Summary: | Tomcat6 JAASRealm ignores useContextClassLoader in parseClassNames | ||
---|---|---|---|
Product: | Tomcat 6 | Reporter: | David <computabloke> |
Component: | Catalina | Assignee: | Tomcat Developers Mailing List <dev> |
Status: | RESOLVED DUPLICATE | ||
Severity: | regression | ||
Priority: | P2 | ||
Version: | 6.0.14 | ||
Target Milestone: | default | ||
Hardware: | PC | ||
OS: | All | ||
URL: | http://support.liferay.com/browse/LEP-2995;jsessionid=C72F970D8B99F4BD60185FB0A1567A8F |
Description
David
2007-09-13 21:34:49 UTC
Sorry, I meant the issue occurs when using useContextClassLoader="true" in the original report (which is the default according to http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JAASRealm). As a temporary work-around for this issue you can: 1. Move your classes to the Tomcat shared /lib directory. 2. Since all principals must implement java.security.Principal, and the first principal 'must' be the user principal, you can just use the base class: <Realm className="org.apache.catalina.realm.JAASRealm" appName="PortalRealm" userClassNames="java.security.Principal" debug="99" useContextClassLoader="true" /> Just noticed this bug report. I put up a patch at bug 44084, would be cool if you could try it. The logic also seemed to be backwards to me. I assume useContextClassLoader means to use Thread.currentThread().getContextClassLoader(), which is the webapp's class loader, and useContextClassLoader="false" means the servlet class loader, which is retrieved by getClass().getClassLoader() from the JAASRealm. |