diff options
author | vakwetu <vakwetu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-08-04 18:36:26 +0000 |
---|---|---|
committer | vakwetu <vakwetu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-08-04 18:36:26 +0000 |
commit | c449610f779afb2242180d68180cfa4a9a9a641d (patch) | |
tree | 15536876f2b7ae72b801640cb485cee6bb804043 /pki/base/common/src/com | |
parent | dc6295bfd6153f23bc2ad96b1ca07e695f9faade (diff) | |
download | pki-c449610f779afb2242180d68180cfa4a9a9a641d.tar.gz pki-c449610f779afb2242180d68180cfa4a9a9a641d.tar.xz pki-c449610f779afb2242180d68180cfa4a9a9a641d.zip |
Resolves #708075 - Clone installation does not work over NAT
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2105 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/common/src/com')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java | 28 |
1 files changed, 18 insertions, 10 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java index 16376405f..ebcafe86b 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java @@ -64,23 +64,31 @@ public class TokenAuthenticate extends CMSServlet { String givenHost = httpReq.getParameter("hostname"); CMS.debug("TokenAuthentication: givenHost=" + givenHost); + boolean checkIP = false; + try { + checkIP = config.getBoolean("securitydomain.checkIP", false); + } catch (Exception e) { + } + ISecurityDomainSessionTable table = CMS.getSecurityDomainSessionTable(); String uid = ""; String gid = ""; CMS.debug("TokenAuthentication: checking session in the session table"); if (table.isSessionIdExist(sessionId)) { CMS.debug("TokenAuthentication: found session"); - String hostname = table.getIP(sessionId); - if (hostname.equals(givenHost)) { - CMS.debug("TokenAuthentication: hostname and givenHost matched"); - uid = table.getUID(sessionId); - gid = table.getGroup(sessionId); - } else { - CMS.debug("TokenAuthentication: hostname=" + hostname + " and givenHost=" + givenHost + " is different"); - CMS.debug("TokenAuthenticate authenticate failed, wrong hostname."); - outputError(httpResp, "Error: Failed Authentication"); - return; + if (checkIP) { + String hostname = table.getIP(sessionId); + if (! hostname.equals(givenHost)) { + CMS.debug("TokenAuthentication: hostname=" + hostname + " and givenHost=" + + givenHost + " are different"); + CMS.debug("TokenAuthenticate authenticate failed, wrong hostname."); + outputError(httpResp, "Error: Failed Authentication"); + return; + } } + + uid = table.getUID(sessionId); + gid = table.getGroup(sessionId); } else { CMS.debug("TokenAuthentication: session not found"); CMS.debug("TokenAuthentication authenticate failed, session id does not exist."); |