-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mark,
On 8/8/17 8:49 AM, Mark Thomas wrote: > On 08/08/17 13:44, Christopher Schultz wrote: > > <snip/> > >> I have no problem with Tomcat having access to the IP address. I >> just want Tomcat to make that IP address available to the >> authenticator component in some way. > > https://bz.apache.org/bugzilla/show_bug.cgi?id=59750 > > Implementing that in a way that is truly backwards compatible > requires a little thought. I agree that backward-compatibility is a significant issue, since the Realm interface hasn't changed since ... well, ever. How about cheating and using a ThreadLocal? try { tl.set(theRequest) authenticator.authenticate(username,password); } finally { tl.set(null); } ?? For SecurityFilter, we added a sub-interface that adds more methods, like this: authenticate(String username, String password); authenticate(String username, String password, HttpServletRequest req); Then, the driver does this: if(realm instanceof ExtendedRealm) ((ExtendedRealm)realm).authenticate(username, password, theRequest); else realm.authenticate(username, password); If using the HttpServletRequest itself is architecturally distasteful, we could use some other kind of data object, or simply java.lang.Object (which is a little distasteful itself). - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlmJthYACgkQHPApP6U8 pFhwTw//ZjwS5MtDL7F18OWFrmtxvfyCDbnOiOgwyJxoCCn//xWjQC7sCmb8OZZd PFnbbzRcU55Ws1+oDz+rZGoXTz8bOOaE0WXQ9r477ETryzjlTNarVgselgQUM24X zl0cSAMJo4U/fabTrSupSOk1H6OJUwNRI0N4FNYsjpk+mXlScGcZsjycvB6CH5Bp 8ht3J222Q9hdBNatcpLzicfRW5t+smckA+1wxFWBye1gxnG9aaNakcXa/V7nQtoq nZO636HIvK16LWoudBXUOfHqGTCBYTijfzD37v8LrIsYj6+yJ/ZetkF45tS4nWcF Gl1vzQQCwY92xd9q6i6UBlnngI898Pp+vuld+mHHwM1nP2dvskO5A4VdYZ+dS4dp QmMWYKhR4cr2TjOpDKy9hxzuRxeENt1Bnr3Jk2Qiy4o8e0a/e7ksB3JfXS99JfLt uCprKNMkRG3Uc1+5vZXOQ1kk7Fz1Bryp7xrxgZjXdpHZ1R7GFIgPi6ohbA+GT4NV dCgYWOPdh1TIcAgOP6dVgHc1H58BX2IjPl8AiKOKLZPKLv+3eWeA5XBz0D1LM0bm CZ+EwFXCfIr5cFqabvbE99DdojhpT6NPmDjTmJznAV7f8AWHLnyr7eYMQY+pkHdF GX3oOwzBlw46CVtMnkgu0OrLPnM/X8447RgMs1bJFJ1dpYO0rr8= =d9LJ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org