https://issues.apache.org/bugzilla/show_bug.cgi?id=54503
--- Comment #2 from Toby Hobson <toby.hob...@cloudseal.com> --- Hi Christopher "Cloudseal" is certainly not a requirement, SAML2 would indeed be a better name. I think the term is a hangover from our current implementation of the authenticator which we offer with our product (we describe it as a "Cloudseal Authenticaor). The only thing I would point out is that the code uses a class called CloudsealPrincipal. This would have to remain because CloudsealPrincipal is defined in our saml2-core library. We may refactor this class at some stage but there's nothing SAML specific about it (and we also use it for our OAUTH2 implementation) There's a transitive dependency on CombinedRealm.getPrincipal(String) - As mentioned in the bugzilla comments the SamlAuthenticator can lookup roles against a configured realm. We modified Realm to add authenticate(String). RealmBase.authenticate(String) calls getPrincipal(String) and CombinedRealm extends RealmBase. The modification allows a developer to use CombinedRealm with the SamlAuthenticator if he wants. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
