You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2001/09/13 18:19:30 UTC
[DO NOT REPLY: Bug 3588] New:
Make roles of a user available
PLEASE DO NOT REPLY TO THIS MESSAGE. TO FURTHER COMMENT
ON THE STATUS OF THIS BUG PLEASE FOLLOW THE LINK BELOW
AND USE THE ON-LINE APPLICATION. REPLYING TO THIS MESSAGE
DOES NOT UPDATE THE DATABASE, AND SO YOUR COMMENT WILL
BE LOST SOMEWHERE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=3588
*** shadow/3588 Thu Sep 13 09:19:30 2001
--- shadow/3588.tmp.8212 Thu Sep 13 09:19:30 2001
***************
*** 0 ****
--- 1,29 ----
+ +============================================================================+
+ | Make roles of a user available |
+ +----------------------------------------------------------------------------+
+ | Bug #: 3588 Product: Tomcat 4 |
+ | Status: NEW Version: 4.0 Release Candidate 1 |
+ | Resolution: Platform: Other |
+ | Severity: Enhancement OS/Version: Other |
+ | Priority: Other Component: Catalina |
+ +----------------------------------------------------------------------------+
+ | Assigned To: tomcat-dev@jakarta.apache.org |
+ | Reported By: keil@surveycom.com |
+ | CC list: Cc: |
+ +----------------------------------------------------------------------------+
+ | URL: |
+ +============================================================================+
+ | DESCRIPTION |
+ Is there a reason (security or other) that the list/array of roles in a
+ GenericPrincipal is not accesible from other classes?
+
+ In certain web applications we found it would be nececcary to tell ALL the
+ roles of a user not query each one for existence. Especially if the roles do
+ not follow a fixed scheme or change from user to user it is not always possible
+ to just take a known role and look for it.
+ This could be done by reading the xml/db storage of the roles but is not
+ efficiant because the roles ARE already there once the user is authenticated.
+
+ This is partly the same for Tomcat 3.x, but as the new classes in Catalina are
+ more modular and sophisticated I assume such enhancement to be more useful for
+ the new generation of Tomcat.