From 65bc61a466fdc4ccc0ee281bd411fca7cb11adb0 Mon Sep 17 00:00:00 2001
From: Mark Thomas <markt@apache.org>
Date: Mon, 20 Apr 2020 21:28:41 +0100
Subject: [PATCH] Log a warning if adding CredentialHandler to CombinedRealm

---
 java/org/apache/catalina/realm/CombinedRealm.java      | 9 +++++++++
 java/org/apache/catalina/realm/LocalStrings.properties | 1 +
 webapps/docs/changelog.xml                             | 7 +++++++
 3 files changed, 17 insertions(+)

diff --git a/java/org/apache/catalina/realm/CombinedRealm.java b/java/org/apache/catalina/realm/CombinedRealm.java
index 865120c584fd..0a3f4f211a19 100644
--- a/java/org/apache/catalina/realm/CombinedRealm.java
+++ b/java/org/apache/catalina/realm/CombinedRealm.java
@@ -26,6 +26,7 @@
 import javax.management.ObjectName;
 
 import org.apache.catalina.Container;
+import org.apache.catalina.CredentialHandler;
 import org.apache.catalina.Lifecycle;
 import org.apache.catalina.LifecycleException;
 import org.apache.catalina.Realm;
@@ -461,4 +462,12 @@ public boolean isAvailable() {
         return true;
     }
 
+
+    @Override
+    public void setCredentialHandler(CredentialHandler credentialHandler) {
+        // This is unusual for a CombinedRealm as it does not use
+        // CredentialHandlers. It might be a mis-configuration so warn the user.
+        log.warn(sm.getString("combinedRealm.setCredentialHandler"));
+        super.setCredentialHandler(credentialHandler);
+    }
 }
diff --git a/java/org/apache/catalina/realm/LocalStrings.properties b/java/org/apache/catalina/realm/LocalStrings.properties
index 2892408b0b5a..20398fa6e008 100644
--- a/java/org/apache/catalina/realm/LocalStrings.properties
+++ b/java/org/apache/catalina/realm/LocalStrings.properties
@@ -20,6 +20,7 @@ combinedRealm.authSuccess=Authenticated user [{0}] with realm [{1}]
 combinedRealm.getPassword=The getPassword() method should never be called
 combinedRealm.getPrincipal=The getPrincipal() method should never be called
 combinedRealm.realmStartFail=Failed to start [{0}] realm
+combinedRealm.setCredentialHandler=A CredentialHandler was set on an instance of the CombinedRealm (or a sub-class of CombinedRealm). CombinedRealm doesn't use a configured CredentialHandler. Is this a configuration error?
 combinedRealm.unexpectedMethod=An unexpected call was made to a method on the combined realm
 
 credentialHandler.invalidStoredCredential=The invalid stored credential string [{0}] was provided by the Realm to match with the user provided credentials
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 771f99e256c0..a333475e6325 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -75,6 +75,13 @@
         Remove redundant sole path/URI from error page message on SC_NOT_FOUND.
         (michaelo)
       </update>
+      <add>
+        Log a warning if a <code>CredentialHandler</code> instance is added to
+        an instance of the <code>CombinedRealm</code> (or a sub-class) as the
+        <code>CombinedRealm</code> doesn't use a configued
+        <code>CredentialHandler</code> and it is likely that a configuration
+        error has occurred. (markt)
+      </add>
     </changelog>
   </subsection>
   <subsection name="Coyote">