Author: remy.maucherat(a)jboss.com Date: 2012-08-24 09:44:02 -0400 (Fri, 24 Aug 2012) New Revision: 2067 Modified: trunk/src/main/java/org/apache/catalina/authenticator/AuthenticatorBase.java trunk/src/main/java/org/apache/catalina/authenticator/DigestAuthenticator.java trunk/src/main/java/org/apache/catalina/authenticator/FormAuthenticator.java trunk/src/main/java/org/apache/catalina/authenticator/SSLAuthenticator.java trunk/src/main/java/org/apache/catalina/realm/RealmBase.java trunk/src/main/java/org/apache/catalina/valves/CrawlerSessionManagerValve.java trunk/src/main/java/org/apache/catalina/valves/SSLValve.java trunk/src/main/java/org/apache/catalina/valves/ValveBase.java trunk/src/main/java/org/jboss/web/CatalinaLogger.java trunk/src/main/java/org/jboss/web/CatalinaMessages.java Log: Start the main catalina.* packages. Modified: trunk/src/main/java/org/apache/catalina/authenticator/AuthenticatorBase.java =================================================================== --- trunk/src/main/java/org/apache/catalina/authenticator/AuthenticatorBase.java 2012-08-23 11:42:33 UTC (rev 2066) +++ trunk/src/main/java/org/apache/catalina/authenticator/AuthenticatorBase.java 2012-08-24 13:44:02 UTC (rev 2067) @@ -19,6 +19,8 @@ package org.apache.catalina.authenticator; +import static org.jboss.web.CatalinaMessages.MESSAGES; + import java.io.IOException; import java.security.Principal; import java.text.SimpleDateFormat; @@ -145,13 +147,6 @@ /** - * The string manager for this package. - */ - protected static final StringManager sm = - StringManager.getManager(Constants.Package); - - - /** * The SingleSignOn implementation in our request processing chain, * if there is one. */ @@ -226,8 +221,7 @@ public void setContainer(Container container) { if (!(container instanceof Context)) - throw new IllegalArgumentException - (sm.getString("authenticator.notContext")); + throw MESSAGES.authenticatorNeedsContext(); super.setContainer(container); this.context = (Context) container; @@ -774,8 +768,7 @@ // Validate and update our current component state if (started) - throw new LifecycleException - (sm.getString("authenticator.alreadyStarted")); + throw new LifecycleException(MESSAGES.authenticatorAlreadyStarted()); lifecycle.fireLifecycleEvent(START_EVENT, null); started = true; @@ -819,8 +812,7 @@ // Validate and update our current component state if (!started) - throw new LifecycleException - (sm.getString("authenticator.notStarted")); + throw new LifecycleException(MESSAGES.authenticatorNotStarted()); lifecycle.fireLifecycleEvent(STOP_EVENT, null); started = false; Modified: trunk/src/main/java/org/apache/catalina/authenticator/DigestAuthenticator.java =================================================================== --- trunk/src/main/java/org/apache/catalina/authenticator/DigestAuthenticator.java 2012-08-23 11:42:33 UTC (rev 2066) +++ trunk/src/main/java/org/apache/catalina/authenticator/DigestAuthenticator.java 2012-08-24 13:44:02 UTC (rev 2067) @@ -40,6 +40,7 @@ import org.apache.catalina.deploy.LoginConfig; import org.apache.catalina.util.MD5Encoder; import org.jboss.logging.Logger; +import org.jboss.web.CatalinaLogger; @@ -483,8 +484,7 @@ currentTime - eldest.getValue().getTimestamp() < getNonceValidity()) { // Replay attack is possible - log.warn(sm.getString( - "digestAuthenticator.cacheRemove")); + CatalinaLogger.AUTH_LOGGER.digestCacheRemove(); lastLog = currentTime + LOG_SUPPRESS_TIME; } return true; Modified: trunk/src/main/java/org/apache/catalina/authenticator/FormAuthenticator.java =================================================================== --- trunk/src/main/java/org/apache/catalina/authenticator/FormAuthenticator.java 2012-08-23 11:42:33 UTC (rev 2066) +++ trunk/src/main/java/org/apache/catalina/authenticator/FormAuthenticator.java 2012-08-24 13:44:02 UTC (rev 2067) @@ -19,6 +19,8 @@ package org.apache.catalina.authenticator; +import static org.jboss.web.CatalinaMessages.MESSAGES; + import