[Pki-devel] [PATCH] 107 Added proxy realm.
Ade Lee
alee at redhat.com
Tue Aug 28 13:33:31 UTC 2012
The changes look ok, although due to the issue in one of the previous
patches, I cannot build yet using the compose scripts.
What effect does this patch have on the patch that mharmsen is currently
working on? At the very least, you will need to modify where it is
checking for links for the dogtag 10 instance.
And how does this affect a dogtag 9 instance running under dogtag 10
code?
On Wed, 2012-08-22 at 19:05 -0500, Endi Sukma Dewata wrote:
> CMS engine is a singleton and it's used by PKI realm to authenticate
> users accessing the subsystem. Since a Tomcat instance may contain
> multiple subsystems, each having separate realm, the PKI JAR files
> need to be moved into WEB-INF/lib so that they will run inside
> separate class loaders. Note that Tomcat requires that the JAR files
> be copied into this folder, they cannot be linked.
>
> Tomcat also requires that the authenticator and realm classes be
> available in common/lib. To address this a new package pki-tomcat.jar
> has been added. The package contains the authenticator and a proxy
> realm. When the subsystems start running, they will register their
> own realms into the proxy realms such that the authentications will
> be forwarded to the appropriate subsystems.
>
> Ticket #89
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
More information about the Pki-devel
mailing list