https://bz.apache.org/bugzilla/show_bug.cgi?id=59750
--- Comment #6 from Christopher Schultz <ch...@christopherschultz.net> --- (In reply to Michael Osipov from comment #5) > GSSName or X509Certificate and like. I always prefer passing Object and the > implementation decides about the cast. Seems reasonable. Tomcat only supports authentication for string usernames or X509 certificates (where the "username" is extracted as a String value from the certificate via a X509UsernameRetriever). Do you still feel there is a need for the user-identifier to be a generic Object? -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org