java.io.IOException; import java.io.InputStream; import java.security.Principal; @@ -258,8 +260,7 @@ saveRequest(request, session); } catch (IOException ioe) { log.debug("Request body too big to save during authentication"); - response.sendError(HttpServletResponse.SC_FORBIDDEN, - sm.getString("authenticator.requestBodyTooBig")); + response.sendError(HttpServletResponse.SC_FORBIDDEN, MESSAGES.requestBodyTooLarge()); return (false); } forwardToLoginPage(request, response, config); @@ -294,7 +295,7 @@ ("User took so long to log on the session expired"); if (landingPage == null) { response.sendError(HttpServletResponse.SC_REQUEST_TIMEOUT, - sm.getString("authenticator.sessionExpired")); + MESSAGES.sessionTimeoutDuringAuthentication()); } else { // Make the authenticator think the user originally requested // the landing page @@ -323,7 +324,7 @@ if (requestURI == null) if (landingPage == null) { response.sendError(HttpServletResponse.SC_BAD_REQUEST, - sm.getString("authenticator.formlogin")); + MESSAGES.invalidFormLoginDirectReference()); } else { // Make the authenticator think the user originally requested // the landing page @@ -361,7 +362,7 @@ try { disp.forward(request.getRequest(), response); } catch (Throwable t) { - String msg = sm.getString("formAuthenticator.forwardLoginFail"); + String msg = MESSAGES.errorForwardingToFormLogin(); log.warn(msg, t); request.setAttribute(RequestDispatcher.ERROR_EXCEPTION, t); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, @@ -388,7 +389,7 @@ try { disp.forward(request.getRequest(), response); } catch (Throwable t) { - String msg = sm.getString("formAuthenticator.forwardErrorFail"); + String msg = MESSAGES.errorForwardingToFormError(); log.warn(msg, t); request.setAttribute(RequestDispatcher.ERROR_EXCEPTION, t); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, Modified: trunk/src/main/java/org/apache/catalina/authenticator/SSLAuthenticator.java =================================================================== --- trunk/src/main/java/org/apache/catalina/authenticator/SSLAuthenticator.java 2012-08-23 11:42:33 UTC (rev 2066) +++ trunk/src/main/java/org/apache/catalina/authenticator/SSLAuthenticator.java 2012-08-24 13:44:02 UTC (rev 2067) @@ -19,6 +19,8 @@ package org.apache.catalina.authenticator; +import static org.jboss.web.CatalinaMessages.MESSAGES; + import java.io.IOException; import java.security.Principal; import java.security.cert.X509Certificate; @@ -127,7 +129,7 @@ if (getContainer().getLogger().isDebugEnabled()) getContainer().getLogger().debug(" No certificates included with this request"); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, - sm.getString("authenticator.certificates")); + MESSAGES.missingRequestCertificate()); return (false); } @@ -137,7 +139,7 @@ if (getContainer().getLogger().isDebugEnabled()) getContainer().getLogger().debug(" Realm.authenticate() returned false"); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, - sm.getString("authenticator.unauthorized")); + MESSAGES.certificateAuthenticationFailure()); return (false); } Modified: trunk/src/main/java/org/apache/catalina/realm/RealmBase.java =================================================================== --- trunk/src/main/java/org/apache/catalina/realm/RealmBase.java 2012-08-23 11:42:33 UTC (rev 2066) +++ trunk/src/main/java/org/apache/catalina/realm/RealmBase.java 2012-08-24 13:44:02 UTC (rev 2067) @@ -19,6 +19,8 @@ package org.apache.catalina.realm; +import static org.jboss.web.CatalinaMessages.MESSAGES; + import java.beans.PropertyChangeListener; import java.beans.PropertyChangeSupport; import java.io.IOException; @@ -38,7 +40,6 @@ import org.apache.catalina.Container; import org.apache.catalina.Context; import org.apache.catalina.Engine; -import org.apache.catalina.Globals; import org.apache.catalina.Host; import org.apache.catalina.Lifecycle; import org.apache.catalina.LifecycleException; @@ -55,9 +56,9 @@ import org.apache.catalina.util.HexUtils; import