Christopher, I'm interested in both, how the clients credentials are gathered and verified.
Kind regards, Alexander ________________________________ Van: Christopher Schultz <ch...@christopherschultz.net> Verzonden: maandag 9 januari 2023 19:43 Aan: users@tomcat.apache.org <users@tomcat.apache.org> Onderwerp: Re: Apache Tomcat 10.0.27 - UML sequence diagram of the authentication process Alexander, On 1/9/23 07:21, Alexander Ghyoot wrote: > For my thesis, I'm looking into access control in open-source software and am > curious how the authentication process works in the Apache Tomcat (10.0.27) > architecture. However, the documentation on this seems incomplete. The PNG is > a screenshot of the image, only half shown, the link is below. > Can someone give me a complete picture of the authentication flow in Apache > Tomcat? Thanks in advance. > > https://tomcat.apache.org/tomcat-10.0-doc/architecture/requestProcess.html > https://tomcat.apache.org/tomcat-10.0-doc/architecture/requestProcess/authentication-process.png > [https://tomcat.apache.org/tomcat-10.0-doc/architecture/requestProcess/authentication-process.png] My wild guess is those diagrams are very old and possibly out of date. I haven't looked at the revision-control history to see ... how old they are. Which kind of authentication are you interested in? Tomcat supports many kinds, and some of them work differently than others. Are you interested in how the credentials are gathered from the client, how they are verified, or both? -chris --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
