DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7831>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7831 [PATCH] JNDIRealm does not work with CLIENT-CERT auth method ------- Additional Comments From [EMAIL PROTECTED] 2002-04-08 12:15 ------- I think/hope the only contentious issue in the patch is: return (new GenericPrincipal(this, username, ****null**** , roles)) Javadoc for GenericPrincipal describes the password string as 'Credentials used to authenticate this user'. I set it to null rather than trying finding to it from the realm because this is not necessarily what the user may have provided for authentication, e.g the user didn't provide a password in the CLIENT-CERT case. This probably doesn't make much difference from trying to get it from the realm but I think it preserves the semantics better. Have I misunderstood? -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
