The following issue has been updated: Updater: Ate Douma (mailto:[EMAIL PROTECTED]) Date: Wed, 26 May 2004 6:01 AM Comment: I attached the patch for the Tomcat 5 JAASRealm. Also included in the patch are:
- new maven goals: check.required.properties I've added two new required properties: catalina.home, and catalina.version.major These properties are used to determine if the patch is required and where to put it (${catalina.home}/server/classes. To ensure these properties are available this goal is the first thing executed by allBuild. Also checked now are the already required properties: catalina.shared.lib and deploy.war.dir. check.patch.tomcat5.jaas.realm Is executed at the end of allBuild. Performs the compilation of the JAASRealm class directly into ${catalina.home}/server/classes when catalina.version.major=5. - new project.xml dependencies to be able to compile the patch: Just compiling the class against all the Tomcat 5 server jars didn't work! Strangely enough this class depends on commons-logging (1.0.3) and JMX (xm4j-mx-1.1.1) which are *not* distributed with Tomcat 5. How can this class be used without these dependencies??? Tomcat 4 does have these jars in its server/lib folder. - Updated site/xdocs/getting-started.xml for: supported versions of Tomcat: 4.1.x and 5.x and only with JDK 1.4 required properties: catalina.home and catalina.version.major warning about the patch with a reference to this issue Regards, Ate Changes: Attachment changed to JS2-55-patch.txt --------------------------------------------------------------------- For a full history of the issue, see: http://issues.apache.org/jira/browse/JS2-55?page=history --------------------------------------------------------------------- View the issue: http://issues.apache.org/jira/browse/JS2-55 Here is an overview of the issue: --------------------------------------------------------------------- Key: JS2-55 Summary: JAAS Authentication on Tomcat 5 Type: New Feature Status: Unassigned Priority: Major Project: Jetspeed 2 Components: Security Versions: 2.0-a1 Assignee: Reporter: Ate Douma Created: Tue, 25 May 2004 3:26 PM Updated: Wed, 26 May 2004 6:01 AM Environment: Tomcat 5.0.24, J2SE 1.4.2_03 Description: As discussed on the Jetspeed developers mailinglist (thread starts with: http://nagoya.apache.org/eyebrowse/[EMAIL PROTECTED]&msgNo=14605) the new behaviour of Tomcat 5 to set the ContextClassLoader in the JAASRealm to the server classloader prevents defining LoginModules within the context of an web app. As a quick solution to this problem the Tomcat 5 JAASRealm is going to be patched to revert back to the old Tomcat 4 handling. The preferred solution is that the Tomcat Team would do this themselves or provide it as an option. Someone should start discussing this with them.... I'll provide a patch implementing the quick fix which will depend on the user property catalina.version.major=5 to be enforced upon the catalina server: when this condition is true a patched version of the Tomcat 5.0.24 JAASRealm.java revision 1.6 will be compiled into the $Tomcat/server/classes directory. --------------------------------------------------------------------- JIRA INFORMATION: This message is automatically generated by JIRA. If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa If you want more information on JIRA, or have a bug to report see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]