You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/03/18 22:47:45 UTC
svn commit: r1667627 - in /tomcat/tc6.0.x/trunk/webapps/docs: changelog.xml
config/ajp.xml
Author: markt
Date: Wed Mar 18 21:47:44 2015
New Revision: 1667627
URL: http://svn.apache.org/r1667627
Log:
CTR: Docs
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57706
Clarify the documentation for the AJP connector to make clearer that when using tomcatAuthentication="false" the user provided by the reverse proxy will not be associated with any roles.
Modified:
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
tomcat/tc6.0.x/trunk/webapps/docs/config/ajp.xml
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1667627&r1=1667626&r2=1667627&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Wed Mar 18 21:47:44 2015
@@ -138,6 +138,12 @@
<bug>57503</bug>: Make clear that the JULI integration for log4j only
works with log4j 1.2.x. (markt)
</fix>
+ <fix>
+ <bug>57706</bug>: Clarify the documentation for the AJP connector to
+ make clearer that when using
+ <code>tomcatAuthentication="false"</code> the user provided by
+ the reverse proxy will not be associated with any roles. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Other">
Modified: tomcat/tc6.0.x/trunk/webapps/docs/config/ajp.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/config/ajp.xml?rev=1667627&r1=1667626&r2=1667627&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/config/ajp.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/config/ajp.xml Wed Mar 18 21:47:44 2015
@@ -375,8 +375,9 @@
<attribute name="tomcatAuthentication" required="false">
<p>If set to <code>true</code>, the authentication will be done in Tomcat.
Otherwise, the authenticated principal will be propagated from the native
- webserver and used for authorization in Tomcat.
- The default value is <code>true</code>.</p>
+ webserver and used for authorization in Tomcat. Note that this principal
+ will have no roles associated with it. The default value is
+ <code>true</code>.</p>
</attribute>
</attributes>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org