----- Original Message ----- From: "Remy Maucherat" <[EMAIL PROTECTED]> To: "Tomcat Developers List" <[EMAIL PROTECTED]> Sent: Sunday, January 11, 2004 1:18 AM Subject: Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm RealmBase.java
> Bill Barker wrote: > >>remm 2004/01/10 09:23:39 > >> > >> Modified: catalina/src/share/org/apache/catalina/realm RealmBase.java > >> Log: > >> - findMethod wasn't called on the right collection. > >> - The algorithm ignored extension mapped constraints as long as a > > > > widcard > > > >> or exact mapped constraint was found. This doesn't seem right (I did > > > > quickly > > > >> read the relevant portions of the spec). > > > > > > -1. This is exactly what the spec says should happen. Just because it is > > silly doesn't change the fact it is what we have to implement. Go read > > section 12.8.3 again. > > Ah ok. So the container provided authentication is really useless after > all. > I didn't understand it that way. > It's the only way that you can use the "Combinining Constraints" (section 12.8.1) at all, since that says to use the least restrictive constraint. > Are there situations where more than one constraint is returned ? > Not very often, but it is possible. The example in 12.8.2 would be one such case. > Rémy > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
