13. Araxis Merge File Comparison Report

Produced by Araxis Merge on 11/20/2017 2:16:16 PM GMT Standard Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

13.1 Files compared

#	Location	File	Last Modified
1	C:\Merge Test Files\8.0.47\java\org\apache\catalina\authenticator	FormAuthenticator.java	Fri Sep 29 16:53:28 2017 UTC
2	C:\Merge Test Files\8.5.23\java\org\apache\catalina\authenticator	FormAuthenticator.java	Thu Sep 28 11:32:16 2017 UTC

13.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	17	1314
Changed	7	34
Inserted	6	23
Removed	3	6

13.3 Comparison options

Whitespace	Consecutive whitespace is treated as a single space
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

13.4 Active regular expressions

No regular expressions were active.

13.5 Comparison detail

1	/*	1	/*
2	* License d to the A pache Soft ware Found ation (ASF ) under on e or more	2	* License d to the A pache Soft ware Found ation (ASF ) under on e or more
3	* contrib utor licen se agreeme nts. See the NOTICE file dist ributed wi th	3	* contrib utor licen se agreeme nts. See the NOTICE file dist ributed wi th
4	* this wo rk for add itional in formation regarding copyright ownership.	4	* this wo rk for add itional in formation regarding copyright ownership.
5	* The ASF licenses this file to You und er the Apa che Licens e, Version 2.0	5	* The ASF licenses this file to You und er the Apa che Licens e, Version 2.0
6	* (the "L icense"); you may no t use this file exce pt in comp liance wit h	6	* (the "L icense"); you may no t use this file exce pt in comp liance wit h
7	* the Lic ense. You may obtai n a copy o f the Lice nse at	7	* the Lic ense. You may obtai n a copy o f the Lice nse at
8	*	8	*
9	* ht tp://www.a pache.org/ licenses/L ICENSE-2.0	9	* ht tp://www.a pache.org/ licenses/L ICENSE-2.0
10	*	10	*
11	* Unless required b y applicab le law or agreed to in writing , software	11	* Unless required b y applicab le law or agreed to in writing , software
12	* distrib uted under the Licen se is dist ributed on an "AS IS " BASIS,	12	* distrib uted under the Licen se is dist ributed on an "AS IS " BASIS,
13	* WITHOUT WARRANTIE S OR CONDI TIONS OF A NY KIND, e ither expr ess or imp lied.	13	* WITHOUT WARRANTIE S OR CONDI TIONS OF A NY KIND, e ither expr ess or imp lied.
14	* See the License f or the spe cific lang uage gover ning permi ssions and	14	* See the License f or the spe cific lang uage gover ning permi ssions and
15	* limitat ions under the Licen se.	15	* limitat ions under the Licen se.
16	*/	16	*/
17	package or g.apache.c atalina.au thenticato r;	17	package or g.apache.c atalina.au thenticato r;
18		18
19	import jav a.io.IOExc eption;	19	import jav a.io.IOExc eption;
20	import jav a.io.Input Stream;	20	import jav a.io.Input Stream;
21	import jav a.security .Principal ;	21	import jav a.security .Principal ;
22	import jav a.util.Enu meration;	22	import jav a.util.Enu meration;
23	import jav a.util.Ite rator;	23	import jav a.util.Ite rator;
24	import jav a.util.Loc ale;	24	import jav a.util.Loc ale;
25		25
26	import jav ax.servlet .RequestDi spatcher;	26	import jav ax.servlet .RequestDi spatcher;
27	import jav ax.servlet .http.Cook ie;	27	import jav ax.servlet .http.Cook ie;
28	import jav ax.servlet .http.Http ServletReq uest;	28	import jav ax.servlet .http.Http ServletReq uest;
29	import jav ax.servlet .http.Http ServletRes ponse;	29	import jav ax.servlet .http.Http ServletRes ponse;
30		30
31	import org .apache.ca talina.Man ager;	31	import org .apache.ca talina.Man ager;
32	import org .apache.ca talina.Rea lm;	32	import org .apache.ca talina.Rea lm;
33	import org .apache.ca talina.Ses sion;	33	import org .apache.ca talina.Ses sion;
34	import org .apache.ca talina.con nector.Req uest;	34	import org .apache.ca talina.con nector.Req uest;
35	import org .apache.ca talina.con nector.Res ponse;	35	import org .apache.ca talina.con nector.Res ponse;
36	import org .apache.co yote.Actio nCode;	36	import org .apache.co yote.Actio nCode;
37	import org .apache.ju li.logging .Log;	37	import org .apache.ju li.logging .Log;
38	import org .apache.ju li.logging .LogFactor y;	38	import org .apache.ju li.logging .LogFactor y;
39	import org .apache.to mcat.util. ExceptionU tils;	39	import org .apache.to mcat.util. ExceptionU tils;
40	import org .apache.to mcat.util. buf.ByteCh unk;	40	import org .apache.to mcat.util. buf.ByteCh unk;
41	import org .apache.to mcat.util. buf.CharCh unk;
42	import org .apache.to mcat.util. buf.Messag eBytes;	41	import org .apache.to mcat.util. buf.Messag eBytes;
43	import org .apache.to mcat.util. descriptor .web.Login Config;	42	import org .apache.to mcat.util. descriptor .web.Login Config;
44	import org .apache.to mcat.util. http.MimeH eaders;	43	import org .apache.to mcat.util. http.MimeH eaders;
45		44
46	/**	45	/**
47	* An <b>A uthenticat or</b> and <b>Valve< /b> implem entation o f FORM BAS ED	46	* An <b>A uthenticat or</b> and <b>Valve< /b> implem entation o f FORM BAS ED
48	* Authent ication, a s describe d in the S ervlet API Specifica tion.	47	* Authent ication, a s describe d in the S ervlet API Specifica tion.
49	*	48	*
50	* @author Craig R. McClanahan	49	* @author Craig R. McClanahan
51	* @author Remy Mauc herat	50	* @author Remy Mauc herat
52	*/	51	*/
53	public cla ss FormAut henticator	52	public cla ss FormAut henticator
54	extend s Authenti catorBase {	53	extend s Authenti catorBase {
55		54
56	privat e static f inal Log l og = LogFa ctory.getL og(FormAut henticator .class);	55	privat e static f inal Log l og = LogFa ctory.getL og(FormAut henticator .class);
57		56
58		57
59	// --- ---------- ---------- ---------- ---------- ---------- Instance Variables	58	// --- ---------- ---------- ---------- ---------- ---------- Instance Variables
60		59
61	/**	60	/**
62	* Cha racter enc oding to u se to read the usern ame and pa ssword par ameters	61	* Cha racter enc oding to u se to read the usern ame and pa ssword par ameters
63	* fro m the requ est. If no t set, the encoding of the req uest body will be	62	* fro m the requ est. If no t set, the encoding of the req uest body will be
64	* use d.	63	* use d.
65	*/	64	*/
66	protec ted String character Encoding = null;	65	protec ted String character Encoding = null;
67		66
68	/**	67	/**
69	* Lan ding page to use if a user tri es to acce ss the log in page di rectly or	68	* Lan ding page to use if a user tri es to acce ss the log in page di rectly or
70	* if the sessio n times ou t during l ogin. If n ot set, er ror respon ses will	69	* if the sessio n times ou t during l ogin. If n ot set, er ror respon ses will
71	* be sent inste ad.	70	* be sent inste ad.
