[GitHub] [tomcat] cklein05 commented on pull request #420: UserDatabaseRealm does not rely on cached roles only

[GitBox <gi...@apache.org>]

cklein05 commented on pull request #420:
URL: https://github.com/apache/tomcat/pull/420#issuecomment-852011219


   Rémy,
   
   thanks for pushing this. Primarily, I like to get rid of class `UserDatabaseRealm.UserDatabasePrincipal`, which was introduced as a replacement for `org.apache.catalina.User`. Since `User` has a `getPassword()` method, it's no good candidate for being used as a `GenericPrincipal.userPrincipal`. So it was replaced by `UserDatabasePrincipal`, which is both private and not serializable.
   
   I'm working on a enhancement that also extends `GenericPrincipal` . For that enhancement, things would be easier without having `UserDatabasePrincipal` around.
   
   However, I understand that backporting may be a problem due to users using JMX to modify groups and roles in a live manner.
   
   Couldn't we instead only drop `UserDatabasePrincipal` (which acts like a tag interface) and leave the _live role lookup_ in place with older versioins/branches?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org