markt 2004/08/21 05:37:56
Modified: webapps/tomcat-docs realm-howto.xml
Log:
Fix bug 12516. Clarify that the cached Principal is not retained across session
serialisation.
Revision Changes Path
1.14 +14 -10 jakarta-tomcat-4.0/webapps/tomcat-docs/realm-howto.xml
Index: realm-howto.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/tomcat-docs/realm-howto.xml,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- realm-howto.xml 4 Sep 2003 19:59:47 -0000 1.13
+++ realm-howto.xml 21 Aug 2004 12:37:56 -0000 1.14
@@ -326,9 +326,10 @@
roles) are cached within Tomcat for the duration of the user's login.
(For FORM-based authentication, that means until the session times out or
is invalidated; for BASIC authentication, that means until the user
- closes their browser). Any changes to the database information for an
- already authenticated user will <strong>not</strong> be reflected until
- the next time that user logs on again.</li>
+ closes their browser). The cached user is <strong>not</strong> saved and
+ restored across sessions serialisations. Any changes to the database
+ information for an already authenticated user will <strong>not</strong> be
+ reflected until the next time that user logs on again.</li>
<li>Administering the information in the <em>users</em> and <em>user roles</em>
table is the responsibility of your own applications. Tomcat does not
provide any built-in capabilities to maintain users and roles.</li>
@@ -499,9 +500,10 @@
roles) are cached within Tomcat for the duration of the user's login.
(For FORM-based authentication, that means until the session times out or
is invalidated; for BASIC authentication, that means until the user
- closes their browser). Any changes to the database information for an
- already authenticated user will <strong>not</strong> be reflected until
- the next time that user logs on again.</li>
+ closes their browser). The cached user is <strong>not</strong> saved and
+ restored across sessions serialisations. Any changes to the database
+ information for an already authenticated user will <strong>not</strong> be
+ reflected until the next time that user logs on again.</li>
<li>Administering the information in the <em>users</em> and <em>user roles</em>
table is the responsibility of your own applications. Tomcat does not
provide any built-in capabilities to maintain users and roles.</li>
@@ -1088,9 +1090,10 @@
roles) are cached within Tomcat for the duration of the user's login.
(For FORM-based authentication, that means until the session times out or
is invalidated; for BASIC authentication, that means until the user
- closes their browser). Any changes to the directory information for an
- already authenticated user will <strong>not</strong> be reflected until
- the next time that user logs on again.</li>
+ closes their browser). The cached user is <strong>not</strong> saved and
+ restored across sessions serialisations. Any changes to the directory
+ information for an already authenticated user will <strong>not</strong> be
+ reflected until the next time that user logs on again.</li>
<li>Administering the information in the directory server
is the responsibility of your own applications. Tomcat does not
provide any built-in capabilities to maintain users and roles.</li>
@@ -1198,7 +1201,8 @@
roles) are cached within Tomcat for the duration of the user's login.
(For FORM-based authentication, that means until the session times out or
is invalidated; for BASIC authentication, that means until the user
- closes their browser).</li>
+ closes their browser). The cached user is <strong>not</strong> saved and
+ restored across sessions serialisations.</li>
<li>Administering the information in the users file is the responsibility
of your application. Tomcat does not
provide any built-in capabilities to maintain users and roles.</li>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
