DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=40150>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40150 [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED | ------- Additional Comments From [EMAIL PROTECTED] 2007-12-13 06:13 ------- While this patch might have improved feedback when an incorrect classnames are provided, it actually fully *breaks* JAASRealm usage when correct classnames are provided but need to be accessed through a ContextClassLoader. We at Apache Jetspeed-2 use the useContextClassLoader=true setting for hooking up our own custom Principal classes as these are provided through the portal application itself, not from a common/shared classloader. Because the new parseClassNames only does a simple Class.forName() check this now fails to validate our classnames for Tomcat 5.5.24 and later and thereby breaking our JAAS based security :( I suggest this to be solved by either: - reverting the patch - keep the current patch but *ignore* a ClassNotFoundException except for logging that it happened - run this method in the appropriate ContextClassLoader for the web app if possible FYI: we have a Jetspeed JIRA issue opened on this bug with some additional information: https://issues.apache.org/jira/browse/JS2-828 Hopefully this issue can be resolved quickly as right now we cannot run Jetspeed on Tomcat >= 5.5.24 Regards, Ate -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
