On 18/03/2015 21:52, Christopher Schultz wrote: > Mark, > > On 3/18/15 9:31 AM, ma...@apache.org wrote: >> Author: markt >> Date: Wed Mar 18 13:31:00 2015 >> New Revision: 1667546 >> >> URL: http://svn.apache.org/r1667546 >> Log: >> Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57708 >> Implement a new feature for AJP connectors - Tomcat Authorization >> If configured (it is disabled by default) Tomcat will take an authenticated >> user name from the AJP protocol and use the appropriate Realm for the >> request to authorize (i.e. add roles) to that user. >> >> Modified: >> tomcat/trunk/java/org/apache/catalina/Realm.java >> >> tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java >> >> tomcat/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java >> >> tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java >> >> tomcat/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java >> >> tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties >> >> tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java >> tomcat/trunk/java/org/apache/catalina/authenticator/SSLAuthenticator.java >> >> tomcat/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java >> tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java >> tomcat/trunk/java/org/apache/catalina/connector/LocalStrings.properties >> tomcat/trunk/java/org/apache/catalina/realm/CombinedRealm.java >> tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java >> tomcat/trunk/java/org/apache/coyote/Request.java >> tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProtocol.java >> tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java >> tomcat/trunk/webapps/docs/config/ajp.xml >> tomcat/trunk/webapps/docs/security-howto.xml >> tomcat/trunk/webapps/docs/windows-auth-howto.xml >> >> Modified: tomcat/trunk/java/org/apache/catalina/Realm.java >> URL: >> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/Realm.java?rev=1667546&r1=1667545&r2=1667546&view=diff >> ============================================================================== >> --- tomcat/trunk/java/org/apache/catalina/Realm.java (original) >> +++ tomcat/trunk/java/org/apache/catalina/Realm.java Wed Mar 18 13:31:00 2015 >> @@ -76,6 +76,15 @@ public interface Realm { >> >> >> /** >> + * Return the Principal associated with the specified username, if there >> + * is one; otherwise return <code>null</code>. >> + * >> + * @param username Username of the Principal to look up >> + */ >> + public Principal authenticate(String username); > > Pretty much by definition, this is not authentication; it's just > identification. > > I'm not -1 on the commit, but the name of this method is not good.
It is closer to authorization but the name is consistent with the other methods. If you want to change it feel free but you'll need to do it before the next release. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
