cklein05 commented on a change in pull request #463:
URL: https://github.com/apache/tomcat/pull/463#discussion_r783661408
##########
File path: java/org/apache/catalina/TomcatPrincipal.java
##########
@@ -47,4 +48,37 @@
* exception to LoginContext
*/
void logout() throws Exception;
+
+ /**
+ * Returns the value of the named attribute as an <code>Object</code>, or
+ * <code>null</code> if no attribute of the given name exists, or if
+ * <code>null</code> has been specified as the attribute's name.
+ * <p>
+ * Only the servlet container may set attributes to make available custom
+ * information about a Principal or the user it represents. For example,
some of
+ * the Realm implementations can be configured to additionally query user
+ * attributes from the <i>user database</i>, which then are provided
through the
+ * Principal's attributes map.
+ * <p>
+ * Attribute names and naming conventions are maintained by the Tomcat
+ * components that contribute to this map, like some of the Realm
+ * implementations.
Review comment:
In other words, when querying an attribute named "displayName", a Realm
could add this under a key like "realm.displayName" or "user.displayName". For
that, the (maybe custom) Realm may have a config option `userAttributePrefix`
or this could even be hard-coded.
Such prefixes might make sense, if, in the future, for example, several
components could contribute to the Principal's attributes (like the
Authenticator or a new component `SocialUserDataProvider` querying user
information from Facebook etc.).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
