tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r1149584 - in /tomcat/tc5.5.x/trunk/container/webapps/docs: changelog.xml config/realm.xml
Date Fri, 22 Jul 2011 12:11:43 GMT
Author: markt
Date: Fri Jul 22 12:11:43 2011
New Revision: 1149584

URL: http://svn.apache.org/viewvc?rev=1149584&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=41498
Add info for allRolesMode

Modified:
    tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml
    tomcat/tc5.5.x/trunk/container/webapps/docs/config/realm.xml

Modified: tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml?rev=1149584&r1=1149583&r2=1149584&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml (original)
+++ tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml Fri Jul 22 12:11:43 2011
@@ -63,6 +63,10 @@
   </subsection>
   <subsection name="Webapps">
     <changelog>
+      <fix>
+        <bug>41498</bug>: Add the allRolesMode attribute to the Realm
+        configuration page in the documentation web application. (markt)
+      </fix>
       <update>
         Configure Security Manager How-To to include a copy of the actual
         conf/catalina.policy file when the documentation is built, rather

Modified: tomcat/tc5.5.x/trunk/container/webapps/docs/config/realm.xml
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/docs/config/realm.xml?rev=1149584&r1=1149583&r2=1149584&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/docs/config/realm.xml (original)
+++ tomcat/tc5.5.x/trunk/container/webapps/docs/config/realm.xml Fri Jul 22 12:11:43 2011
@@ -123,6 +123,19 @@
 
     <attributes>
 
+      <attribute name="allRolesMode" required="false">
+        <p>This attribute controls how the special role name <code>*</code>
is
+        handled when processing authorization constraints in web.xml. By
+        default, the specification compliant value of <code>strict</code> is
+        used which means that the user must be assigned one of the roles defined
+        in web.xml. The alternative values are <code>authOnly</code> which means
+        that the user must be authenticated but no check is made for assigned
+        roles and <code>strictAuthOnly</code> which means that the user must
be
+        authenticated and no check will be made for assigned roles unless roles
+        are defined in web.xml in which case the user must be assigned at least
+        one of those roles.</p>
+      </attribute>
+
       <attribute name="connectionName" required="true">
         <p>The database username to use when establishing the JDBC
         connection.</p>
@@ -209,6 +222,19 @@
 
     <attributes>
 
+      <attribute name="allRolesMode" required="false">
+        <p>This attribute controls how the special role name <code>*</code>
is
+        handled when processing authorization constraints in web.xml. By
+        default, the specification compliant value of <code>strict</code> is
+        used which means that the user must be assigned one of the roles defined
+        in web.xml. The alternative values are <code>authOnly</code> which means
+        that the user must be authenticated but no check is made for assigned
+        roles and <code>strictAuthOnly</code> which means that the user must
be
+        authenticated and no check will be made for assigned roles unless roles
+        are defined in web.xml in which case the user must be assigned at least
+        one of those roles.</p>
+      </attribute>
+
       <attribute name="dataSourceName" required="true">
         <p>The JNDI named JDBC DataSource for your database. If the DataSource
         is local to the context, the name is relative to
@@ -305,6 +331,19 @@
     information from the directory:</p>
 
     <attributes>
+      <attribute name="allRolesMode" required="false">
+        <p>This attribute controls how the special role name <code>*</code>
is
+        handled when processing authorization constraints in web.xml. By
+        default, the specification compliant value of <code>strict</code> is
+        used which means that the user must be assigned one of the roles defined
+        in web.xml. The alternative values are <code>authOnly</code> which means
+        that the user must be authenticated but no check is made for assigned
+        roles and <code>strictAuthOnly</code> which means that the user must
be
+        authenticated and no check will be made for assigned roles unless roles
+        are defined in web.xml in which case the user must be assigned at least
+        one of those roles.</p>
+      </attribute>
+
        <attribute name="alternateURL" required="false">
          <p>If a socket connection can not be made to the provider at
          the <code>connectionURL</code> an attempt will be made to use the
@@ -471,6 +510,19 @@
 
     <attributes>
 
+      <attribute name="allRolesMode" required="false">
+        <p>This attribute controls how the special role name <code>*</code>
is
+        handled when processing authorization constraints in web.xml. By
+        default, the specification compliant value of <code>strict</code> is
+        used which means that the user must be assigned one of the roles defined
+        in web.xml. The alternative values are <code>authOnly</code> which means
+        that the user must be authenticated but no check is made for assigned
+        roles and <code>strictAuthOnly</code> which means that the user must
be
+        authenticated and no check will be made for assigned roles unless roles
+        are defined in web.xml in which case the user must be assigned at least
+        one of those roles.</p>
+      </attribute>
+
       <attribute name="resourceName" required="true">
         <p>The name of the resource that this realm will use for user, password
         and role information.</p>
@@ -500,6 +552,19 @@
 
     <attributes>
 
+      <attribute name="allRolesMode" required="false">
+        <p>This attribute controls how the special role name <code>*</code>
is
+        handled when processing authorization constraints in web.xml. By
+        default, the specification compliant value of <code>strict</code> is
+        used which means that the user must be assigned one of the roles defined
+        in web.xml. The alternative values are <code>authOnly</code> which means
+        that the user must be authenticated but no check is made for assigned
+        roles and <code>strictAuthOnly</code> which means that the user must
be
+        authenticated and no check will be made for assigned roles unless roles
+        are defined in web.xml in which case the user must be assigned at least
+        one of those roles.</p>
+      </attribute>
+
       <attribute name="pathname" required="false">
         <p>Absolute or relative (to $CATALINA_HOME) pathname to the XML file
         containing our user information.  See below for details on the
@@ -562,6 +627,19 @@
     attributes:</p>
 
     <attributes>
+      <attribute name="allRolesMode" required="false">
+        <p>This attribute controls how the special role name <code>*</code>
is
+        handled when processing authorization constraints in web.xml. By
+        default, the specification compliant value of <code>strict</code> is
+        used which means that the user must be assigned one of the roles defined
+        in web.xml. The alternative values are <code>authOnly</code> which means
+        that the user must be authenticated but no check is made for assigned
+        roles and <code>strictAuthOnly</code> which means that the user must
be
+        authenticated and no check will be made for assigned roles unless roles
+        are defined in web.xml in which case the user must be assigned at least
+        one of those roles.</p>
+      </attribute>
+
       <attribute name="appName" required="true">
         <p>The name of the application as configured in your login configuration
         file (<a href="http://java.sun.com/j2se/1.4.1/docs/guide/security/jaas/tutorials/LoginConfigFile.html">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message