org.apache.catalina.util.LifecycleSupport; import org.apache.catalina.util.MD5Encoder; -import org.apache.catalina.util.StringManager; import org.apache.tomcat.util.modeler.Registry; import org.jboss.logging.Logger; +import org.jboss.web.CatalinaLogger; /** * Simple implementation of <b>Realm</b> that reads an XML file to configure @@ -71,8 +72,6 @@ public abstract class RealmBase implements Lifecycle, Realm, MBeanRegistration { - private static Logger log = Logger.getLogger(RealmBase.class); - // ----------------------------------------------------- Instance Variables @@ -134,13 +133,6 @@ /** - * The string manager for this package. - */ - protected static StringManager sm = - StringManager.getManager(Constants.Package); - - - /** * Has this component been started? */ protected boolean started = false; @@ -321,14 +313,12 @@ } if(! validated ) { if (containerLog.isTraceEnabled()) { - containerLog.trace(sm.getString("realmBase.authenticateFailure", - username)); + containerLog.trace(MESSAGES.userNotAuthenticated(username)); } return null; } if (containerLog.isTraceEnabled()) { - containerLog.trace(sm.getString("realmBase.authenticateSuccess", - username)); + containerLog.trace(MESSAGES.userAuthenticated(username)); } return getPrincipal(username); @@ -386,8 +376,7 @@ try { valueBytes = serverDigestValue.getBytes(getDigestEncoding()); } catch (UnsupportedEncodingException uee) { - log.error("Illegal digestEncoding: " + getDigestEncoding(), uee); - throw new IllegalArgumentException(uee.getMessage()); + throw MESSAGES.illegalDigestEncoding(getDigestEncoding(), uee); } } @@ -397,8 +386,8 @@ serverDigest = md5Encoder.encode(md5Helper.digest(valueBytes)); } - if (log.isDebugEnabled()) { - log.debug("Digest : " + clientDigest + " Username:" + username + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) { + CatalinaLogger.REALM_LOGGER.debug("Digest : " + clientDigest + " Username:" + username + " ClientSigest:" + clientDigest + " nOnce:" + nOnce + " nc:" + nc + " cnonce:" + cnonce + " qop:" + qop + " realm:" + realm + "md5a2:" + md5a2 @@ -426,18 +415,18 @@ return (null); // Check the validity of each certificate in the chain - if (log.isDebugEnabled()) - log.debug("Authenticating client certificate chain"); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug("Authenticating client certificate chain"); if (validate) { for (int i = 0; i < certs.length; i++) { - if (log.isDebugEnabled()) - log.debug(" Checking validity for '" + + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" Checking validity for '" + certs[i].getSubjectDN().getName() + "'"); try { certs[i].checkValidity(); } catch (Exception e) { - if (log.isDebugEnabled()) - log.debug(" Validity exception", e); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" Validity exception", e); return (null); } } @@ -472,8 +461,8 @@ // Are there any defined security constraints? SecurityConstraint constraints[] = context.findConstraints(); if ((constraints == null) || (constraints.length == 0)) { - if (log.isDebugEnabled()) - log.debug(" No applicable constraints defined"); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" No applicable constraints defined"); return (null); } @@ -492,8 +481,8 @@ continue; } - if (log.isDebugEnabled()) { - log.debug(" Checking constraint '" + constraints[i] + + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) { + CatalinaLogger.REALM_LOGGER.debug(" Checking constraint '" + constraints[i] + "' against " + method + " " + uri + " --> " + constraints[i].included(uri, method)); } @@ -539,8 +528,8 @@ continue; } - if (log.isDebugEnabled()) { - log.debug(" Checking constraint '" + constraints[i] + + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) { + CatalinaLogger.REALM_LOGGER.debug(" Checking constraint '" + constraints[i] + "' against " + method + " " + uri + " --> " + constraints[i].included(uri, method)); } @@ -608,8 +597,8 @@ continue; } - if (log.isDebugEnabled()) { - log.debug(" Checking constraint '" + constraints[i] + + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) { + CatalinaLogger.REALM_LOGGER.debug(" Checking constraint '" + constraints[i] + "' against " + method + " " + uri + " --> " + constraints[i].included(uri, method)); } @@ -668,8 +657,8 @@ continue; } - if (log.isDebugEnabled()) { - log.debug(" Checking constraint '" + constraints[i] + + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) { + CatalinaLogger.REALM_LOGGER.debug(" Checking constraint '" + constraints[i] + "' against " + method + " " + uri + " --> " + constraints[i].included(uri, method)); } @@ -701,8 +690,8 @@ if(results == null) { // No applicable security constraint was found - if (log.isDebugEnabled()) - log.debug(" No applicable constraint located"); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" No applicable constraint located"); } return resultsToArray(results); } @@ -749,19 +738,19 @@ String requestURI = request.getRequestPathMB().toString(); String loginPage = config.getLoginPage(); if (loginPage.equals(requestURI)) { - if (log.isDebugEnabled()) - log.debug(" Allow access to login page " + loginPage); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" Allow access to login page " + loginPage); return (true); } String errorPage = config.getErrorPage(); if (errorPage.equals(requestURI)) { - if (log.isDebugEnabled()) - log.debug(" Allow access to error page " + errorPage); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" Allow access to error page " + errorPage); return (true); } if (requestURI.endsWith(Constants.FORM_ACTION)) { - if (log.isDebugEnabled()) - log.debug(" Allow access to username/password submission"); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" Allow access to username/password submission"); return (true); } } @@ -784,41 +773,41 @@ if (roles == null) roles = new String[0]; - if (log.isDebugEnabled()) - log.debug(" Checking roles " + principal); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" Checking roles " + principal); if (roles.length == 0 && !constraint.getAllRoles()) { if(constraint.getAuthConstraint()) { - if( log.isDebugEnabled() ) - log.debug("No roles "); + if( CatalinaLogger.REALM_LOGGER.isDebugEnabled() ) + CatalinaLogger.REALM_LOGGER.debug("No roles "); status = false; // No listed roles means no access at all denyFromAll = true; break; } else { - if(log.isDebugEnabled()) - log.debug("Passing all access"); + if(CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug("Passing all access"); status = true; } } else if (principal == null) { - if (log.isDebugEnabled()) - log.debug(" No user authenticated, cannot grant access"); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" No user authenticated, cannot grant access"); } else { for (int j = 0; j < roles.length; j++) { if (hasRole(principal, roles[j])) { status = true; - if( log.isDebugEnabled() ) - log.debug( "Role found: " + roles[j]); + if( CatalinaLogger.REALM_LOGGER.isDebugEnabled() ) + CatalinaLogger.REALM_LOGGER.debug( "Role found: " + roles[j]); } else { - if( log.isDebugEnabled() ) - log.debug( "No role found: " + roles[j]); + if( CatalinaLogger.REALM_LOGGER.isDebugEnabled() ) + CatalinaLogger.REALM_LOGGER.debug( "No role found: " + roles[j]); } } } } if (!denyFromAll && allRolesMode != AllRolesMode.STRICT_MODE && !status && principal != null) { - if (log.isDebugEnabled()) { - log.debug("Checking for all roles mode: " + allRolesMode); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) { + CatalinaLogger.REALM_LOGGER.debug("Checking for all roles mode: " + allRolesMode); } // Check for an all roles(role-name="*") for (int i = 0; i < constraints.length; i++) { @@ -827,8 +816,8 @@ // If the all roles mode exists, sets if (constraint.getAllRoles()) { if (allRolesMode == AllRolesMode.AUTH_ONLY_MODE) { - if (log.isDebugEnabled()) { - log.debug("Granting access for role-name=*, auth-only"); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) { + CatalinaLogger.REALM_LOGGER.debug("Granting access for