https://issues.apache.org/bugzilla/show_bug.cgi?id=45283

Seetharama Durbha <[EMAIL PROTECTED]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|INVALID                     |




--- Comment #5 from Seetharama Durbha <[EMAIL PROTECTED]>  2008-06-27 13:29:57 
PST ---
(In reply to comment #3)
> SRV.13.2. states that more than one login-config is an error.
> 

Well...IMHO, we are getting hung-up on the semantics of multiple authenticators
Vs multiple login-configs. I would like to think of these two as two distinct,
though connected, topics.
I can understand why multiple login-config entries should result in an error -
as the login-config itself does not define how multiple entries can be chained
and what  protocol they need to use when each entry in the chain is invoked. A
contrast will be the JAAS model, where the contract is defined and clear.

However, we can treat the chaining of multiple authenticators differently - as
authenticators are an implementation of Tomcat, and it can define the contract
and expected behavior. Also, please note that multiple authenticators are
configured not because of multiple login-config entries, but because of entries
in the context.xml , server.xml, or both. These are configurations are defined
by Tomcat and thus it has control on what can done there.


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to