72	*/	71	*/
73	protec ted String landingPa ge = null;	72	protec ted String landingPa ge = null;
74		73
75		74
76	// --- ---------- ---------- ---------- ---------- ---------- -------- P roperties	75	// --- ---------- ---------- ---------- ---------- ---------- -------- P roperties
77		76
78	/**	77	/**
79	* Return t he charact er encodin g to use t o read the user name and p assword.	78	* Return t he charact er encodin g to use t o read the user name and p assword.
		79	*
		80	* @re turn The n ame of the character encoding
80	*/	81	*/
81	public String ge tCharacter Encoding() {	82	public String ge tCharacter Encoding() {
82	re turn chara cterEncodi ng;	83	re turn chara cterEncodi ng;
83	}	84	}
84		85
85		86
86	/**	87	/**
87	* Set the character encoding t o be used to read th e user name and p assword.	88	* Set the character encoding t o be used to read th e user name and p assword.
		89	*
		90	* @pa ram encodi ng The nam e of the e ncoding to use
88	*/	91	*/
89	public void setC haracterEn coding(Str ing encodi ng) {	92	public void setC haracterEn coding(Str ing encodi ng) {
90	ch aracterEnc oding = en coding;	93	ch aracterEnc oding = en coding;
91	}	94	}
92		95
93		96
94	/**	97	/**
95	* Ret urn the la nding page to use wh en FORM au th is mis- used.	98	* Ret urn the la nding page to use wh en FORM au th is mis- used.
		99	*
		100	* @re turn The p ath to the landing p age relati ve to the web applic ation root
96	*/	101	*/
97	public String ge tLandingPa ge() {	102	public String ge tLandingPa ge() {
98	re turn landi ngPage;	103	re turn landi ngPage;
99	}	104	}
100		105
101		106
102	/**	107	/**
103	* Set the landi ng page to use when the FORM a uth is mis -used.	108	* Set the landi ng page to use when the FORM a uth is mis -used.
		109	*
		110	* @pa ram landin gPage The path to th e landing page relat ive to the web
		111	* appl ication ro ot
104	*/	112	*/
105	public void setL andingPage (String la ndingPage) {	113	public void setL andingPage (String la ndingPage) {
106	th is.landing Page = lan dingPage;	114	th is.landing Page = lan dingPage;
107	}	115	}
108		116
109		117
110	// ------- ---------- ---------- ---------- ---------- ------- --- P ubli c Methods	118	// ------- ---------- ---------- ---------- ---------- ------- P rote c ted Methods
111		119
112		120
113	/**	121	/**
114	* Aut henticate the user m aking this request, based on t he specifi ed	122	* Aut henticate the user m aking this request, based on t he specifi ed
115	* log in configu ration. R eturn <cod e>true</co de> if any specified	123	* log in configu ration. R eturn <cod e>true</co de> if any specified
116	* con straint ha s been sat isfied, or <code>fal se</code> if we have	124	* con straint ha s been sat isfied, or <code>fal se</code> if we have
117	* cre ated a res ponse chal lenge alre ady.	125	* cre ated a res ponse chal lenge alre ady.
118	*	126	*
119	* @pa ram reques t Request we are pro cessing	127	* @pa ram reques t Request we are pro cessing
120	* @pa ram respon se Respons e we are c reating	128	* @pa ram respon se Respons e we are c reating
121	*	129	*
122	* @ex ception IO Exception if an inpu t/output e rror occur s	130	* @ex ception IO Exception if an inpu t/output e rror occur s
123	*/	131	*/
124	@Overr ide	132	@Overr ide
125	p ubli c boolean a uthenticat e(Request request, H ttpServlet Response r esponse)	133	p rote c ted boolean doA uthenticat e(Request request, H ttpServlet Response r esponse)
126	throws I OException {	134	throws I OException {
127		135
128	if (checkFor CachedAuth entication (request, response, true)) {	136	if (checkFor CachedAuth entication (request, response, true)) {
129	return t rue;	137	return t rue;
130	}	138	}
131		139
132	// Reference s to objec ts we will need late r	140	// Reference s to objec ts we will need late r
133	Se ssion sess ion = null ;	141	Se ssion sess ion = null ;
134	Pr incipal pr incipal = null;	142	Pr incipal pr incipal = null;
135		143
136	// Have we a uthenticat ed this us er before but have c aching dis abled?	144	// Have we a uthenticat ed this us er before but have c aching dis abled?
137	if (!cache) {	145	if (!cache) {
138	session = request. getSession Internal(t rue);	146	session = request. getSession Internal(t rue);
139	if (log. isDebugEna bled()) {	147	if (log. isDebugEna bled()) {
140	log. debug("Che cking for reauthenti cate in se ssion " + session);	148	log. debug("Che cking for reauthenti cate in se ssion " + session);
141	}	149	}
142	String u sername =	150	String u sername =
143	(Str ing) sessi on.getNote (Constants .SESS_USER NAME_NOTE) ;	151	(Str ing) sessi on.getNote (Constants .SESS_USER NAME_NOTE) ;
144	String p assword =	152	String p assword =
145	(Str ing) sessi on.getNote (Constants .SESS_PASS WORD_NOTE) ;	153	(Str ing) sessi on.getNote (Constants .SESS_PASS WORD_NOTE) ;
146	if ((use rname != n ull) && (p assword != null)) {	154	if ((use rname != n ull) && (p assword != null)) {
147	if ( log.isDebu gEnabled() ) {	155	if ( log.isDebu gEnabled() ) {
148	log.debug( "Reauthent icating us ername '" + username + "'");	156	log.debug( "Reauthent icating us ername '" + username + "'");
149	}	157	}
150	prin cipal =	158	prin cipal =
151	context.ge tRealm().a uthenticat e(username , password );	159	context.ge tRealm().a uthenticat e(username , password );
152	if ( principal != null) {	160	if ( principal != null) {
153	session.se tNote(Cons tants.FORM _PRINCIPAL _NOTE, pri ncipal);	161	session.se tNote(Cons tants.FORM _PRINCIPAL _NOTE, pri ncipal);
154	if (!match Request(re quest)) {	162	if (!match Request(re quest)) {
155	regist er(request , response , principa l,	163	regist er(request , response , principa l,
156	HttpServ letRequest .FORM_AUTH ,	164	HttpServ letRequest .FORM_AUTH ,
157	username , password );	165	username , password );
158	return true;	166	return true;
159	}	167	}
160	}	168	}
161	if ( log.isDebu gEnabled() ) {	169	if ( log.isDebu gEnabled() ) {
162	log.debug( "Reauthent ication fa iled, proc eed normal ly");	170	log.debug( "Reauthent ication fa iled, proc eed normal ly");
163	}	171	}
164	}	172	}
165	}	173	}
166		174
167	// Is this t he re-subm it of the original r equest URI after suc cessful	175	// Is this t he re-subm it of the original r equest URI after suc cessful
168	// authentic ation? If so, forwa rd the or iginal re quest inst ead.	176	// authentic ation? If so, forwa rd the or iginal re quest inst ead.