role-name=*, auth-only"); } status = true; break; @@ -837,8 +826,8 @@ // For AllRolesMode.STRICT_AUTH_ONLY_MODE there must be zero roles roles = request.getContext().findSecurityRoles(); if (roles.length == 0 && allRolesMode == AllRolesMode.STRICT_AUTH_ONLY_MODE) { - if (log.isDebugEnabled()) { - log.debug("Granting access for role-name=*, strict auth-only"); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) { + CatalinaLogger.REALM_LOGGER.debug("Granting access for role-name=*, strict auth-only"); } status = true; break; @@ -849,9 +838,7 @@ // Return a "Forbidden" message denying access to this resource if(!status) { - response.sendError - (HttpServletResponse.SC_FORBIDDEN, - sm.getString("realmBase.forbidden")); + response.sendError(HttpServletResponse.SC_FORBIDDEN, MESSAGES.forbiddenAccess()); } return status; @@ -878,16 +865,16 @@ GenericPrincipal gp = (GenericPrincipal) principal; if (!(gp.getRealm() == this)) { - if(log.isDebugEnabled()) - log.debug("Different realm " + this + " " + gp.getRealm());// return (false); + if(CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug("Different realm " + this + " " + gp.getRealm());// return (false); } boolean result = gp.hasRole(role); - if (log.isDebugEnabled()) { + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) { String name = principal.getName(); if (result) - log.debug(sm.getString("realmBase.hasRoleSuccess", name, role)); + CatalinaLogger.REALM_LOGGER.debug(MESSAGES.userHasRole(name, role)); else - log.debug(sm.getString("realmBase.hasRoleFailure", name, role)); + CatalinaLogger.REALM_LOGGER.debug(MESSAGES.userDoesNotHaveRole(name, role)); } return (result); @@ -913,29 +900,29 @@ // Is there a relevant user data constraint? if (constraints == null || constraints.length == 0) { - if (log.isDebugEnabled()) - log.debug(" No applicable security constraint defined"); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" No applicable security constraint defined"); return (true); } for(int i=0; i < constraints.length; i++) { SecurityConstraint constraint = constraints[i]; String userConstraint = constraint.getUserConstraint(); if (userConstraint == null) { - if (log.isDebugEnabled()) - log.debug(" No applicable user data constraint defined"); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" No applicable user data constraint defined"); return (true); } if (userConstraint.equals(Constants.NONE_TRANSPORT)) { - if (log.isDebugEnabled()) - log.debug(" User data constraint has no restrictions"); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" User data constraint has no restrictions"); return (true); } } // Validate the request against the user data constraint if (request.getRequest().isSecure()) { - if (log.isDebugEnabled()) - log.debug(" User data constraint already satisfied"); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" User data constraint already satisfied"); return (true); } // Initialize variables we need to determine the appropriate action @@ -943,8 +930,8 @@ // Is redirecting disabled? if (redirectPort <= 0) { - if (log.isDebugEnabled()) - log.debug(" SSL redirect is disabled"); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" SSL redirect is disabled"); response.sendError (HttpServletResponse.SC_FORBIDDEN, request.getRequestURI()); @@ -974,8 +961,8 @@ file.append('?'); file.append(queryString); } - if (log.isDebugEnabled()) - log.debug(" Redirecting to " + file.toString()); + if (CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug(" Redirecting to " + file.toString()); response.sendRedirect(file.toString()); return (false); @@ -1044,8 +1031,8 @@ // Validate and update our current component state if (started) { - if(log.isInfoEnabled()) - log.info(sm.getString("realmBase.alreadyStarted")); + if(CatalinaLogger.REALM_LOGGER.isInfoEnabled()) + CatalinaLogger.REALM_LOGGER.info(MESSAGES.realmAlreadyStarted()); return; } if( !initialized ) { @@ -1059,8 +1046,7 @@ try { md = MessageDigest.getInstance(digest); } catch (NoSuchAlgorithmException e) { - throw new LifecycleException - (sm.getString("realmBase.algorithm", digest), e); + throw new LifecycleException(MESSAGES.invalidMessageDigest(digest), e); } } @@ -1081,8 +1067,8 @@ // Validate and update our current component state if (!started) { - if(log.isInfoEnabled()) - log.info(sm.getString("realmBase.notStarted")); + if(CatalinaLogger.REALM_LOGGER.isInfoEnabled()) + CatalinaLogger.REALM_LOGGER.info(MESSAGES.realmNotStarted()); return; } lifecycle.fireLifecycleEvent(STOP_EVENT, null); @@ -1102,10 +1088,10 @@ if ( oname!