tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <>
Subject Re: [GSoC] Regarding JSR 196 implementation project idea
Date Sun, 21 Mar 2010 21:29:52 GMT
On 21/03/2010 14:36, Rajeev Sampath wrote:
> Hello,
> I'm interested in the project idea on implementing JSR 196 specification for
> Tomcat. I've used Tomcat for some time, but as I'm not very much familiar
> with its internals or JSR 196 spec, I'm in the process of getting
> familiarized with them at the moment.
> While searching the dev mailing list archive regarding this idea, I found a
> several months old mail thread [1] regarding a Jaspic implementation started
> by David Jencks. Basically it says about rewriting web security with Realms
> replaced with a Security valve, and a reply [2] in that thread says that JSR
> 196 implementation was not among the mandatory stuff at that time.  I also
> saw that there was an effort to replace Valves with Filters as a GSoC
> project last year, which interferes the above idea of replacing Realm with a
> valve (this might not be a serious problem anyway).
> Since above is a relatively old discussion, I'd really appreciate if someone
> can clarify the current situation and also any viewpoints/comments regarding
> this GSoC idea.

JSR 196 is still not mandatory but would be nice to have - hence why I
sugegsted it as a GSoC project.

Replacing Valves with Filters is a long term goal of mine. However,
since Valves have access to the Tomcat internals, replacing all of the
Valves may not be possible. To be perfectly honest, I haven't looked
closely enough at the code or thought about it long enough to determine
if complete replacement is possible or not.

In terms of JSR 196, I'd prefer a Filter based solution but Valves would
always be a fall-back solution if a 100% filter based approach wasn't
possible / practical.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message