On 16/04/2020 11:05, Osipov, Michael wrote:
That's exactly the point. I don't want to bundle it with the webapp,
but with Tomcat only for all webapps. It will be added to
CATALINA_HOME/lib along with a custom realm. Both are loaded with
Tomcat's common.loader [1]. No, it does not load from common.loader
because of the system class loader restriction. It only works when it
is loaded along side with catalina.jar from the system class loader
(as intended).
I don't have time to spend on the spec and security implications of what
you are requesting but it seems like this should be easily fixable by
deploying the DNS provider for LDAP searches on the class path (along
side catalina.jar). So is this mostly just a convenience issue, meaning
easier to drop the JAR file in the lib directory vs. adding it to
CLASSPAHTH?
-Alan
