[jira] Commented: (GERONIMO-317) Support for method-permissions in the web.xml in Tomcat

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[jira] Commented: (GERONIMO-317) Support for method-permissions in the web.xml in Tomcat

Development mailing list
     [ http://issues.apache.org/jira/browse/GERONIMO-317?page=comments#action_64574 ]
     
Jeff Genender commented on GERONIMO-317:
----------------------------------------

David, can you be more specific by method-permissions in the web.xml?  I am assuming you are referring to method permissions of EJB?  AFAIK, web.xml does not have method permissions.  Are you referring to the web-resource and user-data constraints?  These are now supported.

> Support for method-permissions in the web.xml in Tomcat
> -------------------------------------------------------
>
>          Key: GERONIMO-317
>          URL: http://issues.apache.org/jira/browse/GERONIMO-317
>      Project: Geronimo
>         Type: Task
>   Components: web, Tomcat, security, deployment
>     Reporter: David Blevins
>     Assignee: Alan Cabrera

>
> Security roles in the web.xml should be linked to roles defined in a Geronimo security realm and not the Tomcat security realm provider.

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

Reply | Threaded
Open this post in threaded view
|

Re: [jira] Commented: (GERONIMO-317) Support for method-permissions in the web.xml in Tomcat

David Jencks
FWIW I think what david is asking for here is what you get using the  
JACC tomcat realm.  I don't see method-permissions mentioned.  The idea  
is to use the geronimo permissions-role mapping rather than the  
"identity" non-mapping supplied by tomcat that IIRC you can still get  
using the tomcat JAAS realm.

david jencks

On May 5, 2005, at 10:59 AM, Jeff Genender (JIRA) wrote:

>      [  
> http://issues.apache.org/jira/browse/GERONIMO-317?
> page=comments#action_64574 ]
>
> Jeff Genender commented on GERONIMO-317:
> ----------------------------------------
>
> David, can you be more specific by method-permissions in the web.xml?  
> I am assuming you are referring to method permissions of EJB?  AFAIK,  
> web.xml does not have method permissions.  Are you referring to the  
> web-resource and user-data constraints?  These are now supported.
>
>> Support for method-permissions in the web.xml in Tomcat
>> -------------------------------------------------------
>>
>>          Key: GERONIMO-317
>>          URL: http://issues.apache.org/jira/browse/GERONIMO-317
>>      Project: Geronimo
>>         Type: Task
>>   Components: web, Tomcat, security, deployment
>>     Reporter: David Blevins
>>     Assignee: Alan Cabrera
>
>>
>> Security roles in the web.xml should be linked to roles defined in a  
>> Geronimo security realm and not the Tomcat security realm provider.
>
> --
> This message is automatically generated by JIRA.
> -
> If you think it was sent incorrectly contact one of the administrators:
>    http://issues.apache.org/jira/secure/Administrators.jspa
> -
> For more information on JIRA, see:
>    http://www.atlassian.com/software/jira
>

Reply | Threaded
Open this post in threaded view
|

Re: [jira] Commented: (GERONIMO-317) Support for method-permissions in the web.xml in Tomcat

Jeff Genender
Hi DJ,

The title of the JIRA issue was "Support for method-permissions in the
web.xml in Tomcat".  I suspect he meant something that had to do with
JACC...but I wanted to be sure.

Jeff


> FWIW I think what david is asking for here is what you get using the
> JACC tomcat realm.  I don't see method-permissions mentioned.  The idea
> is to use the geronimo permissions-role mapping rather than the
> "identity" non-mapping supplied by tomcat that IIRC you can still get
> using the tomcat JAAS realm.
>
> david jencks
>
> On May 5, 2005, at 10:59 AM, Jeff Genender (JIRA) wrote:
>
>>      [
>> http://issues.apache.org/jira/browse/GERONIMO-317?
>> page=comments#action_64574 ]
>>
>> Jeff Genender commented on GERONIMO-317:
>> ----------------------------------------
>>
>> David, can you be more specific by method-permissions in the web.xml?
>> I am assuming you are referring to method permissions of EJB?  AFAIK,
>> web.xml does not have method permissions.  Are you referring to the
>> web-resource and user-data constraints?  These are now supported.
>>
>>> Support for method-permissions in the web.xml in Tomcat
>>> -------------------------------------------------------
>>>
>>>          Key: GERONIMO-317
>>>          URL: http://issues.apache.org/jira/browse/GERONIMO-317
>>>      Project: Geronimo
>>>         Type: Task
>>>   Components: web, Tomcat, security, deployment
>>>     Reporter: David Blevins
>>>     Assignee: Alan Cabrera
>>
>>>
>>> Security roles in the web.xml should be linked to roles defined in a
>>> Geronimo security realm and not the Tomcat security realm provider.
>>
>> --
>> This message is automatically generated by JIRA.
>> -
>> If you think it was sent incorrectly contact one of the administrators:
>>    http://issues.apache.org/jira/secure/Administrators.jspa
>> -
>> For more information on JIRA, see:
>>    http://www.atlassian.com/software/jira
>>
>