tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 53047] New: JDBCRealm allRolesMode="authOnly" still needs role table
Date Sun, 08 Apr 2012 11:18:56 GMT

             Bug #: 53047
           Summary: JDBCRealm allRolesMode="authOnly" still needs role
           Product: Tomcat 6
           Version: 6.0.33
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: minor
          Priority: P2
         Component: Catalina
    Classification: Unclassified

When a JDBCRealm is created with the allRolesMode attribute set to "authOnly" a
role table is still needed even though the documentation states: "The
alternative values are authOnly which means that the user must be authenticated
but no check is made for assigned roles". No check implies no role table
needed. Hint: JDBCRealm.hasRole should probably always return true if the
allRolesMode is set to "authOnly". The current workaround is to create a view
over the user table with a fixed role name.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message