On 10/03/2016 22:37, Christopher Schultz wrote:
> Mark,
> 
> On 3/10/16 5:03 PM, ma...@apache.org wrote:
>> Author: markt
>> Date: Thu Mar 10 22:03:44 2016
>> New Revision: 1734468
>>
>> URL: http://svn.apache.org/viewvc?rev=1734468&view=rev
>> Log:
>> Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59154
>> Fix a NullPointerException in the JASSMemoryLoginModue resulting from the 
>> introduction of the CredentialHandler to Realms

<snip/>

> "iterations" and "saltLength" should not be necessary, since neither the
> JAASModule nor the Realm can generate new stored credentials from
> plaintext ones.

Of course. I was thinking there were required when comparing but
everything required is stored in the 'password'.

> I was thinking we might add a "handler" option to specify the
> CredentiaHandler to use with the MemoryRealm. I'm not sure what to do
> about the options for an individual CH, though. :(

Me too. credentialHandlerClassname + Introspection utils to pass all
configured options to the CredentialHandler instance. Non-matching ones
can be ignored.

I'll look at this shortly.

Mark


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to