Bug 66665 - Provide option to supply role mapping from a properties file
Summary: Provide option to supply role mapping from a properties file
Alias: None
Product: Tomcat 9
Classification: Unclassified
Component: Catalina (show other bugs)
Version: 9.0.76
Hardware: All All
: P2 enhancement (vote)
Target Milestone: -----
Assignee: Tomcat Developers Mailing List
: 55477 (view as bug list)
Depends on:
Reported: 2023-06-22 07:43 UTC by Michael Osipov
Modified: 2023-08-30 16:43 UTC (History)
2 users (show)


Note You need to log in before you can comment on or make changes to this bug.
Description Michael Osipov 2023-06-22 07:43:15 UTC
Note: This applies to all Tomcat versions

In enterprises you often use a centralized identity store where you do not have control over the group/roles names, but in your application you want to use friendly role names, e.g., 'admin', 'user', 'clerk', etc. Luckily realms utilize  Context.findRoleMapping(String) indirectly, so we only need to populate those mappings.

I have written such a mapping listener and would like to integrate it into upstream: https://mo-tomcat-ext.sourceforge.net/apidocs/net/sf/michaelo/tomcat/extras/listeners/PropertiesRoleMappingListener.html if there is a general interest, I guess there is. There code is straight forward: https://sourceforge.net/p/mo-tomcat-ext/code/HEAD/tree/trunk/src/main/java/net/sf/michaelo/tomcat/extras/listeners/PropertiesRoleMappingListener.java
Comment 1 Michael Osipov 2023-06-26 10:17:48 UTC
PR provided.
Comment 2 Michael Osipov 2023-06-29 09:40:57 UTC
Fixed in:
- main for 11.0.0-M8 and onwards
- 10.1.x for 10.1.11 and onwards
- 9.0.x  for 9.0.77 and onwards
- 8.5.x for 8.5.91 and onwards
Comment 3 Mark Thomas 2023-08-30 16:43:45 UTC
*** Bug 55477 has been marked as a duplicate of this bug. ***