https://issues.apache.org/bugzilla/show_bug.cgi?id=53047
--- Comment #8 from Mark Thomas <ma...@apache.org> --- (In reply to comment #7) > I suggest we define the result of that call as: > AUTH_ONLY_MODE => true The use of AUTH_ONLY mode doe snot preclude the user from being assigned a role and/or the web application testing for it. > STRICT_AUTH_ONLY_MODE => false While it is less likely, the same applies here too. > > - AUTH_ONLY_MODE or STRICT_AUTH_ONLY_MODE > > - the Realm uses separate attributes to define the role store > > - the role store attributes are undefined > > Huh? #3 conflicts with #2. No they do. #2 means the Realm has the capability to define a separate role store. Not all realms do. #3 means that the above separate role store has not been defined. > Why create log messages if it is configured not to use the roles table? Because it is sufficiently unusual that it is worth flagging up to an admin to confirm what is going on. It is just a single log message on Realm start. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
