tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Costin Manolache <>
Subject Re: [5] [Proposal] Adding an authorization interface
Date Mon, 02 Dec 2002 18:55:57 GMT
Jeanfrancois Arcand wrote:

>>I would very much preffer a consistent mechanism for all the hooks in
>>tomcat. In 3.3 there is one interface ( BaseInterceptor ) where all
>>the possible hooks are defined ( with a number of problems we already
>>know regarding ordering, but that's a different issue ). In 4.x Valves
>>are used as the main extension mechanism, but also Listeners, Realms,
>>Connectors and few other interfaces - and I would very much prefer
>>a solution that is more consistent and simpler.
> Just downloaded 3.3 code base. I will take a look at the way it work. I
> not familiar with 3.3 code base.

The important codebase to take a look at is Apache2 :-) You can also
check axis, they have a very nice hook mechanism ( very similar with 
apache2 and everything else, but the java implementation is quite good ).

Tomcat3.3 is a bit closer to apache1.3 modules ( one interface, one 
method per hook chain ), and it has the same limitations.

The idea is quite simple: have a consistent API for all supported hooks.
Chain + Handler or whatever name is used is fine. Both iterative
and recursive ( Valve ) are fine ( and can be used in the same chain !).

> I agree. If It possible, I will come up with an ActionCode. If not, then
> we should use the Authorizer idea.

I'm very sure it is possible ( with some extensions to Action maybe, but
it's the same thing ). The pattern is used in a lot of projects and 
most servers I know.


To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message