The following issue has been updated:
Updater: Ate Douma (mailto:[EMAIL PROTECTED])
Date: Wed, 26 May 2004 6:01 AM
Comment:
I attached the patch for the Tomcat 5 JAASRealm.
Also included in the patch are:
- new maven goals:
check.required.properties
I've added two new required properties:
catalina.home, and
catalina.version.major
These properties are used to determine if the patch is required
and where to put it (${catalina.home}/server/classes.
To ensure these properties are available this goal is the first
thing executed by allBuild.
Also checked now are the already required properties:
catalina.shared.lib and deploy.war.dir.
check.patch.tomcat5.jaas.realm
Is executed at the end of allBuild.
Performs the compilation of the JAASRealm class directly into
${catalina.home}/server/classes when catalina.version.major=5.
- new project.xml dependencies to be able to compile the patch:
Just compiling the class against all the Tomcat 5 server jars
didn't work! Strangely enough this class depends on commons-logging
(1.0.3) and JMX (xm4j-mx-1.1.1) which are *not* distributed with
Tomcat 5. How can this class be used without these dependencies???
Tomcat 4 does have these jars in its server/lib folder.
- Updated site/xdocs/getting-started.xml for:
supported versions of Tomcat:
4.1.x and 5.x and only with JDK 1.4
required properties:
catalina.home and catalina.version.major
warning about the patch with a reference to this issue
Regards,
Ate
Changes:
Attachment changed to JS2-55-patch.txt
---------------------------------------------------------------------
For a full history of the issue, see:
http://issues.apache.org/jira/browse/JS2-55?page=history
---------------------------------------------------------------------
View the issue:
http://issues.apache.org/jira/browse/JS2-55
Here is an overview of the issue:
---------------------------------------------------------------------
Key: JS2-55
Summary: JAAS Authentication on Tomcat 5
Type: New Feature
Status: Unassigned
Priority: Major
Project: Jetspeed 2
Components:
Security
Versions:
2.0-a1
Assignee:
Reporter: Ate Douma
Created: Tue, 25 May 2004 3:26 PM
Updated: Wed, 26 May 2004 6:01 AM
Environment: Tomcat 5.0.24, J2SE 1.4.2_03
Description:
As discussed on the Jetspeed developers mailinglist (thread starts with:
http://nagoya.apache.org/eyebrowse/[EMAIL PROTECTED]&msgNo=14605) the new behaviour of
Tomcat 5 to set the ContextClassLoader in the JAASRealm to the server classloader
prevents defining LoginModules within the context of an web app.
As a quick solution to this problem the Tomcat 5 JAASRealm is going to be patched to
revert back to the old Tomcat 4 handling.
The preferred solution is that the Tomcat Team would do this themselves or provide it
as an option. Someone should start discussing this with them....
I'll provide a patch implementing the quick fix which will depend on the user property
catalina.version.major=5 to be enforced upon the catalina server: when this condition
is true a patched version of the Tomcat 5.0.24 JAASRealm.java revision 1.6 will be
compiled into the $Tomcat/server/classes directory.
---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
