Realm interface provide methods for authorization like : UserDataPermission (hasUserDataPermission() method) , WebResourcePermission (hasResourcePermission() method) and the last method is hasRole() method.
I'm working on an implementation of a realm which use JACC for the authorization
I have no major problems for UserDataPermission and WebResourcePermission as the methods hasUserDataPermission() and hasResourcePermission() provide attributes to build WebUserDataPermission object (the HttpServletRequest argument is given to hasUserDataPermission() method).
For WebResourcePermission, we can use HttpServletRequest attribute too.
My problem is for using hasRole() method. For JACC permissions, we have to use WebRoleRefPermission object.
For build WebRoleRefPermission objects, we need to know "the servlet-name that identifies the application specific web resource in whose context the role references are to be evaluated"
But hasRole(Principal principal, String role) method contains only the principal and the role.
I have two questions : Is that tomcat Realm interface will evolve to add an argument to hasRole() method in order to know the current servlet-name ?
I think that Remy will answer me that this is another hack.
So my next question is : Is there an easy way to know the current servlet name in a realm ? (in hasRole() method).
Thanks for any suggestions if someone has already done this.
Regards,
Florent
smime.p7s
Description: S/MIME Cryptographic Signature
