You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2001/09/13 18:19:30 UTC

[DO NOT REPLY: Bug 3588] New: Make roles of a user available

PLEASE DO NOT REPLY TO THIS MESSAGE. TO FURTHER COMMENT
ON THE STATUS OF THIS BUG PLEASE FOLLOW THE LINK BELOW
AND USE THE ON-LINE APPLICATION. REPLYING TO THIS MESSAGE
DOES NOT UPDATE THE DATABASE, AND SO YOUR COMMENT WILL
BE LOST SOMEWHERE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=3588

*** shadow/3588	Thu Sep 13 09:19:30 2001
--- shadow/3588.tmp.8212	Thu Sep 13 09:19:30 2001
***************
*** 0 ****
--- 1,29 ----
+ +============================================================================+
+ | Make roles of a user available                                             |
+ +----------------------------------------------------------------------------+
+ |        Bug #: 3588                        Product: Tomcat 4                |
+ |       Status: NEW                         Version: 4.0 Release Candidate 1 |
+ |   Resolution:                            Platform: Other                   |
+ |     Severity: Enhancement              OS/Version: Other                   |
+ |     Priority: Other                     Component: Catalina                |
+ +----------------------------------------------------------------------------+
+ |  Assigned To: tomcat-dev@jakarta.apache.org                                |
+ |  Reported By: keil@surveycom.com                                           |
+ |      CC list: Cc:                                                          |
+ +----------------------------------------------------------------------------+
+ |          URL:                                                              |
+ +============================================================================+
+ |                              DESCRIPTION                                   |
+ Is there a reason (security or other) that the list/array of roles in a 
+ GenericPrincipal is not accesible from other classes?
+ 
+ In certain web applications we found it would be nececcary to tell ALL the 
+ roles of a user not query each one for existence. Especially if the roles do 
+ not follow a fixed scheme or change from user to user it is not always possible 
+ to just take a known role and look for it.
+ This could be done by reading the xml/db storage of the roles but is not 
+ efficiant because the roles ARE already there once the user is authenticated.
+ 
+ This is partly the same for Tomcat 3.x, but as the new classes in Catalina are  
+ more modular and sophisticated I assume such enhancement to be more useful for 
+ the new generation of Tomcat.