169	if (matchReq uest(reque st)) {	177	if (matchReq uest(reque st)) {
170	session = request. getSession Internal(t rue);	178	session = request. getSession Internal(t rue);
171	if (log. isDebugEna bled()) {	179	if (log. isDebugEna bled()) {
172	log. debug("Res tore reque st from se ssion '"	180	log. debug("Res tore reque st from se ssion '"
173	+ se ssion.getI dInternal( )	181	+ se ssion.getI dInternal( )
174	+ "' ");	182	+ "' ");
175	}	183	}
176	principa l = (Princ ipal)	184	principa l = (Princ ipal)
177	sess ion.getNot e(Constant s.FORM_PRI NCIPAL_NOT E);	185	sess ion.getNot e(Constant s.FORM_PRI NCIPAL_NOT E);
178	register (request, response, principal, HttpServl etRequest. FORM_AUTH,	186	register (request, response, principal, HttpServl etRequest. FORM_AUTH,
179	(String) session.ge tNote(Cons tants.SESS _USERNAME_ NOTE),	187	(String) session.ge tNote(Cons tants.SESS _USERNAME_ NOTE),
180	(String) session.ge tNote(Cons tants.SESS _PASSWORD_ NOTE));	188	(String) session.ge tNote(Cons tants.SESS _PASSWORD_ NOTE));
181	// If we 're cachin g principa ls we no l onger need the usern ame	189	// If we 're cachin g principa ls we no l onger need the usern ame
182	// and p assword in the sessi on, so rem ove them	190	// and p assword in the sessi on, so rem ove them
183	if (cach e) {	191	if (cach e) {
184	sess ion.remove Note(Const ants.SESS_ USERNAME_N OTE);	192	sess ion.remove Note(Const ants.SESS_ USERNAME_N OTE);
185	sess ion.remove Note(Const ants.SESS_ PASSWORD_N OTE);	193	sess ion.remove Note(Const ants.SESS_ PASSWORD_N OTE);
186	}	194	}
187	if (rest oreRequest (request, session)) {	195	if (rest oreRequest (request, session)) {
188	if ( log.isDebu gEnabled() ) {	196	if ( log.isDebu gEnabled() ) {
189	log.debug( "Proceed t o restored request") ;	197	log.debug( "Proceed t o restored request") ;
190	}	198	}
191	retu rn true;	199	retu rn true;
192	} else {	200	} else {
193	if ( log.isDebu gEnabled() ) {	201	if ( log.isDebu gEnabled() ) {
194	log.debug( "Restore o f original request f ailed");	202	log.debug( "Restore o f original request f ailed");
195	}	203	}
196	resp onse.sendE rror(HttpS ervletResp onse.SC_BA D_REQUEST) ;	204	resp onse.sendE rror(HttpS ervletResp onse.SC_BA D_REQUEST) ;
197	retu rn false;	205	retu rn false;
198	}	206	}
199	}	207	}
200		208
201	// Acquire r eferences to objects we will n eed to eva luate	209	// Acquire r eferences to objects we will n eed to eva luate
202	Me ssageBytes uriMB = M essageByte s.newInsta nce();
203	Ch arChunk ur iCC = uriM B.getCharC hunk();
204	ur iCC.setLim it(-1);
205	St ring conte xtPath = r equest.get ContextPat h();	210	St ring conte xtPath = r equest.get ContextPat h();
206	St ring reque stURI = re quest.getD ecodedRequ estURI();	211	St ring reque stURI = re quest.getD ecodedRequ estURI();
207		212
208	// Is this t he action request fr om the log in page?	213	// Is this t he action request fr om the log in page?
209	bo olean logi nAction =	214	bo olean logi nAction =
210	requestU RI.startsW ith(contex tPath) &&	215	requestU RI.startsW ith(contex tPath) &&
211	requestU RI.endsWit h(Constant s.FORM_ACT ION);	216	requestU RI.endsWit h(Constant s.FORM_ACT ION);
212		217
213	Lo ginConfig config = c ontext.get LoginConfi g();	218	Lo ginConfig config = c ontext.get LoginConfi g();
214		219
215	// No -- Sav e this req uest and r edirect to the form login page	220	// No -- Sav e this req uest and r edirect to the form login page
216	if (!loginAc tion) {	221	if (!loginAc tion) {
217	// If th is request was to th e root of the contex t without a trailing	222	// If th is request was to th e root of the contex t without a trailing
218	// '/', need to re direct to add it els e the subm it of the login form	223	// '/', need to re direct to add it els e the subm it of the login form
219	// may n ot go to t he correct web appli cation	224	// may n ot go to t he correct web appli cation
220	if (requ est.getSer vletPath() .length() == 0 && re quest.getP athInfo() == null) {	225	if (requ est.getSer vletPath() .length() == 0 && re quest.getP athInfo() == null) {
221	Stri ngBuilder location = new Strin gBuilder(r equestURI) ;	226	Stri ngBuilder location = new Strin gBuilder(r equestURI) ;
222	loca tion.appen d('/');	227	loca tion.appen d('/');
223	if ( request.ge tQueryStri ng() != nu ll) {	228	if ( request.ge tQueryStri ng() != nu ll) {
224	location.a ppend('?') ;	229	location.a ppend('?') ;
225	location.a ppend(requ est.getQue ryString() );	230	location.a ppend(requ est.getQue ryString() );
226	}	231	}
227	resp onse.sendR edirect(re sponse.enc odeRedirec tURL(locat ion.toStri ng()));	232	resp onse.sendR edirect(re sponse.enc odeRedirec tURL(locat ion.toStri ng()));
228	retu rn false;	233	retu rn false;
229	}	234	}
230		235
231	session = request. getSession Internal(t rue);	236	session = request. getSession Internal(t rue);
232	if (log. isDebugEna bled()) {	237	if (log. isDebugEna bled()) {
233	log. debug("Sav e request in session '" + sess ion.getIdI nternal() + "'");	238	log. debug("Sav e request in session '" + sess ion.getIdI nternal() + "'");
234	}	239	}
235	try {	240	try {
236	save Request(re quest, ses sion);	241	save Request(re quest, ses sion);
237	} catch (IOExcepti on ioe) {	242	} catch (IOExcepti on ioe) {
238	log. debug("Req uest body too big to save duri ng authent ication");	243	log. debug("Req uest body too big to save duri ng authent ication");
239	resp onse.sendE rror(HttpS ervletResp onse.SC_FO RBIDDEN,	244	resp onse.sendE rror(HttpS ervletResp onse.SC_FO RBIDDEN,
240	sm.get String("au thenticato r.requestB odyTooBig" ));	245	sm.get String("au thenticato r.requestB odyTooBig" ));
241	retu rn false;	246	retu rn false;
242	}	247	}
243	forwardT oLoginPage (request, response, config);	248	forwardT oLoginPage (request, response, config);
244	return f alse;	249	return f alse;
245	}	250	}
246		251
247	// Yes -- Ac knowledge the reques t, validat e the spec ified cred entials	252	// Yes -- Ac knowledge the reques t, validat e the spec ified cred entials