=null ) { try { Registry.getRegistry(null, null).unregisterComponent(oname); - if(log.isDebugEnabled()) - log.debug( "unregistering realm " + oname ); - } catch( Exception ex ) { - log.error( "Can't unregister realm " + oname, ex); + if(CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug( "unregistering realm " + oname ); + } catch( Exception ex ) { + CatalinaLogger.REALM_LOGGER.failedRealmJmxUnregistration(oname, ex); } } } @@ -1141,15 +1127,14 @@ try { bytes = credentials.getBytes(getDigestEncoding()); } catch (UnsupportedEncodingException uee) { - log.error("Illegal digestEncoding: " + getDigestEncoding(), uee); - throw new IllegalArgumentException(uee.getMessage()); + throw MESSAGES.illegalDigestEncoding(getDigestEncoding(), uee); } } md.update(bytes); return (HexUtils.convert(md.digest())); } catch (Exception e) { - log.error(sm.getString("realmBase.digest"), e); + CatalinaLogger.REALM_LOGGER.errorDigestingCredentials(e); return (credentials); } } @@ -1168,8 +1153,7 @@ try { md5Helper = MessageDigest.getInstance("MD5"); } catch (NoSuchAlgorithmException e) { - log.error("Couldn't get MD5 digest: ", e); - throw new IllegalStateException(e.getMessage()); + throw MESSAGES.noMD5Digest(e); } } @@ -1188,8 +1172,7 @@ try { valueBytes = digestValue.getBytes(getDigestEncoding()); } catch (UnsupportedEncodingException uee) { - log.error("Illegal digestEncoding: " + getDigestEncoding(), uee); - throw new IllegalArgumentException(uee.getMessage()); + throw MESSAGES.illegalDigestEncoding(getDigestEncoding(), uee); } } @@ -1286,7 +1269,7 @@ // Digest the credentials and return as hexadecimal return (HexUtils.convert(md.digest())); } catch(Exception ex) { - log.error(ex); + CatalinaLogger.REALM_LOGGER.errorDigestingCredentials(ex); return credentials; } @@ -1405,12 +1388,12 @@ host + path); } if( mserver.isRegistered(parent )) { - if(log.isDebugEnabled()) - log.debug("Register with " + parent); + if(CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug("Register with " + parent); mserver.setAttribute(parent, new Attribute("realm", this)); } } catch (Exception e) { - log.error("Parent not available yet: " + parent); + CatalinaLogger.REALM_LOGGER.missingParentJmxRegistration(parent, e); } } @@ -1421,10 +1404,10 @@ oname=new ObjectName(cb.getDomain()+":type=Realm" + getRealmSuffix() + cb.getContainerSuffix()); Registry.getRegistry(null, null).registerComponent(this, oname, null ); - if(log.isDebugEnabled()) - log.debug("Register Realm "+oname); + if(CatalinaLogger.REALM_LOGGER.isDebugEnabled()) + CatalinaLogger.REALM_LOGGER.debug("Register Realm "+oname); } catch (Throwable e) { - log.error( "Can't register " + oname, e); + CatalinaLogger.REALM_LOGGER.failedRealmJmxRegistration(oname, e); } } } Modified: trunk/src/main/java/org/apache/catalina/valves/CrawlerSessionManagerValve.java =================================================================== --- trunk/src/main/java/org/apache/catalina/valves/CrawlerSessionManagerValve.java 2012-08-23 11:42:33 UTC (rev 2066) +++ trunk/src/main/java/org/apache/catalina/valves/CrawlerSessionManagerValve.java 2012-08-24 13:44:02 UTC (rev 2067) @@ -16,6 +16,8 @@ */ package org.apache.catalina.valves; +import static org.jboss.web.CatalinaMessages.MESSAGES; + import java.io.IOException; import java.util.Enumeration; import java.util.Map; @@ -135,8 +137,7 @@ // Validate and update our current component state if (started) - throw new