66665 – Provide option to supply role mapping from a properties file

Bug 66665 - Provide option to supply role mapping from a properties file

Summary: Provide option to supply role mapping from a properties file

Status:	RESOLVED FIXED

Alias:	None

Product:	Tomcat 9
Classification:	Unclassified
Component:	Catalina (show other bugs)
Version:	9.0.76
Hardware:	All All

Importance:	P2 enhancement (vote)
Target Milestone:	-----
Assignee:	Tomcat Developers Mailing List

URL:
Keywords:

Duplicates (1):	55477 (view as bug list)
Depends on:
Blocks:

Reported:	2023-06-22 07:43 UTC by Michael Osipov
Modified:	2023-08-30 16:43 UTC (History)
CC List:	2 users (show)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Osipov 2023-06-22 07:43:15 UTC

Note: This applies to all Tomcat versions

In enterprises you often use a centralized identity store where you do not have control over the group/roles names, but in your application you want to use friendly role names, e.g., 'admin', 'user', 'clerk', etc. Luckily realms utilize  Context.findRoleMapping(String) indirectly, so we only need to populate those mappings.

I have written such a mapping listener and would like to integrate it into upstream: https://mo-tomcat-ext.sourceforge.net/apidocs/net/sf/michaelo/tomcat/extras/listeners/PropertiesRoleMappingListener.html if there is a general interest, I guess there is. There code is straight forward: https://sourceforge.net/p/mo-tomcat-ext/code/HEAD/tree/trunk/src/main/java/net/sf/michaelo/tomcat/extras/listeners/PropertiesRoleMappingListener.java

Comment 1 Michael Osipov 2023-06-26 10:17:48 UTC

PR provided.

Comment 2 Michael Osipov 2023-06-29 09:40:57 UTC

Fixed in:
- main for 11.0.0-M8 and onwards
- 10.1.x for 10.1.11 and onwards
- 9.0.x  for 9.0.77 and onwards
- 8.5.x for 8.5.91 and onwards

Comment 3 Mark Thomas 2023-08-30 16:43:45 UTC

*** Bug 55477 has been marked as a duplicate of this bug. ***