Brian Stansberry wrote:
At 10:03 PM 12/8/2003 -0800, you wrote:All you have to do to comply with jsr115 is to extends RealmBase and override:
The decision on whether to change the Realm interface, or
move the header processing to AuthenticatorBase is still open.
So soon after such a major release it seems foolhardy to bring this up, but Phillipe's post seems to have opened a can of worms....
Are there any plans to do anything about JSR-115? As it's part of the J2EE 1.4 spec, I would think that for a compliant appserver to embed Tomcat (any others besides JBoss??), Tomcat would need to comply. I bring this up because if there is consideration of API changes to deal w/ the Servlet 2.4 authorization handling, it might be a good time to look into it. I'd be happy to help in such an effort if there is any interest.
- hasUserDataPermission - hasRole - hasResourcePermission - findSecurityConstraint
A couple of months ago (search the tomcat-dev list) we have discussed the possibility of implementing jsr115 directly into Tomcat. Still on my plate (don't know when)....
J2EE 1.4 RI contains Tomcat 5 "powered by" jsr 115. The problem with jsr115 is you have to run under a Security Manager, and this is for sure slower than the current "native" implementation.
-- Jeanfrancois
Brian Stansberry
WAN Concepts, Inc.
www.wanconcepts.com
Tel: (510) 894-0114 x 116
Fax: (510) 797-3005
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
