https://bz.apache.org/bugzilla/show_bug.cgi?id=59750
--- Comment #7 from Michael Osipov <1983-01...@gmx.net> --- (In reply to Christopher Schultz from comment #6) > (In reply to Michael Osipov from comment #5) > > GSSName or X509Certificate and like. I always prefer passing Object and the > > implementation decides about the cast. > > Seems reasonable. > > Tomcat only supports authentication for string usernames or X509 > certificates (where the "username" is extracted as a String value from the > certificate via a X509UsernameRetriever). Do you still feel there is a need > for the user-identifier to be a generic Object? I would always retain as much information as possible. Regaining it is impossible afterwards. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