248	// and redir ect to the error pag e if they are not co rrect	253	// and redir ect to the error pag e if they are not co rrect
249	re quest.getR esponse(). sendAcknow ledgement( );	254	re quest.getR esponse(). sendAcknow ledgement( );
250	Re alm realm = context. getRealm() ;	255	Re alm realm = context. getRealm() ;
251	if (characte rEncoding != null) {	256	if (characte rEncoding != null) {
252	request. setCharact erEncoding (character Encoding);	257	request. setCharact erEncoding (character Encoding);
253	}	258	}
254	St ring usern ame = requ est.getPar ameter(Con stants.FOR M_USERNAME );	259	St ring usern ame = requ est.getPar ameter(Con stants.FOR M_USERNAME );
255	St ring passw ord = requ est.getPar ameter(Con stants.FOR M_PASSWORD );	260	St ring passw ord = requ est.getPar ameter(Con stants.FOR M_PASSWORD );
256	if (log.isDe bugEnabled ()) {	261	if (log.isDe bugEnabled ()) {
257	log.debu g("Authent icating us ername '" + username + "'");	262	log.debu g("Authent icating us ername '" + username + "'");
258	}	263	}
259	pr incipal = realm.auth enticate(u sername, p assword);	264	pr incipal = realm.auth enticate(u sername, p assword);
260	if (principa l == null) {	265	if (principa l == null) {
261	forwardT oErrorPage (request, response, config);	266	forwardT oErrorPage (request, response, config);
262	return f alse;	267	return f alse;
263	}	268	}
264		269
265	if (log.isDe bugEnabled ()) {	270	if (log.isDe bugEnabled ()) {
266	log.debu g("Authent ication of '" + user name + "' was succes sful");	271	log.debu g("Authent ication of '" + user name + "' was succes sful");
267	}	272	}
268		273
269	if (session == null) {	274	if (session == null) {
270	session = request. getSession Internal(f alse);	275	session = request. getSession Internal(f alse);
271	}	276	}
272	if (session == null) {	277	if (session == null) {
273	if (cont ainerLog.i sDebugEnab led()) {	278	if (cont ainerLog.i sDebugEnab led()) {
274	cont ainerLog.d ebug	279	cont ainerLog.d ebug
275	("User too k so long to log on the sessio n expired" );	280	("User too k so long to log on the sessio n expired" );
276	}	281	}
277	if (land ingPage == null) {	282	if (land ingPage == null) {
278	resp onse.sendE rror(HttpS ervletResp onse.SC_RE QUEST_TIME OUT,	283	resp onse.sendE rror(HttpS ervletResp onse.SC_RE QUEST_TIME OUT,
279	sm.get String("au thenticato r.sessionE xpired"));	284	sm.get String("au thenticato r.sessionE xpired"));
280	} else {	285	} else {
281	// M ake the au thenticato r think th e user ori ginally re quested	286	// M ake the au thenticato r think th e user ori ginally re quested
282	// t he landing page	287	// t he landing page
283	Stri ng uri = r equest.get ContextPat h() + land ingPage;	288	Stri ng uri = r equest.get ContextPat h() + land ingPage;
284	Save dRequest s aved = new SavedRequ est();	289	Save dRequest s aved = new SavedRequ est();
285	save d.setMetho d("GET");	290	save d.setMetho d("GET");
286	save d.setReque stURI(uri) ;	291	save d.setReque stURI(uri) ;
287	save d.setDecod edRequestU RI(uri);	292	save d.setDecod edRequestU RI(uri);
288	requ est.getSes sionIntern al(true).s etNote(	293	requ est.getSes sionIntern al(true).s etNote(
289	Consta nts.FORM_R EQUEST_NOT E, saved);	294	Consta nts.FORM_R EQUEST_NOT E, saved);
290	resp onse.sendR edirect(re sponse.enc odeRedirec tURL(uri)) ;	295	resp onse.sendR edirect(re sponse.enc odeRedirec tURL(uri)) ;
291	}	296	}
292	return f alse;	297	return f alse;
293	}	298	}
294		299
295	// Save the authentica ted Princi pal in our session	300	// Save the authentica ted Princi pal in our session
296	se ssion.setN ote(Consta nts.FORM_P RINCIPAL_N OTE, princ ipal);	301	se ssion.setN ote(Consta nts.FORM_P RINCIPAL_N OTE, princ ipal);
297		302
298	// Save the username a nd passwor d as well	303	// Save the username a nd passwor d as well
299	se ssion.setN ote(Consta nts.SESS_U SERNAME_NO TE, userna me);	304	se ssion.setN ote(Consta nts.SESS_U SERNAME_NO TE, userna me);
300	se ssion.setN ote(Consta nts.SESS_P ASSWORD_NO TE, passwo rd);	305	se ssion.setN ote(Consta nts.SESS_P ASSWORD_NO TE, passwo rd);
301		306
302	// Redirect the user t o the orig inal reque st URI (wh ich will c ause	307	// Redirect the user t o the orig inal reque st URI (wh ich will c ause
303	// the origi nal reques t to be re stored)	308	// the origi nal reques t to be re stored)
304	re questURI = savedRequ estURL(ses sion);	309	re questURI = savedRequ estURL(ses sion);
305	if (log.isDe bugEnabled ()) {	310	if (log.isDe bugEnabled ()) {
306	log.debu g("Redirec ting to or iginal '" + requestU RI + "'");	311	log.debu g("Redirec ting to or iginal '" + requestU RI + "'");
307	}	312	}
308	if (requestU RI == null ) {	313	if (requestU RI == null ) {
309	if (land ingPage == null) {	314	if (land ingPage == null) {
310	resp onse.sendE rror(HttpS ervletResp onse.SC_BA D_REQUEST,	315	resp onse.sendE rror(HttpS ervletResp onse.SC_BA D_REQUEST,
311	sm.get String("au thenticato r.formlogi n"));	316	sm.get String("au thenticato r.formlogi n"));
312	} else {	317	} else {
313	// M ake the au thenticato r think th e user ori ginally re quested	318	// M ake the au thenticato r think th e user ori ginally re quested
314	// t he landing page	319	// t he landing page
315	Stri ng uri = r equest.get ContextPat h() + land ingPage;	320	Stri ng uri = r equest.get ContextPat h() + land ingPage;
316	Save dRequest s aved = new SavedRequ est();	321	Save dRequest s aved = new SavedRequ est();
317	save d.setMetho d("GET");	322	save d.setMetho d("GET");
318	save d.setReque stURI(uri) ;	323	save d.setReque stURI(uri) ;
319	save d.setDecod edRequestU RI(uri);	324	save d.setDecod edRequestU RI(uri);
320	sess ion.setNot e(Constant s.FORM_REQ UEST_NOTE, saved);	325	sess ion.setNot e(Constant s.FORM_REQ UEST_NOTE, saved);
321	resp onse.sendR edirect(re sponse.enc odeRedirec tURL(uri)) ;	326	resp onse.sendR edirect(re sponse.enc odeRedirec tURL(uri)) ;
322	}	327	}
323	} else {	328	} else {
324	// Until the Servl et API all ows specif ying the t ype of red irect to	329	// Until the Servl et API all ows specif ying the t ype of red irect to
325	// use.	330	// use.