LifecycleException(sm - .getString("accessLogValve.alreadyStarted")); + throw new LifecycleException(MESSAGES.valveAlreadyStarted()); lifecycle.fireLifecycleEvent(START_EVENT, null); started = true; @@ -148,8 +149,7 @@ // Validate and update our current component state if (!started) - throw new LifecycleException(sm - .getString("accessLogValve.notStarted")); + throw new LifecycleException(MESSAGES.valveNotStarted()); lifecycle.fireLifecycleEvent(STOP_EVENT, null); started = false; Modified: trunk/src/main/java/org/apache/catalina/valves/SSLValve.java =================================================================== --- trunk/src/main/java/org/apache/catalina/valves/SSLValve.java 2012-08-23 11:42:33 UTC (rev 2066) +++ trunk/src/main/java/org/apache/catalina/valves/SSLValve.java 2012-08-24 13:44:02 UTC (rev 2067) @@ -29,6 +29,7 @@ import org.apache.catalina.connector.Response; import org.apache.tomcat.util.buf.EncodingToCharset; import org.jboss.logging.Logger; +import org.jboss.web.CatalinaLogger; /** * When using mod_proxy_http, the client SSL information is not included in the @@ -105,9 +106,9 @@ jsseCerts = new X509Certificate[1]; jsseCerts[0] = cert; } catch (java.security.cert.CertificateException e) { - log.warn(sm.getString("sslValve.certError", strcerts), e); + CatalinaLogger.VALVES_LOGGER.certificateProcessingFailed(strcerts, e); } catch (NoSuchProviderException e) { - log.error(sm.getString("sslValve.invalidProvider", providerName), e); + CatalinaLogger.VALVES_LOGGER.missingSecurityProvider(providerName, e); } request.setAttribute(Globals.CERTIFICATES_ATTR, jsseCerts); } Modified: trunk/src/main/java/org/apache/catalina/valves/ValveBase.java =================================================================== --- trunk/src/main/java/org/apache/catalina/valves/ValveBase.java 2012-08-23 11:42:33 UTC (rev 2066) +++ trunk/src/main/java/org/apache/catalina/valves/ValveBase.java 2012-08-24 13:44:02 UTC (rev 2067) @@ -80,13 +80,6 @@ protected Valve next = null; - /** - * The string manager for this package. - */ - protected final static StringManager sm = - StringManager.getManager(Constants.Package); - - //-------------------------------------------------------------- Properties Modified: trunk/src/main/java/org/jboss/web/CatalinaLogger.java =================================================================== --- trunk/src/main/java/org/jboss/web/CatalinaLogger.java 2012-08-23 11:42:33 UTC (rev 2066) +++ trunk/src/main/java/org/jboss/web/CatalinaLogger.java 2012-08-24 13:44:02 UTC (rev 2067) @@ -45,4 +45,47 @@ */ CatalinaLogger ROOT_LOGGER = Logger.getMessageLogger(CatalinaLogger.class, "org.apache.catalina"); + /** + * A logger with the category of the package name. + */ + CatalinaLogger AUTH_LOGGER = Logger.getMessageLogger(CatalinaLogger.class, "org.apache.catalina.authenticator"); + + /** + * A logger with the category of the package name. + */ + CatalinaLogger VALVES_LOGGER = Logger.getMessageLogger(CatalinaLogger.class, "org.apache.catalina.valves"); + + /** + * A logger with the category of the package name. + */ + CatalinaLogger REALM_LOGGER = Logger.getMessageLogger(CatalinaLogger.class, "org.apache.catalina.realm"); + + @LogMessage(level = WARN) + @Message(id = 1000, value = "A valid entry has been removed from client nonce cache to make room for new entries. A replay attack is now possible. To prevent the possibility of replay attacks, reduce nonceValidity or increase cnonceCacheSize. Further warnings of this type will be suppressed for 5 minutes.") + void digestCacheRemove(); + + @LogMessage(level = WARN) + @Message(id = 1001, value = "Failed to process certificate string [%s] to create a java.security.cert.X509Certificate object") + void certificateProcessingFailed(String certificate, @Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id = 1002, value = "The SSL provider specified on the connector associated with this request of [%s] is invalid. The certificate data could not be processed.") + void