projects / mono.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 22fe542)
2006-01-25 Chris Toshok <toshok@ximian.com>
authorChris Toshok <toshok@novell.com>
Wed, 25 Jan 2006 18:44:55 +0000 (18:44 -0000)
committerChris Toshok <toshok@novell.com>
Wed, 25 Jan 2006 18:44:55 +0000 (18:44 -0000)
* AuthorizationSection.cs (IsValidUser): instead of a blanket
false for a null user, just set the username to "" and short
circuit out the check for roles.

svn path=/trunk/mcs/; revision=56055

mcs/class/System.Web/System.Web.Configuration_2.0/AuthorizationSection.cs patch | blob | history
mcs/class/System.Web/System.Web.Configuration_2.0/ChangeLog patch | blob | history

diff --git a/mcs/class/System.Web/System.Web.Configuration_2.0/AuthorizationSection.cs b/mcs/class/System.Web/System.Web.Configuration_2.0/AuthorizationSection.cs
index b3a16a78ebbfca18fbad5961074fcbeebce64688..7f0a64f730663aaf0b8020d75916877e2c10a050 100644 (file)
--- a/mcs/class/System.Web/System.Web.Configuration_2.0/AuthorizationSection.cs
+++ b/mcs/class/System.Web/System.Web.Configuration_2.0/AuthorizationSection.cs
@@ -69,14 +69,13 @@ namespace System.Web.Configuration {
 
                internal bool IsValidUser (IPrincipal user, string verb)
                {
-                       if (user == null)
-                               return false;
+                       string username = (user == null) ? "" : user.Identity.Name;
 
                        foreach (AuthorizationRule rule in Rules) {
                                if (!rule.CheckVerb (verb))
                                        continue;
 
-                               if (rule.CheckUser (user.Identity.Name) || rule.CheckRole(user))
+                               if (rule.CheckUser (username) || (user != null && rule.CheckRole(user)))
                                        return (rule.Action == AuthorizationRuleAction.Allow);
                        }
 
diff --git a/mcs/class/System.Web/System.Web.Configuration_2.0/ChangeLog b/mcs/class/System.Web/System.Web.Configuration_2.0/ChangeLog
index 8c4192ab1b7ab9e4432fc805df00091d992d6352..f11fe6ed7e31b0c7187c8b481ccc1856a45fb538 100644 (file)
--- a/mcs/class/System.Web/System.Web.Configuration_2.0/ChangeLog
+++ b/mcs/class/System.Web/System.Web.Configuration_2.0/ChangeLog
@@ -1,3 +1,9 @@
+2006-01-25  Chris Toshok  <toshok@ximian.com>
+
+       * AuthorizationSection.cs (IsValidUser): instead of a blanket
+       false for a null user, just set the username to "" and short
+       circuit out the check for roles.
+
 2006-01-25  Chris Toshok  <toshok@ximian.com>
 
        * AuthorizationRule.cs (CheckUser): handle * and ?, and use
my mono mirror. check out Moved to http://github.com/mono/mono