326	Response internalR esponse = request.ge tResponse( );	331	Response internalR esponse = request.ge tResponse( );
327	String l ocation = response.e ncodeRedir ectURL(req uestURI);	332	String l ocation = response.e ncodeRedir ectURL(req uestURI);
328	if ("HTT P/1.1".equ als(reques t.getProto col())) {	333	if ("HTT P/1.1".equ als(reques t.getProto col())) {
329	inte rnalRespon se.sendRed irect(loca tion,	334	inte rnalRespon se.sendRed irect(loca tion,
330	HttpSe rvletRespo nse.SC_SEE _OTHER);	335	HttpSe rvletRespo nse.SC_SEE _OTHER);
331	} else {	336	} else {
332	inte rnalRespon se.sendRed irect(loca tion,	337	inte rnalRespon se.sendRed irect(loca tion,
333	HttpSe rvletRespo nse.SC_FOU ND);	338	HttpSe rvletRespo nse.SC_FOU ND);
334	}	339	}
335	}	340	}
336	re turn false ;	341	re turn false ;
337		342
338	}	343	}
339		344
340		345
341	@Overr ide	346	@Overr ide
342	protec ted String getAuthMe thod() {	347	protec ted boolea n isContin uationRequ ired(Reque st request ) {
343	return Ht t pSe r vletReq ue st.FORM_AU TH ;	348	// Special h andling fo r form-bas ed logins to deal wi th the cas e
		349	// where the login for m (and the refore the "j_securi ty_check" URI
		350	// to which it submits ) might be outside t he secured area
		351	St ring conte xtPath = t his.contex t.getPath( );
		352	St ring decod edRequestU RI = reque st.getDeco dedRequest URI();
		353	if (decodedR equestURI. startsWith (contextPa th) &&
		354	deco dedRequest URI.endsWi th(Constan ts.FORM_AC TION)) {
		355	return t r ue ;
344	}	356	}
345		357
		358	// Special h andling fo r form-bas ed logins to deal wi th the cas e where
		359	// a resourc e is prote cted for s ome HTTP m ethods but not prote cted for
		360	// GET which is used a fter authe ntication when redir ecting to the
		361	// protected resource.
		362	// TODO: Thi s is simil ar to the FormAuthen ticator.ma tchRequest () logic
		363	// Is there a way to r emove the duplicatio n?
		364	Se ssion sess ion = requ est.getSes sionIntern al(false);
		365	if (session != null) {
		366	SavedReq uest saved Request = (SavedRequ est) sessi on.getNote (Constants .FORM_REQU EST_NOTE);
		367	if (save dRequest ! = null &&
		368	decodedReq uestURI.eq uals(saved Request.ge tDecodedRe questURI() )) {
		369	retu rn true;
		370	}
		371	}
346		372
347	// --- ---------- ---------- ---------- ---------- ---------- - Protecte d Methods	373	re turn false ;
		374	}
		375
		376
		377	@Overr ide
		378	protec ted String getAuthMe thod() {
		379	re turn HttpS ervletRequ est.FORM_A UTH;
		380	}
348		381
349		382
350	/**	383	/**
351	* Cal led to for ward to th e login pa ge	384	* Cal led to for ward to th e login pa ge
352	*	385	*
353	* @pa ram reques t Request we are pro cessing	386	* @pa ram reques t Request we are pro cessing
354	* @pa ram respon se Respons e we are p opulating	387	* @pa ram respon se Respons e we are p opulating
355	* @pa ram config Login configurat ion descri bing how a uthenticat ion	388	* @pa ram config Login configurat ion descri bing how a uthenticat ion
356	* should be performed	389	* should be performed
357	* @th rows IOExc eption If the forwa rd to the login page fails and the call	390	* @th rows IOExc eption If the forwa rd to the login page fails and the call
358	* to {@link Ht tpServletR esponse#se ndError(in t, String) }	391	* to {@link Ht tpServletR esponse#se ndError(in t, String) }
359	* th rows an {@ link IOExc eption}	392	* th rows an {@ link IOExc eption}
360	*/	393	*/
361	protec ted void f orwardToLo ginPage(Re quest requ est,	394	protec ted void f orwardToLo ginPage(Re quest requ est,
362	HttpServ letRespons e response , LoginCon fig config )	395	HttpServ letRespons e response , LoginCon fig config )
363	throws I OException {	396	throws I OException {
364		397
365	if (log.isDe bugEnabled ()) {	398	if (log.isDe bugEnabled ()) {
366	log.debu g(sm.getSt ring("form Authentica tor.forwar dLogin",	399	log.debu g(sm.getSt ring("form Authentica tor.forwar dLogin",
367	request.ge tRequestUR I(), reque st.getMeth od(),	400	request.ge tRequestUR I(), reque st.getMeth od(),
368	config.get LoginPage( ), context .getName() ));	401	config.get LoginPage( ), context .getName() ));
369	}	402	}
370		403
371	St ring login Page = con fig.getLog inPage();	404	St ring login Page = con fig.getLog inPage();
372	if (loginPag e == null \|\| loginPa ge.length( ) == 0) {	405	if (loginPag e == null \|\| loginPa ge.length( ) == 0) {
373	String m sg = sm.ge tString("f ormAuthent icator.noL oginPage",	406	String m sg = sm.ge tString("f ormAuthent icator.noL oginPage",
374	context.ge tName());	407	context.ge tName());
375	log.warn (msg);	408	log.warn (msg);
376	response .sendError (HttpServl etResponse .SC_INTERN AL_SERVER_ ERROR,	409	response .sendError (HttpServl etResponse .SC_INTERN AL_SERVER_ ERROR,
377	msg);	410	msg);
378	return;	411	return;
379	}	412	}
380		413
381	if (getChang eSessionId OnAuthenti cation()) {	414	if (getChang eSessionId OnAuthenti cation()) {
382	Session session = request.ge tSessionIn ternal(fal se);	415	Session session = request.ge tSessionIn ternal(fal se);
383	if (sess ion != nul l) {	416	if (sess ion != nul l) {
384	Mana ger manage r = reques t.getConte xt().getMa nager();	417	Mana ger manage r = reques t.getConte xt().getMa nager();
385	mana ger.change SessionId( session);	418	mana ger.change SessionId( session);
386	requ est.change SessionId( session.ge tId());	419	requ est.change SessionId( session.ge tId());
387	}	420	}
388	}	421	}
389		422
390	// Always us e GET for the login page, rega rdless of the method used	423	// Always us e GET for the login page, rega rdless of the method used
391	St ring oldMe thod = req uest.getMe thod();	424	St ring oldMe thod = req uest.getMe thod();
392	re quest.getC oyoteReque st().metho d().setStr ing("GET") ;	425	re quest.getC oyoteReque st().metho d().setStr ing("GET") ;
393		426
394	Re questDispa tcher disp =	427	Re questDispa tcher disp =
395	context. getServlet Context(). getRequest Dispatcher (loginPage );	428	context. getServlet Context(). getRequest Dispatcher (loginPage );
396	tr y {	429	tr y {
397	if (cont ext.fireRe questInitE vent(reque st.getRequ est())) {	430	if (cont ext.fireRe questInitE vent(reque st.getRequ est())) {
398	disp .forward(r equest.get Request(), response) ;	431	disp .forward(r equest.get Request(), response) ;
399	cont ext.fireRe questDestr oyEvent(re quest.getR equest());	432	cont ext.fireRe questDestr oyEvent(re quest.getR equest());
