https://bz.apache.org/bugzilla/show_bug.cgi?id=57706
Bug ID: 57706
Summary: Documentation for tomcatAuthentication too vague:
confusion over authentication and authorization
Product: Tomcat 7
Version: 7.0.59
Hardware: PC
OS: Mac OS X 10.1
Status: NEW
Severity: normal
Priority: P2
Component: Documentation
Assignee: [email protected]
Reporter: [email protected]
At http://tomcat.apache.org/tomcat-7.0-doc/config/ajp.html the documentation
for tomcatAuthentication states as follows:
"If set to true, the authentication will be done in Tomcat. Otherwise, the
authenticated principal will be propagated from the native webserver and used
for authorization in Tomcat. The default value is true."
This documentation is incorrect, it should instead read as follows:
"If set to true, authentication and authorization will be done in Tomcat.
Otherwise, the authenticated principal will be propagated from the native
webserver and used for authentication in Tomcat, while all role memberships
will be considered false. The default value is true."
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
