Hi Matthias,

Am 23.09.21 um 08:03 schrieb Keil, Matthias (ORISA Software GmbH):
Yes, I would like to define my Server Auth module in the jaspic-providers.xml 
and then provide the class with the web application.

As far as of now, i have only two scenarios in my mind:


1) Transparent for developers/applications

* Developer defines the security constraints with e.g. basic authentication in their web.xml
* Operating places oidc-lib and the jaspci xml-configuration in tomcat.

--> Same war-file can be used for development and production
--> The developer doesnt know anything about oidc.


2) Transparent for operating.

* Developer put the oidc-lib in their application and is
responsible to register the AuthProvider class.

In both cases, i assume there exist only one oidc provider in the company (maybe federated with other external oidc provider) with
one corresponding oidc-lib implementation.

Probably you have an other setup/requirement ?


--
greets
   Bernd



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to