tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Attila Szegedi" <>
Subject Re: DIGEST authentication scheme for Tomcat 3.3
Date Tue, 11 Sep 2001 09:12:55 GMT
Been thinking about how could it be done completely orthogonal to the main
code (that is, as an independent module), but no matter how I look at it, I
can't figure how to acheive the same functionality without touching
AccessInterceptor and RealmBase. OTOH, The Digest* classes can be moved into
a module of their own, there's no problem with that, but AccessInterceptor
and RealmBase still have to know about it. [Or is it just that I don't know
Tomcat architecture closely enough?]


----- Original Message -----
From: <>
To: <>
Sent: 2001. szeptember 11. 1:30
Subject: Re: DIGEST authentication scheme for Tomcat 3.3

> Hi Attila,
> I'll review your changes and I see no problem with fixing
> AccessInterceptor and RealmBase. I'm not sure about the new modules - I
> think this is a new feature and I'm not very comfortable with features.
> If you don't mind, I'll check it in src/proposals first, as a standalone
> module. There we can make sure it works, and eventually release the jar
> separately, for people who need this feature.
> As I mentioned many times, it's better for new code to be released as a
> module, either a separate jar file or using the TOMCAT_HOME/modules
> mechanism. Then you can spend all the time you want testing and improving
> your code, and we can release 3.3 ( and 3.3.1, etc ) without extra
> overhead. The more code we have in the main distribution, the hardest it
> is to release the whole thing.
> Costin

View raw message