plans.

Modified: trunk/src/main/java/org/apache/catalina/realm/RealmBase.java
===================================================================

--- trunk/src/main/java/org/apache/catalina/realm/RealmBase.java	2012-08-30 17:19:13 UTC
(rev 2075)
+++ trunk/src/main/java/org/apache/catalina/realm/RealmBase.java	2012-08-31 14:54:47 UTC
(rev 2076)
@@ -566,14 +566,15 @@
                     }
                 }
                 if(matched) {
-                    found = true;
                     if(length > longest) {
+                        found = false;
                         if(results != null) {
                             results.clear();
                         }
                         longest = length;
                     }
                     if(collection[j].findMethod(method)) {
+                        found = true;
                         if(results == null) {
                             results = new ArrayList();
                         }
@@ -699,7 +700,7 @@
      * Convert an ArrayList to a SecurityContraint [].
      */
     private SecurityConstraint [] resultsToArray(ArrayList results) {
-        if(results == null) {
+        if(results == null || results.size() == 0) {
             return null;
         }
         SecurityConstraint [] array = new SecurityConstraint[results.size()];

Modified: trunk/webapps/docs/changelog.xml
===================================================================
--- trunk/webapps/docs/changelog.xml	2012-08-30 17:19:13 UTC (rev 2075)
+++ trunk/webapps/docs/changelog.xml	2012-08-31 14:54:47 UTC (rev 2076)
@@ -36,6 +36,9 @@
          <jboss-jira>AS7-4232</jboss-jira>: Modify async error processing
based on a stricter spec 
          interpretation. (remm)
       </fix>
+      <fix>
+         <bug>53801</bug>: Fix some edge case with overlapping security
constraints. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

JBossWeb SVN: r2076 - in trunk: webapps/docs and 1 other directory.