Index: container/webapps/docs/changelog.xml
===================================================================
--- container/webapps/docs/changelog.xml (wersja 781378)
+++ container/webapps/docs/changelog.xml (wersja 781379)
@@ -76,6 +76,11 @@
logging at the context level but the security policy prevents this.
(markt/rjung)
+
+ Fix an information disclosure vulnerability in a number of the Realms
+ that allowed user enumeration when using FORM authentication. This is
+ CVE-2009-0580. (markt)
+
Index: container/catalina/src/share/org/apache/catalina/realm/DataSourceRealm.java
===================================================================
--- container/catalina/src/share/org/apache/catalina/realm/DataSourceRealm.java (wersja 781378)
+++ container/catalina/src/share/org/apache/catalina/realm/DataSourceRealm.java (wersja 781379)
@@ -270,8 +270,9 @@
*/
public Principal authenticate(String username, String credentials) {
- // No user - can't possibly authenticate, don't bother the database then
- if (username == null) {
+ // No user or no credentials
+ // Can't possibly authenticate, don't bother the database then
+ if (username == null || credentials == null) {
return null;
}
Index: container/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java
===================================================================
--- container/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java (wersja 781378)
+++ container/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java (wersja 781379)
@@ -393,9 +393,10 @@
String username,
String credentials) {
- // No user - can't possibly authenticate
- if (username == null) {
- return (null);
+ // No user or no credentials
+ // Can't possibly authenticate, don't bother the database then
+ if (username == null || credentials == null) {
+ return null;
}
// Look up the user's credentials
Index: container/catalina/src/share/org/apache/catalina/realm/MemoryRealm.java
===================================================================
--- container/catalina/src/share/org/apache/catalina/realm/MemoryRealm.java (wersja 781378)
+++ container/catalina/src/share/org/apache/catalina/realm/MemoryRealm.java (wersja 781379)
@@ -147,7 +147,7 @@
(GenericPrincipal) principals.get(username);
boolean validated = false;
- if (principal != null) {
+ if (principal != null && credentials != null) {
if (hasMessageDigest()) {
// Hex hashes should be compared case-insensitive
validated = (digest(credentials)