400	}	433	}
401	} catch (Thr owable t) {	434	} catch (Thr owable t) {
402	Exceptio nUtils.han dleThrowab le(t);	435	Exceptio nUtils.han dleThrowab le(t);
403	String m sg = sm.ge tString("f ormAuthent icator.for wardLoginF ail");	436	String m sg = sm.ge tString("f ormAuthent icator.for wardLoginF ail");
404	log.warn (msg, t);	437	log.warn (msg, t);
405	request. setAttribu te(Request Dispatcher .ERROR_EXC EPTION, t) ;	438	request. setAttribu te(Request Dispatcher .ERROR_EXC EPTION, t) ;
406	response .sendError (HttpServl etResponse .SC_INTERN AL_SERVER_ ERROR,	439	response .sendError (HttpServl etResponse .SC_INTERN AL_SERVER_ ERROR,
407	msg);	440	msg);
408	} finally {	441	} finally {
409	// Resto re origina l method s o that it is written into acce ss log	442	// Resto re origina l method s o that it is written into acce ss log
410	request. getCoyoteR equest().m ethod().se tString(ol dMethod);	443	request. getCoyoteR equest().m ethod().se tString(ol dMethod);
411	}	444	}
412	}	445	}
413		446
414		447
415	/**	448	/**
416	* Cal led to for ward to th e error pa ge	449	* Cal led to for ward to th e error pa ge
417	*	450	*
418	* @pa ram reques t Request we are pro cessing	451	* @pa ram reques t Request we are pro cessing
419	* @pa ram respon se Respons e we are p opulating	452	* @pa ram respon se Respons e we are p opulating
420	* @pa ram config Login configurat ion descri bing how a uthenticat ion	453	* @pa ram config Login configurat ion descri bing how a uthenticat ion
421	* should be performed	454	* should be performed
422	* @th rows IOExc eption If the forwa rd to the error page fails and the call	455	* @th rows IOExc eption If the forwa rd to the error page fails and the call
423	* to {@link Ht tpServletR esponse#se ndError(in t, String) }	456	* to {@link Ht tpServletR esponse#se ndError(in t, String) }
424	* th rows an {@ link IOExc eption}	457	* th rows an {@ link IOExc eption}
425	*/	458	*/
426	protec ted void f orwardToEr rorPage(Re quest requ est,	459	protec ted void f orwardToEr rorPage(Re quest requ est,
427	HttpServ letRespons e response , LoginCon fig config )	460	HttpServ letRespons e response , LoginCon fig config )
428	throws I OException {	461	throws I OException {
429		462
430	St ring error Page = con fig.getErr orPage();	463	St ring error Page = con fig.getErr orPage();
431	if (errorPag e == null \|\| errorPa ge.length( ) == 0) {	464	if (errorPag e == null \|\| errorPa ge.length( ) == 0) {
432	String m sg = sm.ge tString("f ormAuthent icator.noE rrorPage",	465	String m sg = sm.ge tString("f ormAuthent icator.noE rrorPage",
433	context.ge tName());	466	context.ge tName());
434	log.warn (msg);	467	log.warn (msg);
435	response .sendError (HttpServl etResponse .SC_INTERN AL_SERVER_ ERROR,	468	response .sendError (HttpServl etResponse .SC_INTERN AL_SERVER_ ERROR,
436	msg);	469	msg);
437	return;	470	return;
438	}	471	}
439		472
440	Re questDispa tcher disp =	473	Re questDispa tcher disp =
441	cont ext.getSer vletContex t().getReq uestDispat cher(confi g.getError Page());	474	cont ext.getSer vletContex t().getReq uestDispat cher(confi g.getError Page());
442	tr y {	475	tr y {
443	if (cont ext.fireRe questInitE vent(reque st.getRequ est())) {	476	if (cont ext.fireRe questInitE vent(reque st.getRequ est())) {
444	disp .forward(r equest.get Request(), response) ;	477	disp .forward(r equest.get Request(), response) ;
445	cont ext.fireRe questDestr oyEvent(re quest.getR equest());	478	cont ext.fireRe questDestr oyEvent(re quest.getR equest());
446	}	479	}
447	} catch (Thr owable t) {	480	} catch (Thr owable t) {
448	Exceptio nUtils.han dleThrowab le(t);	481	Exceptio nUtils.han dleThrowab le(t);
449	String m sg = sm.ge tString("f ormAuthent icator.for wardErrorF ail");	482	String m sg = sm.ge tString("f ormAuthent icator.for wardErrorF ail");
450	log.warn (msg, t);	483	log.warn (msg, t);
451	request. setAttribu te(Request Dispatcher .ERROR_EXC EPTION, t) ;	484	request. setAttribu te(Request Dispatcher .ERROR_EXC EPTION, t) ;
452	response .sendError (HttpServl etResponse .SC_INTERN AL_SERVER_ ERROR,	485	response .sendError (HttpServl etResponse .SC_INTERN AL_SERVER_ ERROR,
453	msg);	486	msg);
454	}	487	}
455	}	488	}
456		489
457		490
458	/**	491	/**
459	* Doe s this req uest match the saved one (so t hat it mus t be the r edirect	492	* Doe s this req uest match the saved one (so t hat it mus t be the r edirect
460	* we signaled a fter succe ssful auth entication ?	493	* we signaled a fter succe ssful auth entication ?
461	*	494	*
462	* @pa ram reques t The requ est to be verified	495	* @pa ram reques t The requ est to be verified
		496	* @re turn <code >true</cod e> if the requests m atched the saved one
463	*/	497	*/
464	protec ted boolea n matchReq uest(Reque st request ) {	498	protec ted boolea n matchReq uest(Reque st request ) {
465	// Has a ses sion been created?	499	// Has a ses sion been created?
466	Se ssion sess ion = requ est.getSes sionIntern al(false);	500	Se ssion sess ion = requ est.getSes sionIntern al(false);
467	if (session == null) {	501	if (session == null) {
468	return f alse;	502	return f alse;
469	}	503	}
470		504
471	// Is there a saved re quest?	505	// Is there a saved re quest?
472	Sa vedRequest sreq =	506	Sa vedRequest sreq =
473	(Sav edRequest) session.g etNote(Con stants.FOR M_REQUEST_ NOTE);	507	(Sav edRequest) session.g etNote(Con stants.FOR M_REQUEST_ NOTE);
474	if (sreq == null) {	508	if (sreq == null) {
475	return f alse;	509	return f alse;
476	}	510	}
477		511
478	// Is there a saved pr incipal?	512	// Is there a saved pr incipal?
479	if (session. getNote(Co nstants.FO RM_PRINCIP AL_NOTE) = = null) {	513	if (session. getNote(Co nstants.FO RM_PRINCIP AL_NOTE) = = null) {
480	return f alse;	514	return f alse;
481	}	515	}
482		516
483	// Does the request UR I match?	517	// Does the request UR I match?
484	St ring decod edRequestU RI = reque st.getDeco dedRequest URI();	518	St ring decod edRequestU RI = reque st.getDeco dedRequest URI();
485	if (decodedR equestURI == null) {	519	if (decodedR equestURI == null) {
486	return f alse;	520	return f alse;
487	}	521	}
488	re turn decod edRequestU RI.equals( sreq.getDe codedReque stURI());	522	re turn decod edRequestU RI.equals( sreq.getDe codedReque stURI());
489	}	523	}
490		524
491		525
492	/**	526	/**
493	* Res tore the o riginal re quest from informati on stored in our ses sion.	527	* Res tore the o riginal re quest from informati on stored in our ses sion.
