tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bjarni Þór Jónsson <bjar...@hugur.is>
Subject JNDIRealm: "role expansion"
Date Thu, 18 Nov 2004 18:16:36 GMT
Hi

I'm using the org.apache.catalina.realm.JNDIRealm class (included with
Tomcat 5.0.28) but I required a "slightly" different behavior from the
orginal class so I changed it, the question is whether my modifications are
desirable for the offical code.

My requirement was "role expansion", i.e. if a user has the following role: 
	CN=A,OU=B,OU=C,OU=D,DC=E,DC=F 
It should also have the follow roles:
OU=B,OU=C,OU=D,DC=E,DC=F
OU=C,OU=D,DC=E,DC=F
OU=D,DC=E,DC=F
DC=E, DC=F
DC=F

I made this role expansion configurable, so that it is only done if
requested in the Realm configuration in server.xml. (I also added another
configuration for the role expansion, whether the user should get "DC" only
roles (the "DC=E, DC=F" and "DC=F" roles from the example) or not.)

Is this modification desirable for the offical code?

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message