FAQ

[Tomcat-users] roles in 6.0.24

Eric Lenio
Feb 11, 2010 at 4:53 pm
I think there is a bug in JNDIRealm.java in 6.0.24. According to the
docs:

http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html

it says roles can be specified by both userRoleName, AND roleName
mechanisms.

But, if both are used then the result is that userRoleName roles are
excluded. I believe the correct approach is like this:


--- ./java/org/apache/catalina/realm/JNDIRealm.java 2010-01-19 08:43:40.000000000 -0500
+++ ./java/org/apache/catalina/realm/JNDIRealm.java.new 2010-02-11 11:44:04.548054286 -0500
@@ -1720,7 +1720,8 @@
}
}

- return new ArrayList<String>(groupMap.values());
+ list.addAll(groupMap.values());
+ return list;
}

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
reply

Search Discussions

2 responses

  • Mark Thomas at Feb 11, 2010 at 5:06 pm

    On 11/02/2010 16:53, Eric Lenio wrote:
    I think there is a bug in JNDIRealm.java in 6.0.24. According to the
    docs:

    http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html

    it says roles can be specified by both userRoleName, AND roleName
    mechanisms.

    But, if both are used then the result is that userRoleName roles are
    excluded. I believe the correct approach is like this:


    --- ./java/org/apache/catalina/realm/JNDIRealm.java 2010-01-19 08:43:40.000000000 -0500
    +++ ./java/org/apache/catalina/realm/JNDIRealm.java.new 2010-02-11 11:44:04.548054286 -0500
    @@ -1720,7 +1720,8 @@
    }
    }

    - return new ArrayList<String>(groupMap.values());
    + list.addAll(groupMap.values());
    + return list;
    }
    Please create a Bugzilla entry so this doesn't get forgotten.

    Mark



    ---------------------------------------------------------------------
    To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
    For additional commands, e-mail: users-help@tomcat.apache.org
  • Eric Lenio at Feb 11, 2010 at 5:29 pm

    On Thu, Feb 11, 2010 at 05:05:37PM +0000, Mark Thomas wrote:
    On 11/02/2010 16:53, Eric Lenio wrote:
    I think there is a bug in JNDIRealm.java in 6.0.24. According to the
    docs:

    http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html

    it says roles can be specified by both userRoleName, AND roleName
    mechanisms.

    But, if both are used then the result is that userRoleName roles are
    excluded. I believe the correct approach is like this:


    --- ./java/org/apache/catalina/realm/JNDIRealm.java 2010-01-19 08:43:40.000000000 -0500
    +++ ./java/org/apache/catalina/realm/JNDIRealm.java.new 2010-02-11 11:44:04.548054286 -0500
    @@ -1720,7 +1720,8 @@
    }
    }

    - return new ArrayList<String>(groupMap.values());
    + list.addAll(groupMap.values());
    + return list;
    }
    Please create a Bugzilla entry so this doesn't get forgotten.

    Mark
    OK. Just filed the bug:
    https://issues.apache.org/bugzilla/show_bug.cgi?id=48729

    ---------------------------------------------------------------------
    To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
    For additional commands, e-mail: users-help@tomcat.apache.org

Related Discussions

Discussion Navigation
viewthread | post

2 users in discussion

Eric Lenio: 2 posts Mark Thomas: 1 post