missingSecurityProvider(String provider, @Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id = 1003, value = "Error digesting user credentials.") + void errorDigestingCredentials(@Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id = 1004, value = "Failed realm [%s] JMX registration.") + void failedRealmJmxRegistration(Object objectName, @Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id = 1005, value = "Failed realm [%s] JMX unregistration.") + void failedRealmJmxUnregistration(Object objectName, @Cause Throwable t); + + @LogMessage(level = ERROR) + @Message(id = 1006, value = "Missing parent [%s].") + void missingParentJmxRegistration(Object objectName, @Cause Throwable t); + } Modified: trunk/src/main/java/org/jboss/web/CatalinaMessages.java =================================================================== --- trunk/src/main/java/org/jboss/web/CatalinaMessages.java 2012-08-23 11:42:33 UTC (rev 2066) +++ trunk/src/main/java/org/jboss/web/CatalinaMessages.java 2012-08-24 13:44:02 UTC (rev 2067) @@ -22,6 +22,9 @@ package org.jboss.web; +import java.io.UnsupportedEncodingException; +import java.security.NoSuchAlgorithmException; + import org.jboss.logging.Cause; import org.jboss.logging.Message; import org.jboss.logging.MessageBundle; @@ -39,4 +42,70 @@ */ CatalinaMessages MESSAGES = Messages.getBundle(CatalinaMessages.class); + @Message(id = 1, value = "Configuration error: Must be attached to a Context") + IllegalArgumentException authenticatorNeedsContext(); + + @Message(id = 2, value = "Security Interceptor has already been started") + String authenticatorAlreadyStarted(); + + @Message(id = 3, value = "Security Interceptor has not yet been started") + String authenticatorNotStarted(); + + @Message(id = 4, value = "The request body was too large to be cached during the authentication process") + String requestBodyTooLarge(); + + @Message(id = 5, value = "The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser") + String sessionTimeoutDuringAuthentication(); + + @Message(id = 6, value = "Invalid direct reference to form login page") + String invalidFormLoginDirectReference(); + + @Message(id = 7, value = "Unexpected error forwarding to error page") + String errorForwardingToFormError(); + + @Message(id = 8, value = "Unexpected error forwarding to login page") + String errorForwardingToFormLogin(); + + @Message(id = 9, value = "No client certificate chain in this request") + String missingRequestCertificate(); + + @Message(id = 10, value = "Cannot authenticate with the provided credentials") + String certificateAuthenticationFailure(); + + @Message(id = 11, value = "Valve has already been started") + String valveAlreadyStarted(); + + @Message(id = 12, value = "Valve has not yet been started") + String valveNotStarted(); + + @Message(id = 13, value = "Username [%s] NOT successfully authenticated") + String userNotAuthenticated(String userName); + + @Message(id = 14, value = "Username [%s] successfully authenticated") + String userAuthenticated(String userName); + + @Message(id = 15, value = "Access to the requested resource has been denied") + String forbiddenAccess(); + + @Message(id = 16, value = "User [%s] does not have role [%s]") + String userDoesNotHaveRole(String user, String role); + + @Message(id = 17, value = "User [%s] has role [%s]") + String userHasRole(String user, String role); + + @Message(id = 18, value = "Realm has already been started") + String realmAlreadyStarted(); + + @Message(id = 19, value = "Realm has not yet been started") + String realmNotStarted(); + + @Message(id = 20, value = "Invalid message digest algorithm %s specified") + String invalidMessageDigest(String digest); + + @Message(id = 21, value = "Illegal digest encoding %s") + IllegalArgumentException illegalDigestEncoding(String digest, @Cause UnsupportedEncodingException e); + + @Message(id = 21, value = "Missing MD5 digest") + IllegalArgumentException noMD5Digest(@Cause NoSuchAlgorithmException e); + }