Alexander,
On 1/9/23 07:21, Alexander Ghyoot wrote:
For my thesis, I'm looking into access control in open-source software and am
curious how the authentication process works in the Apache Tomcat (10.0.27)
architecture. However, the documentation on this seems incomplete. The PNG is a
screenshot of the image, only half shown, the link is below.
Can someone give me a complete picture of the authentication flow in Apache
Tomcat? Thanks in advance.
https://tomcat.apache.org/tomcat-10.0-doc/architecture/requestProcess.html
https://tomcat.apache.org/tomcat-10.0-doc/architecture/requestProcess/authentication-process.png
[https://tomcat.apache.org/tomcat-10.0-doc/architecture/requestProcess/authentication-process.png]
My wild guess is those diagrams are very old and possibly out of date. I
haven't looked at the revision-control history to see ... how old they are.
Which kind of authentication are you interested in? Tomcat supports many
kinds, and some of them work differently than others. Are you interested
in how the credentials are gathered from the client, how they are
verified, or both?
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
