On 09/01/2023 18:43, Christopher Schultz wrote:
Alexander,
On 1/9/23 07:21, Alexander Ghyoot wrote:
For my thesis, I'm looking into access control in open-source software
and am curious how the authentication process works in the Apache
Tomcat (10.0.27) architecture. However, the documentation on this
seems incomplete. The PNG is a screenshot of the image, only half
shown, the link is below.
Can someone give me a complete picture of the authentication flow in
Apache Tomcat? Thanks in advance.
https://tomcat.apache.org/tomcat-10.0-doc/architecture/requestProcess.html
https://tomcat.apache.org/tomcat-10.0-doc/architecture/requestProcess/authentication-process.png
[https://tomcat.apache.org/tomcat-10.0-doc/architecture/requestProcess/authentication-process.png]
My wild guess is those diagrams are very old and possibly out of date. I
haven't looked at the revision-control history to see ... how old they are.
For the request process and server start-up, the original diagrams were
late 2003. So almost 20 years. The original Rational Rose MDL file is
available from:
https://svn.apache.org/repos/asf/tomcat/archive/tc5.0.x/trunk/container/webapps/docs/architecture/requestProcess/roseModel.mdl
The diagrams were updated in 2015 (more recently than I thought):
https://bz.apache.org/bugzilla/show_bug.cgi?id=57282
They should be complete (for that era), they just ignore the long series
of returns at the end.
We should have asked for the MDL file at the time.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
