As discussed on the Jetspeed developers mailinglist (thread starts with: http://nagoya.apache.org/eyebrowse/ReadMsg?listNamefirstname.lastname@example.org&msgNo=14605) the new behaviour of Tomcat 5 to set the ContextClassLoader in the JAASRealm to the server classloader prevents defining LoginModules within the context of an web app.
As a quick solution to this problem the Tomcat 5 JAASRealm is going to be patched to revert back to the old Tomcat 4 handling.
The preferred solution is that the Tomcat Team would do this themselves or provide it as an option. Someone should start discussing this with them....
I'll provide a patch implementing the quick fix which will depend on the user property catalina.version.major=5 to be enforced upon the catalina server: when this condition is true a patched version of the Tomcat 5.0.24 JAASRealm.java revision 1.6 will be compiled into the $Tomcat/server/classes directory.
|Transition||Time In Source Status||Execution Times||Last Executer||Last Execution Date|
|141d 21h 27m||1||Ate Douma||14/Oct/04 19:54|
|Status||Open [ 1 ]||Closed [ 6 ]|
|Fix Version/s||2.0-M1 [ 10931 ]|
|Resolution||Fixed [ 1 ]|