Hi folks! Great to see this thread picking up steam. On Jun 10, 2015, at 6:12 AM, Mark Thomas <ma...@apache.org> wrote:
> On 10/06/2015 13:34, Fjodor Vershinin wrote: > >> And what about code backward compatibility for Geronimo, >> should code ported back, or new Geronimo release can use our >> implementation? > > Re-use by downstream consumers of Tomcat like TomEE and Geronimo is > certainly a goal. The TomEE folks tend to provide feedback when we do > something that makes their life difficult so I'd expect them to speak up > if they spot a problem. We'll happily be waiting for the code upstream. :) > I wouldn't worry about backwards compatibility for Geronimo. That would > probably be difficult to achieve. Keep in mind that Geronimo may wish to > re-use the code (or just some of the patches) but if you need to change > something you should feel free to do so. Agree. I'd focus on making the code as tight and clean as possible. On Jun 10, 2015, at 6:31 AM, Mark Thomas <ma...@apache.org> wrote: > On 10/06/2015 14:04, Arjan Tijms wrote: > >> Tomcat already has some dedicated configuration files for this. > > My expectation is that all of Tomcat's existing authentication > mechanisms would be made available at the container level (BASIC, > DIGEST, FORM, CLIENT-CERT, SPNEGO). > > It should be a small step from there to replacing Tomcat's current > authenticators with the appropriate JASPIC config. Is the hope that these existing forms of auth will be ported and plugged in through the JASPIC support? That would be quite excellent if so. -David --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
