angler-fishThe Vulnerability History Project

Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=12428

      Add optional support for preemptive authentication on a per context basis
Based on a patch suggested by Werner Donn
This includes the fix for CVE-2011-1183

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1087643 13f79535-47bb-0310-9956-ffa450edef68
by Pauline the Wren 2011-04-01 10:49:43 UTC
commit b7b5c63a932f6c1ea05f9b65ad9054247bb5af57
Tomcat Fix CVE-2011-1183 VCC CVE-2011-1184
java/org/apache/catalina/Context.java
-13
java/org/apache/catalina/authenticator/AuthenticatorBase.java
+36 -58
java/org/apache/catalina/core/StandardContext.java
-14
java/org/apache/catalina/startup/ContextConfig.java
+6 -11
test/org/apache/catalina/core/TestStandardWrapper.java
-24
test/webapp-3.0-servletsecurity2/WEB-INF/web.xml
-43
test/webapp-3.0-servletsecurity2/protected.jsp
-23
test/webapp-3.0-servletsecurity2/unprotected.jsp
-23
webapps/docs/changelog.xml
-5
webapps/docs/config/context.xml
-10
expand_less