You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2006/01/19 23:54:20 UTC
DO NOT REPLY [Bug 7831] - [PATCH] JNDIRealm does not work with CLIENT-CERT auth method
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=7831>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=7831
------- Additional Comments From markt@apache.org 2006-01-19 23:54 -------
I do want to add support for certificate authentication to the JNDIRealm and
your patch has given me food for thought. I am minded, however, to use your
patch as a basis for an implementation of getPrincipal() rather than over-riding
authenticate(X509Certificate).
In terms of suporting muliple LDAP servers my intention is to provide something
that works for OpenLDAP and can be over-ridden as required for other directories.
I have started to look at your patch and have the following comments. Where I
have questions, any further information you can provide will help me understand
the rationale for the approach you took.
1. I moved the classes into the o.a.c.Realm package.
2. Please keep to the coding standards of the original when copying source. It
makes it much easier to find where you have made any subtle changes.
3. CertUser looks to be unnecessary - why not use User from JNDIRealm?
4. Your changes to authenticate(String, String) appear to be unrelated to adding
support for certificates. Please keep patches for different issues separate so
they can be considered separately. Feel free to file a new bug for this one.
5. You appear to have reverted the patches for bugs 23190, 16541 and 26487. What
is the reason for this?
6. The patch for bug 22236 has also been reverted. Is this intentional?
7. If there a reason that getCertUserByPattern() isn't supported?
8. A change commiited at the same time as bug 22236 to
addAttributeValues(String, Attributes, ArrayList) that modified the return value
from null to values in a couple of places has also been reverted. Why?
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org