494	* If the origin al request is no lon ger presen t (because the sessi on	528	* If the origin al request is no lon ger presen t (because the sessi on
495	* tim ed out), r eturn <cod e>false</c ode>; othe rwise, ret urn	529	* tim ed out), r eturn <cod e>false</c ode>; othe rwise, ret urn
496	* <co de>true</c ode>.	530	* <co de>true</c ode>.
497	*	531	*
498	* @pa ram reques t The requ est to be restored	532	* @pa ram reques t The requ est to be restored
499	* @pa ram sessio n The sess ion contai ning the s aved infor mation	533	* @pa ram sessio n The sess ion contai ning the s aved infor mation
		534	* @re turn <code >true</cod e> if the request wa s successf ully resto red
		535	* @th rows IOExc eption if an IO erro r occurred during th e process
500	*/	536	*/
501	protec ted boolea n restoreR equest(Req uest reque st, Sessio n session)	537	protec ted boolea n restoreR equest(Req uest reque st, Sessio n session)
502	throws I OException {	538	throws I OException {
503		539
504	// Retrieve and remove the Saved Request ob ject from our sessio n	540	// Retrieve and remove the Saved Request ob ject from our sessio n
505	Sa vedRequest saved = ( SavedReque st)	541	Sa vedRequest saved = ( SavedReque st)
506	session. getNote(Co nstants.FO RM_REQUEST _NOTE);	542	session. getNote(Co nstants.FO RM_REQUEST _NOTE);
507	se ssion.remo veNote(Con stants.FOR M_REQUEST_ NOTE);	543	se ssion.remo veNote(Con stants.FOR M_REQUEST_ NOTE);
508	se ssion.remo veNote(Con stants.FOR M_PRINCIPA L_NOTE);	544	se ssion.remo veNote(Con stants.FOR M_PRINCIPA L_NOTE);
509	if (saved == null) {	545	if (saved == null) {
510	return f alse;	546	return f alse;
511	}	547	}
512		548
513	// Swallow a ny request body sinc e we will be replaci ng it	549	// Swallow a ny request body sinc e we will be replaci ng it
514	// Need to d o this bef ore header s are rest ored as AJ P connecto r uses	550	// Need to d o this bef ore header s are rest ored as AJ P connecto r uses
515	// content l ength head er to dete rmine how much data needs to b e read for	551	// content l ength head er to dete rmine how much data needs to b e read for
516	// request b ody	552	// request b ody
517	by te[] buffe r = new by te[4096];	553	by te[] buffe r = new by te[4096];
518	In putStream is = reque st.createI nputStream ();	554	In putStream is = reque st.createI nputStream ();
519	wh ile (is.re ad(buffer) >= 0) {	555	wh ile (is.re ad(buffer) >= 0) {
520	// Ignor e request body	556	// Ignor e request body
521	}	557	}
522		558
523	// Modify ou r current request to reflect t he origina l one	559	// Modify ou r current request to reflect t he origina l one
524	re quest.clea rCookies() ;	560	re quest.clea rCookies() ;
525	It erator<Coo kie> cooki es = saved .getCookie s();	561	It erator<Coo kie> cooki es = saved .getCookie s();
526	wh ile (cooki es.hasNext ()) {	562	wh ile (cooki es.hasNext ()) {
527	request. addCookie( cookies.ne xt());	563	request. addCookie( cookies.ne xt());
528	}	564	}
529		565
530	St ring metho d = saved. getMethod( );	566	St ring metho d = saved. getMethod( );
531	Mi meHeaders rmh = requ est.getCoy oteRequest ().getMime Headers();	567	Mi meHeaders rmh = requ est.getCoy oteRequest ().getMime Headers();
532	rm h.recycle( );	568	rm h.recycle( );
533	bo olean cach eable = "G ET".equals IgnoreCase (method) \| \|	569	bo olean cach eable = "G ET".equals IgnoreCase (method) \| \|
534	"HE AD".equals IgnoreCase (method);	570	"HE AD".equals IgnoreCase (method);
535	It erator<Str ing> names = saved.g etHeaderNa mes();	571	It erator<Str ing> names = saved.g etHeaderNa mes();
536	wh ile (names .hasNext() ) {	572	wh ile (names .hasNext() ) {
537	String n ame = name s.next();	573	String n ame = name s.next();
538	// The b rowser isn 't expecti ng this co nditional response n ow.	574	// The b rowser isn 't expecti ng this co nditional response n ow.
539	// Assum ing that i t can quie tly recove r from an unexpected 412.	575	// Assum ing that i t can quie tly recove r from an unexpected 412.
540	// BZ 43 687	576	// BZ 43 687
541	if(!("If -Modified- Since".equ alsIgnoreC ase(name) \|\|	577	if(!("If -Modified- Since".equ alsIgnoreC ase(name) \|\|
542	(ca cheable && "If-None- Match".equ alsIgnoreC ase(name)) )) {	578	(ca cheable && "If-None- Match".equ alsIgnoreC ase(name)) )) {
543	Iter ator<Strin g> values = saved.ge tHeaderVal ues(name);	579	Iter ator<Strin g> values = saved.ge tHeaderVal ues(name);
544	whil e (values. hasNext()) {	580	whil e (values. hasNext()) {
545	rmh.addVal ue(name).s etString(v alues.next ());	581	rmh.addVal ue(name).s etString(v alues.next ());
546	}	582	}
547	}	583	}
548	}	584	}
549		585
550	re quest.clea rLocales() ;	586	re quest.clea rLocales() ;
551	It erator<Loc ale> local es = saved .getLocale s();	587	It erator<Loc ale> local es = saved .getLocale s();
552	wh ile (local es.hasNext ()) {	588	wh ile (local es.hasNext ()) {
553	request. addLocale( locales.ne xt());	589	request. addLocale( locales.ne xt());
554	}	590	}
555		591
556	re quest.getC oyoteReque st().getPa rameters() .recycle() ;	592	re quest.getC oyoteReque st().getPa rameters() .recycle() ;
557	re quest.getC oyoteReque st().getPa rameters() .setQueryS tringEncod ing(
558	requ est.getCon nector().g etURIEncod ing());
559		593
560	By teChunk bo dy = saved .getBody() ;	594	By teChunk bo dy = saved .getBody() ;
561		595
562	if (body != null) {	596	if (body != null) {
563	request. getCoyoteR equest().a ction	597	request. getCoyoteR equest().a ction
564	(Act ionCode.RE Q_SET_BODY _REPLAY, b ody);	598	(Act ionCode.RE Q_SET_BODY _REPLAY, b ody);
565		599
566	// Set c ontent typ e	600	// Set c ontent typ e
567	MessageB ytes conte ntType = M essageByte s.newInsta nce();	601	MessageB ytes conte ntType = M essageByte s.newInsta nce();
568		602
569	// If no content t ype specif ied, use d efault for POST	603	// If no content t ype specif ied, use d efault for POST
570	String s avedConten tType = sa ved.getCon tentType() ;	604	String s avedConten tType = sa ved.getCon tentType() ;
571	if (save dContentTy pe == null && "POST" .equalsIgn oreCase(me thod)) {	605	if (save dContentTy pe == null && "POST" .equalsIgn oreCase(me thod)) {
572	save dContentTy pe = "appl ication/x- www-form-u rlencoded" ;	606	save dContentTy pe = "appl ication/x- www-form-u rlencoded" ;
573	}	607	}
574		608
575	contentT ype.setStr ing(savedC ontentType );	609	contentT ype.setStr ing(savedC ontentType );
576	request. getCoyoteR equest().s etContentT ype(conten tType);	610	request. getCoyoteR equest().s etContentT ype(conten tType);
577	}	611	}
578		612
579	re quest.getC oyoteReque st().metho d().setStr ing(method );	613	re quest.getC oyoteReque st().metho d().setStr ing(method );
580		614
581	re turn true;	615	re turn true;
582	}	616	}
583		617
584		618
585	/**	619	/**
586	* Sav e the orig inal reque st informa tion into our sessio n.	620	* Sav e the orig inal reque st informa tion into our sessio n.
