You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2001/09/13 18:29:35 UTC
[DO NOT REPLY: Bug 3588]
Make roles of a user available
PLEASE DO NOT REPLY TO THIS MESSAGE. TO FURTHER COMMENT
ON THE STATUS OF THIS BUG PLEASE FOLLOW THE LINK BELOW
AND USE THE ON-LINE APPLICATION. REPLYING TO THIS MESSAGE
DOES NOT UPDATE THE DATABASE, AND SO YOUR COMMENT WILL
BE LOST SOMEWHERE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=3588
*** shadow/3588 Thu Sep 13 09:19:30 2001
--- shadow/3588.tmp.8416 Thu Sep 13 09:29:35 2001
***************
*** 2,9 ****
| Make roles of a user available |
+----------------------------------------------------------------------------+
| Bug #: 3588 Product: Tomcat 4 |
! | Status: NEW Version: 4.0 Release Candidate 1 |
! | Resolution: Platform: Other |
| Severity: Enhancement OS/Version: Other |
| Priority: Other Component: Catalina |
+----------------------------------------------------------------------------+
--- 2,9 ----
| Make roles of a user available |
+----------------------------------------------------------------------------+
| Bug #: 3588 Product: Tomcat 4 |
! | Status: RESOLVED Version: 4.0 Release Candidate 1 |
! | Resolution: WONTFIX Platform: Other |
| Severity: Enhancement OS/Version: Other |
| Priority: Other Component: Catalina |
+----------------------------------------------------------------------------+
***************
*** 26,29 ****
This is partly the same for Tomcat 3.x, but as the new classes in Catalina are
more modular and sophisticated I assume such enhancement to be more useful for
! the new generation of Tomcat.
--- 26,40 ----
This is partly the same for Tomcat 3.x, but as the new classes in Catalina are
more modular and sophisticated I assume such enhancement to be more useful for
! the new generation of Tomcat.
!
! ------- Additional Comments From craig.mcclanahan@sun.com 2001-09-13 09:29 -------
! Tomcat (all versions) conforms to the standard servlet APIs, and these APIs
! provide no mechanism to ask for all the roles a user has. Indeed, in some
! security environments, there *is* no single place where this information is
! accumulated, so it would not always be possible to implement such a method.
!
! You could certainly write a piece of code (installed *inside* Tomcat so that it
! has visibility to the needed classes) that makes this info available for the
! default Realm implementations, but it would be specific to Tomcat and not
! portable to any other container.