Hi, Your timing is good to bring this up. We should definitely compare notes. Last night I committed a patch to JBoss that deals with this issue (classes can be found in the JBoss CVS in the org.jboss.web.catalina.tc4 package; most are in the authenticator subpackage).
The JBoss patch is really more properly a Tomcat patch, but the JBoss folks asked me to commit it. I was planning to post a version to the Tomcat Bugzilla this weekend. In fact, I'll do it (against Bug 23881) as soon as I send this. The TC patch is against TC 5 HEAD; the JBoss version is against TC 4.1, plus has some minor tweaks to optimize for embedding in JBoss. Best, Brian Stansberry WAN Concepts, Inc. www.wanconcepts.com Tel: (510) 894-0114 x 116 Fax: (510) 797-3005 At 04:27 PM 11/21/2003 -0600, you wrote: >I believe that I have found a problem with the SingleSignOn valve, and >the Principal caching that is performed in the FormAuthenticator. I >believe that I have a valid patch for the issue, and I would like to >discuss my proposed changes with the community. After reading the >community rules, however, I'm unsure whether I'm suppose to present this >discussion on the mailing list, or create a new bug report, and have >everything tracked there. I believe my patch fixes some interaction >problems with JBoss and Tomcat when Tomcat is used as an embedded server >(related to bug 23881). > >Luke Nelson > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]