587	*	621	*
588	* @pa ram reques t The requ est to be saved	622	* @pa ram reques t The requ est to be saved
589	* @pa ram sessio n The sess ion to con tain the s aved infor mation	623	* @pa ram sessio n The sess ion to con tain the s aved infor mation
590	* @throws IOExceptio n	624	* @throws IOExceptio n if an IO error occu rred durin g the proc ess
591	*/	625	*/
592	protec ted void s aveRequest (Request r equest, Se ssion sess ion)	626	protec ted void s aveRequest (Request r equest, Se ssion sess ion)
593	th rows IOExc eption {	627	th rows IOExc eption {
594		628
595	// Create an d populate a SavedRe quest obje ct for thi s request	629	// Create an d populate a SavedRe quest obje ct for thi s request
596	Sa vedRequest saved = n ew SavedRe quest();	630	Sa vedRequest saved = n ew SavedRe quest();
597	Co okie cooki es[] = req uest.getCo okies();	631	Co okie cooki es[] = req uest.getCo okies();
598	if (cookies != null) {	632	if (cookies != null) {
599	for (int i = 0; i < cookies. length; i+ +) {	633	for (int i = 0; i < cookies. length; i+ +) {
600	save d.addCooki e(cookies[ i]);	634	save d.addCooki e(cookies[ i]);
601	}	635	}
602	}	636	}
603	En umeration< String> na mes = requ est.getHea derNames() ;	637	En umeration< String> na mes = requ est.getHea derNames() ;
604	wh ile (names .hasMoreEl ements()) {	638	wh ile (names .hasMoreEl ements()) {
605	String n ame = name s.nextElem ent();	639	String n ame = name s.nextElem ent();
606	Enumerat ion<String > values = request.g etHeaders( name);	640	Enumerat ion<String > values = request.g etHeaders( name);
607	while (v alues.hasM oreElement s()) {	641	while (v alues.hasM oreElement s()) {
608	Stri ng value = values.ne xtElement( );	642	Stri ng value = values.ne xtElement( );
609	save d.addHeade r(name, va lue);	643	save d.addHeade r(name, va lue);
610	}	644	}
611	}	645	}
612	En umeration< Locale> lo cales = re quest.getL ocales();	646	En umeration< Locale> lo cales = re quest.getL ocales();
613	wh ile (local es.hasMore Elements() ) {	647	wh ile (local es.hasMore Elements() ) {
614	Locale l ocale = lo cales.next Element();	648	Locale l ocale = lo cales.next Element();
615	saved.ad dLocale(lo cale);	649	saved.ad dLocale(lo cale);
616	}	650	}
617		651
618	// May need to acknowl edge a 100 -continue expectatio n	652	// May need to acknowl edge a 100 -continue expectatio n
619	re quest.getR esponse(). sendAcknow ledgement( );	653	re quest.getR esponse(). sendAcknow ledgement( );
620		654
621	By teChunk bo dy = new B yteChunk() ;	655	By teChunk bo dy = new B yteChunk() ;
622	bo dy.setLimi t(request. getConnect or().getMa xSavePostS ize());	656	bo dy.setLimi t(request. getConnect or().getMa xSavePostS ize());
623		657
624	by te[] buffe r = new by te[4096];	658	by te[] buffe r = new by te[4096];
625	in t bytesRea d;	659	in t bytesRea d;
626	In putStream is = reque st.getInpu tStream();	660	In putStream is = reque st.getInpu tStream();
627		661
628	wh ile ( (byt esRead = i s.read(buf fer) ) >= 0) {	662	wh ile ( (byt esRead = i s.read(buf fer) ) >= 0) {
629	body.app end(buffer , 0, bytes Read);	663	body.app end(buffer , 0, bytes Read);
630	}	664	}
631		665
632	// Only save the reque st body if there is something to save	666	// Only save the reque st body if there is something to save
633	if (body.get Length() > 0) {	667	if (body.get Length() > 0) {
634	saved.se tContentTy pe(request .getConten tType());	668	saved.se tContentTy pe(request .getConten tType());
635	saved.se tBody(body );	669	saved.se tBody(body );
636	}	670	}
637		671
638	sa ved.setMet hod(reques t.getMetho d());	672	sa ved.setMet hod(reques t.getMetho d());
639	sa ved.setQue ryString(r equest.get QueryStrin g());	673	sa ved.setQue ryString(r equest.get QueryStrin g());
640	sa ved.setReq uestURI(re quest.getR equestURI( ));	674	sa ved.setReq uestURI(re quest.getR equestURI( ));
641	sa ved.setDec odedReques tURI(reque st.getDeco dedRequest URI());	675	sa ved.setDec odedReques tURI(reque st.getDeco dedRequest URI());
642		676
643	// Stash the SavedRequ est in our session f or later u se	677	// Stash the SavedRequ est in our session f or later u se
644	se ssion.setN ote(Consta nts.FORM_R EQUEST_NOT E, saved);	678	se ssion.setN ote(Consta nts.FORM_R EQUEST_NOT E, saved);
645	}	679	}
646		680
647		681
648	/**	682	/**
649	* Ret urn the re quest URI (with the correspond ing query string, if any)	683	* Ret urn the re quest URI (with the correspond ing query string, if any)
650	* fro m the save d request so that we can redir ect to it.	684	* fro m the save d request so that we can redir ect to it.
651	*	685	*
652	* @pa ram sessio n Our curr ent sessio n	686	* @pa ram sessio n Our curr ent sessio n
		687	* @re turn the o riginal re quest URL
653	*/	688	*/
654	protec ted String savedRequ estURL(Ses sion sessi on) {	689	protec ted String savedRequ estURL(Ses sion sessi on) {
655		690
656	Sa vedRequest saved =	691	Sa vedRequest saved =
657	(SavedRe quest) ses sion.getNo te(Constan ts.FORM_RE QUEST_NOTE );	692	(SavedRe quest) ses sion.getNo te(Constan ts.FORM_RE QUEST_NOTE );
658	if (saved == null) {	693	if (saved == null) {
659	return ( null);	694	return ( null);
660	}	695	}
661	St ringBuilde r sb = new StringBui lder(saved .getReques tURI());	696	St ringBuilde r sb = new StringBui lder(saved .getReques tURI());
662	if (saved.ge tQueryStri ng() != nu ll) {	697	if (saved.ge tQueryStri ng() != nu ll) {
663	sb.appen d('?');	698	sb.appen d('?');
664	sb.appen d(saved.ge tQueryStri ng());	699	sb.appen d(saved.ge tQueryStri ng());
665	}	700	}
666	re turn (sb.t oString()) ;	701	re turn (sb.t oString()) ;
667		702
668	}	703	}
669		704
670		705
671	}	706	}