Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

321232 BasicAuthenticator ignores bad Authorization header 

git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@2205 7e9141cc-0065-0410-87d8-b60c137991c4
This commit is contained in:
Greg Wilkins 2010-08-04 04:47:48 +00:00
parent 129184744a
commit a5e1cea005
3 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
VERSION.txt
View File

@ -8,6 +8,7 @@ jetty-7.2-SNAPSHOT
+ 320112 Websocket in aggregate jars
+ 320264 Removed duplicate mime.property entries
+ 320457 Added rfc2045 support to B64Code
+ 321232 BasicAuthenticator ignores bad Authorization header.
+ JETTY-912 added per exchange timeout api
+ JETTY-1245 Do not use direct buffers with NIO SSL
+ JETTY-1249 Apply max idle time to all connectors

13
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java
View File

@ -69,12 +69,15 @@ public class BasicAuthenticator extends LoginAuthenticator
credentials = credentials.substring(credentials.indexOf(' ')+1);
credentials = B64Code.decode(credentials,StringUtil.__ISO_8859_1);
int i = credentials.indexOf(':');
String username = credentials.substring(0,i);
String password = credentials.substring(i+1);
if (i>0)
{
String username = credentials.substring(0,i);
String password = credentials.substring(i+1);
UserIdentity user = _loginService.login(username,password);
if (user!=null)
return new UserAuthentication(this,user);
UserIdentity user = _loginService.login(username,password);
if (user!=null)
return new UserAuthentication(this,user);
}
}
if (_deferred.isDeferred(response))

3
test-jetty-webapp/src/main/java/com/acme/Dump.java
View File

@ -441,6 +441,9 @@ public class Dump extends HttpServlet
pout.write("<th align=\"right\">getRemoteUser:&nbsp;</th>");
pout.write("<td>"+request.getRemoteUser()+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getUserPrincipal:&nbsp;</th>");
pout.write("<td>"+request.getUserPrincipal()+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getRemoteAddr:&nbsp;</th>");
pout.write("<td>"+request.getRemoteAddr()+"</td>");
pout.write("</tr><tr>\n");