rmaucher commented on pull request #420:
URL: https://github.com/apache/tomcat/pull/420#issuecomment-852887313
I commited a compromise as d1ffc30
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to
rmaucher commented on pull request #420:
URL: https://github.com/apache/tomcat/pull/420#issuecomment-852392506
Well, actually the MemoryUserDatabase will auto reload.
I caught up to the thread on the user mailing list, which I didn't really
pay attention to last week (I was away for
rmaucher commented on pull request #420:
URL: https://github.com/apache/tomcat/pull/420#issuecomment-852194203
I reverted to examine things a bit more.
I think groups should still work since the complete role list is constructed
with their content in getPrincipal, however it also mea
rmaucher commented on pull request #420:
URL: https://github.com/apache/tomcat/pull/420#issuecomment-852172392
Ah ok, I did that, since getPassword was a problem that needed fixing.
However, I think this does not work and I'll have to revert this: I don't see
how groups are still handled,
rmaucher commented on pull request #420:
URL: https://github.com/apache/tomcat/pull/420#issuecomment-852001319
I pushed this in the main branch, but there the backport question since it
clearly changes the behavior and it could hurt someone actually using the live
updating capability.
--
rmaucher commented on pull request #420:
URL: https://github.com/apache/tomcat/pull/420#issuecomment-851974510
I'm quite sure this was done on purpose [want to be able to lock away
someone instantly] but this probably does not make much sense as the behavior
cannot become consistent. Looku