DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=28631>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=28631 JAASRealm fix to permit user-specified user/group Principals ------- Additional Comments From [EMAIL PROTECTED] 2004-07-29 02:40 ------- Two issues preventing me from writing test cases: 1) It isn't clear how to do that. There isn't much documentation on how testing works; I was a but put off by that initially. After some investigation, I found jakarta-tomcat-catalina/tester/src/bin/tester.xml, which indeed appears to be an Ant file that performs out-of-container HTTP testing. So, sure, I can see how, if the container were configured to use my JAASRealm patch, I could re-test the authentication tests in jakarta-tomcat- catalina/tester/src/tester/org/apache/tester/Authentication0*.java. Sounds simple, but it all turns on the phrase "if the container were configured to use my JAASRealm patch." All of the tests use, by default, uses UserDatabaseRealm. How could I make Tomcat use JAASRealm instead? It appears that I would need to either: - Create a custom context descriptor for the "tester" webapp that uses JAASRealm - Edit the existing conf/server.xml file ... as well as cause the test script to bounce the server and re-load it with the new context descriptor. Aha. To do this, now I need to hack the tester.xml Ant script. I have *never* written a Tomcat test case before, so this is just my best guess on what it would take. Am I wrong? 2) I'm not sure what it would contain. Remember that JAASRealm needs an implementation of a JAAS LoginModule to function. There isn't one supplied with Tomcat, so this means I'd need to: - Create a dummy LoginModule that authenticates certain hard-coded users but not others (e.g., "Fred/ bedrock" but not "Barney/feet") - Create a "sample" LoginModule that authenticates against an existing user registry, like tomcat- users.xml. But that seems like real work to me; I might as well port MemoryRealm to JAAS while I'm at it. (Which is essentially what I'd be doing). Frankly, this seems like a lot of bother for a patch that I *know* works; is has been in production on my personal wiki for about three months. I can do it if you want to, as long as you accept that this means that there will be quite a bit of changes to certain build files, and other things. What is the best path forward? The key issue here is lack of flexibility in the test scripts, which don't permit changing Realms for exercising authentication tests. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]