tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <>
Subject Re: realm question: GenericPrincipal not public, RealmBase is
Date Sat, 27 Oct 2001 20:30:19 GMT
I tend to be somewhat paranoid when first creating security related
things.  Upon review, it seems that making GenericPrincipal public won't
cause any security risks, so I just committed a patch on the HEAD branch
to do this.  (I will also back-port it to the 4.0 branch, so it will show
up in 4.0.2).


On Sat, 27 Oct 2001, jeff drost wrote:

> Date: Sat, 27 Oct 2001 08:47:19 -0700 (PDT)
> From: jeff drost <>
> Reply-To: Tomcat Developers Mailing List <>
> To:
> Subject: realm question: GenericPrincipal not public, RealmBase is
> I have plans to implement a Tomcat realm, as well as a webapp to administrate
> users and roles.  I would use the provided JDBCRealm, however I want to have a
> true many-to-many relationship between users and roles in the database.  The
> current model uses two tables (users and user_roles), I would like to use three
> (users, roles, and user_roles).
> My requirements are different enough that I don't want to extend JDBCRealm, but
> not so complex that I want to implement the Realm interface from scratch.  What
> I really want it so extend RealmBase.  To do this I need to make a choice.
> I can either:
> 1) Put my new realm in the package org.apache.catalina.realm so that I have
> access to the existing implementation of GenericPrincipal.  This makes life
> very easy for me, but I'm not crazy about the idea.
> 2) Put my new realm in a different package.  I will then also need to implement
> a Principal class (which will be nothing more than a copy of GenericPrincipal),
> and implement the hasRole method on my realm (which will be a copy from
> RealmBase).  Also, I'm not crazy about cutting and pasting code.
> If the RealmBase is public, why is GenericPrincipal not also?  This would allow
> me to put my new realm in a package of my choosing, and still not need to copy
> the GenericPrincipal class and Realm.hasRole() method.
> Thanks a bunch,
> Jeff Drost
> __________________________________________________
> Do You Yahoo!?
> Make a great connection at Yahoo! Personals.
> --
> To unsubscribe, e-mail:  <>
> For additional commands, e-mail: <>

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message