On 21/09/2011 15:54, Michael-O wrote: > Christopher, > > Christopher Schultz schrieb: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Mike, >> >> On 9/21/2011 3:52 AM, 1983-01...@gmx.net wrote: >>> I have removed the MemoryRealm from my server.xml in Tomcat 6.0.33 >>> and noticed that the StandardEngine creates a JAASRealm [1]: >>> 21.09.2011 09:14:58 org.apache.catalina.realm.JAASRealm >>> setContainer INFO: Set JAAS app name Catalina >>> >>> What is the reasoning behind this? >> >> Maybe it's easier and safer to have a dummy Realm than no realm at all. > > I don't consider the JAASRealm as a dummy realm. Maybe a NonRealm like > NonAuthenticator would make sense. > >>> I assume that any app will fail because I have never configured the >>> JAAS config file. >> >> If you never use authentication, I suspect you won't fail. >> >> Have you actually tried it? > > No, I did not yet but will do tomorrow and will report back. I guess it > will when an app needs authentication because at least the loginConf > "Catalina" won't be found.
Straw man. If your app needs an auth realm, isn't it your responsibility to provide one? There's no problem with the message above, it's INFO. p
signature.asc
Description: OpenPGP digital signature
