This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 4bf1264 Clarify the JASPIC docs
4bf1264 is described below
commit 4bf1264cc58e4fd09da84c69c732429927cee4e6
Author: Mark Thomas <[email protected]>
AuthorDate: Mon Sep 27 17:44:26 2021 +0100
Clarify the JASPIC docs
---
webapps/docs/changelog.xml | 4 ++++
webapps/docs/config/jaspic.xml | 21 +++++++++++++++++----
2 files changed, 21 insertions(+), 4 deletions(-)
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 80eb7a4..2d2690c 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -204,6 +204,10 @@
Update the web applications that are included with Apache Tomcat to use
the Jakarta EE 10 schema for web.xml. (markt)
</update>
+ <fix>
+ Clarify the JASPIC configuration options in the documentation web
+ application. (markt)
+ </fix>
</changelog>
</subsection>
</section>
diff --git a/webapps/docs/config/jaspic.xml b/webapps/docs/config/jaspic.xml
index 1adf68d..15a611f 100644
--- a/webapps/docs/config/jaspic.xml
+++ b/webapps/docs/config/jaspic.xml
@@ -39,10 +39,23 @@
implementation is primarily intended to enable the integration of 3rd party
JASPIC authentication implementations with Tomcat.</p>
- <p>JASPIC may be configured dynamically by an application or statically via
- the <code>$CATALINA_BASE/conf/jaspic-providers.xml</code> configuration file.
- If present, a JASPIC configuration will over-ride any
- <code><login-config></code> present in <code>web.xml</code>.</p>
+ <p>JASPIC may be configured in one of two ways:</p>
+ <ul>
+ <li>At the container level via the static configuration file
+ <code>$CATALINA_BASE/conf/jaspic-providers.xml</code>. With this
+ approach all required classes must be visible to Tomcat's Common class
+ loader which normally means placing a JAR in
+ <code>$CATALINA_BASE/lib</code>.</li>
+ <li>At the web application level via dynamic configuration using the
JASPIC
+ API. With this approach all required classes must be visible to the
web
+ application class loader which normally means placing a JAR in the web
+ application's <code>WEB-INF/lib</code> directory.</li>
+ </ul>
+
+ <p>Users should be aware that if the static JASPIC configuration file
+ configures JASPIC for a given web application then the JASPIC
configuration
+ will take precendence over any <code><login-config></code> present
in
+ the web application's <code>WEB-INF/web.xml</code> file.</p>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]