Author: aogburn
Date: 2015-02-03 11:39:06 -0500 (Tue, 03 Feb 2015)
New Revision: 2589
Modified:
branches/7.4.x/
branches/7.4.x/src/
branches/7.4.x/src/main/java/org/apache/catalina/authenticator/DigestAuthenticator.java
branches/7.4.x/src/main/java/org/apache/catalina/authenticator/SingleSignOn.java
Log:
[JBWEB-258] Ensure concurrent requests that require DIGEST auth receive unique nonces
Property changes on: branches/7.4.x
___________________________________________________________________
Added: svn:mergeinfo
+ /branches/7.5.x:2588
Property changes on: branches/7.4.x/src
___________________________________________________________________
Modified: svn:mergeinfo
- /branches/8.0.x/src:2529
+ /branches/7.5.x/src:2588
/branches/8.0.x/src:2529
Modified:
branches/7.4.x/src/main/java/org/apache/catalina/authenticator/DigestAuthenticator.java
===================================================================
---
branches/7.4.x/src/main/java/org/apache/catalina/authenticator/DigestAuthenticator.java 2015-02-03
16:17:45 UTC (rev 2588)
+++
branches/7.4.x/src/main/java/org/apache/catalina/authenticator/DigestAuthenticator.java 2015-02-03
16:39:06 UTC (rev 2589)
@@ -90,6 +90,14 @@
/**
+ * The last timestamp used to generate a nonce. Each nonce should get a
+ * unique timestamp.
+ */
+ protected long lastTimestamp = 0;
+ protected final Object lastTimestampLock = new Object();
+
+
+ /**
* Maximum number of server nonces to keep in the cache. If not specified,
* the default value of 1000 is used.
*/
@@ -303,6 +311,13 @@
long currentTime = System.currentTimeMillis();
+ synchronized (lastTimestampLock) {
+ if (currentTime > lastTimestamp) {
+ lastTimestamp = currentTime;
+ } else {
+ currentTime = ++lastTimestamp;
+ }
+ }
String ipTimeKey =
request.getRemoteAddr() + ":" + currentTime + ":" +
getKey();
Property changes on:
branches/7.4.x/src/main/java/org/apache/catalina/authenticator/SingleSignOn.java
___________________________________________________________________
Modified: svn:mergeinfo
-
/branches/7.5.x/src/main/java/org/apache/catalina/authenticator/SingleSignOn.java:2574
/branches/8.0.x/src/main/java/org/apache/catalina/authenticator/SingleSignOn.java:2529
+
/branches/7.5.x/src/main/java/org/apache/catalina/authenticator/SingleSignOn.java:2574,2588
/branches/8.0.x/src/main/java/org/apache/catalina/authenticator/SingleSignOn.java:2529
Show replies by date