Hi,
My company isusing Tomcat 4.1.29 and I'm investigating a transition to version 5.0.28.
We use JAAS for authentication. The realm is decleared inside the web application context. The authentication code makes an EJB call to jBoss server (we are using stand alone Tomcat not jBoss bundled version).
In verion 4.1 we have ejb-client code jar in both server/lib and Web Application lib directories. I have replicated the same structure in version 5 but I get ClassCastException inside my JAAS Authentication module. If I remove the copy of ejb-client jar from Web Application it all works fine which suggest to me that the ClassCastException related to the fact that the same class id loaded by different classloaders. Tomcat doco specifies that Catalina classloader is invisible to webapplications ( and that's why we use it in Tomcat 4) but it doesn't seem to be the case. The work-around (removing ejb-client code from web app) is not a solution because it has a lot of web app specific code.
If I don't copy authentication code to server/lib directory and only keep it in web app Tomcat doesn't find it. That is the case for both versions - 4 and 5. To me it suggests a different problem - since JAAS realm declared in web app context it should apply to web application only and therefore it should be looking into webapp not server/lib directory. But that is a different discussion topic altogether.
Thanks in advance
Genna
CAUTION - This message may contain privileged and confidential information intended only for the use of the addressee(s) named above. If you are not the intended recipient of this message you are notified that any use, dissemination, distribution or reproduction of this message is prohibited. If you have received this message in error please notify Siemens Ltd., ABN 98 004 347 880, or Siemens (NZ) Limited immediately. No representation is made that this email or any attachments are free of viruses. Virus Scanning is recommended and is the responsibility of the recipient.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
