tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ken Johanson <tomcat-u...@kensystem.com>
Subject Re: Calling Realm.authenticate() doesn't register Principal in with the Session??
Date Tue, 07 Feb 2006 04:56:58 GMT
Mark Thomas wrote:
> 
> Given users are going to have to modify their app to use this library,
> not modifying the associated context.xml looks to be a nice to have
> requirement that is making things more difficult. Removing this
> requirement opens up a number of alternative implementation options
> including custom realms.
> 
> Mark
> 

Mark, are you saying that you agree, or disagree, with the usefulness of 
the idea?

Your point about 'users have to modify their app' is true, but a one 
time requirement, and thereafter their app will be compatible with 
whatever underlying realm impl is used, which I find enticing. Currently 
there is no mechanism (that I can see) to programtically perform login - 
say from an html form - this 'new' proposed method fills that. And by 
the same token, a user would already have to modify their app (to use a 
custom POST url or form names or redirect), with the built-in form based 
login (or subclass of it's impl), so that doesn't seem to be a drawback.

Sorry to be redundant of you're already agreeing with the idea.

Ken



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message