This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 91babf331d07f23946bdaaf356449cce0ebe7d99
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu May 1 08:44:04 2025 +0100
Add BASIC authentication diagram
---
webapps/docs/architecture/requestProcess.xml | 27 +++----
.../architecture/requestProcess/41_basic.plantuml | 78 +++++++++++++++++++++
.../docs/architecture/requestProcess/41_basic.png | Bin 0 -> 114556 bytes
3 files changed, 88 insertions(+), 17 deletions(-)
diff --git a/webapps/docs/architecture/requestProcess.xml
b/webapps/docs/architecture/requestProcess.xml
index 67693af810..cec2844cd4 100644
--- a/webapps/docs/architecture/requestProcess.xml
+++ b/webapps/docs/architecture/requestProcess.xml
@@ -84,28 +84,21 @@ Asynchronous - TBD.
</p>
</section>
-<section name="Legacy information">
-
-<subsection name="diagrams">
+<section name="Authentication">
<p>
-A UML sequence diagram of the authentication process is available
-<a href="requestProcess/authentication-process.png">here.</a>
+<a href="requestProcess/41_basic.png">Diagram 4.1</a> shows how BASIC
+authentication is processed.
</p>
-
-</subsection>
-
-<subsection name="comments">
<p>
-The Servlet Specification provides many opportunities for
-listening in (using Listeners) or modifying (using Filters)
-the request handling process even before the request arrives
-at the servlet that will handle it.
+DIGEST - TBD.
+</p>
+<p>
+FORM - TBD.
+</p>
+<p>
+Jakarta Authentication (JASPIC) - TBD.
</p>
-
-</subsection>
-
</section>
-
</body>
</document>
diff --git a/webapps/docs/architecture/requestProcess/41_basic.plantuml
b/webapps/docs/architecture/requestProcess/41_basic.plantuml
new file mode 100644
index 0000000000..fd779110ac
--- /dev/null
+++ b/webapps/docs/architecture/requestProcess/41_basic.plantuml
@@ -0,0 +1,78 @@
+@startuml
+
+' Licensed to the Apache Software Foundation (ASF) under one or more
+' contributor license agreements. See the NOTICE file distributed with
+' this work for additional information regarding copyright ownership.
+' The ASF licenses this file to You under the Apache License, Version 2.0
+' (the "License"); you may not use this file except in compliance with
+' the License. You may obtain a copy of the License at
+'
+' http://www.apache.org/licenses/LICENSE-2.0
+'
+' Unless required by applicable law or agreed to in writing, software
+' distributed under the License is distributed on an "AS IS" BASIS,
+' WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+' See the License for the specific language governing permissions and
+' limitations under the License.
+
+hide footbox
+skinparam style strictuml
+
+participant MimeHeaders
+participant CoyoteRequest
+participant Request
+activate ErrorReportValve
+
+ErrorReportValve -> StandardHostValve ++: invoke()
+StandardHostValve -> Request ++: getContext()
+return
+StandardHostValve -> Context ++: bind()
+return
+StandardHostValve -> Context ++: getPipeline()
+return
+StandardHostValve -> "StandardPipeline\n(Context)" ++: getFirst()
+return
+StandardHostValve -> BasicAuthenticator ++: invoke()
+BasicAuthenticator -> Context ++: getRealm()
+return
+BasicAuthenticator -> LockoutRealm ++: findSecurityContraints()
+return
+BasicAuthenticator -> LockoutRealm ++: hasUserDataPermission()
+return
+BasicAuthenticator -> BasicAuthenticator ++: doAuthenticate()
+BasicAuthenticator -> Request ++: getCoyoteRequest()
+return
+BasicAuthenticator -> CoyoteRequest ++: getMimeHeaders()
+return
+BasicAuthenticator -> MimeHeaders ++: getValue("authorization")
+return
+BasicAuthenticator --> BasicCredentials **:
+BasicAuthenticator -> BasicCredentials ++: getUserName()
+return
+BasicAuthenticator -> BasicCredentials ++: getPassword()
+return
+BasicAuthenticator -> Context ++: getRealm()
+return
+BasicAuthenticator -> LockoutRealm ++: authenticate()
+LockoutRealm -> UserDatabaseRealm ++: authenticate()
+UserDatabaseRealm -> UserDatabaseRealm ++: getPassword(username)
+UserDatabaseRealm -> CredentialHandler ++: matches()
+return
+UserDatabaseRealm -> UserDatabaseRealm ++: getPrincipal()
+return
+return
+return
+return
+return
+BasicAuthenticator -> Realm ++: hasResourcePermission()
+return
+BasicAuthenticator -> BasicAuthenticator ++: getNext()
+return
+BasicAuthenticator -> StandardContextValve ++: invoke()
+note right of StandardContextValve
+ Standard Servlet request
+ processing continues from
+ this point
+end note
+
+@enduml
\ No newline at end of file
diff --git a/webapps/docs/architecture/requestProcess/41_basic.png
b/webapps/docs/architecture/requestProcess/41_basic.png
new file mode 100644
index 0000000000..ea6bbe70b0
Binary files /dev/null and
b/webapps/docs/architecture/requestProcess/41_basic.png differ
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
