Accessing a custom user principal from a JAAS Realm

After several days of questions on the user mailing list surrounding this issue, I received an answer today which I need to confirm with any of the developers out there. Basically, I am using Tomcat 5.0.28, and using the JAAS realm for authentication and authorization. In my JAAS login module,

DO NOT REPLY [Bug 37121] - HTTP Static Partial Content Bug

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 37132] New: - Digest authentication does not work if the username or URI contain a comma

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 37121] - HTTP Static Partial Content Bug

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

Re: Apache Tomcat Web Root Path Disclosure Vulnerability

Hi, The vulnerability was reported for 4.0.3. That's not the same as only affecting 4.0.3 ;) 4.0.6 and later, including 4.1.x, 5.0.x, and 5.5.x, should be fine. I think 3.3.x is fine as well. This is a trivial vulnerability to test: ask the server for a resource that does not exist, and look at

Apache Tomcat Web Root Path Disclosure Vulnerability

Hello, One of our customers running Apache Tomcat version 4.1.29 ran some type of a vulnerability scanner which detected an "Apache Tomcat Web Root Path Disclosure Vulnerability". Did some research on the net and many sites mentioned that this vulnerability only affected 4.0.3. But I want t

DO NOT REPLY [Bug 37121] - HTTP Static Partial Content Bug

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 37098] - Cannot create attributes conditionally in tags

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 37121] - HTTP Static Partial Content Bug

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 37121] New: - HTTP Static Partial Content Bug

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 36976] - Tomcat VM does not shutdown with remote jmx enabled

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

RE: Latest mod_jk?

Thanks. > -Original Message- > From: Jean-frederic Clere [mailto:[EMAIL PROTECTED] > Sent: Saturday, October 15, 2005 3:21 AM > To: Tomcat Developers List > Subject: Re: Latest mod_jk? > > > Jean-frederic Clere wrote: > > > Fenlason, Josh wrote: > > > >> What is the latest stable mod_j

DO NOT REPLY [Bug 37044] - JAASRealm / RealmBase role checking bug ?

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

svn commit: r325874 - in /tomcat/container/tc5.5.x: catalina/src/share/org/apache/catalina/connector/Request.java catalina/src/share/org/apache/catalina/realm/RealmBase.java webapps/docs/changelog.xml

Author: remm Date: Mon Oct 17 03:39:15 2005 New Revision: 325874 URL: http://svn.apache.org/viewcvs?rev=325874&view=rev Log: - 37044: RealmBase.hasResourcePermission needs access to the GenericPrincipal as the JAAS realm no longer overrides hasRole. Modified: tomcat/container/tc5.5.x/catal

DO NOT REPLY [Bug 36319] - broken link to DBCP configuration reference

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 37065] - Assertion failed in tomcat5.exe

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu