[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tomcat-user
Subject:    Re: What future plans are for Tomcat authentication
From:       Mark Thomas <markt () apache ! org>
Date:       2024-03-20 9:02:10
Message-ID: 10e16367-2104-4272-a1a9-478ad982cf6c () apache ! org
[Download RAW message or body]

On 20/03/2024 06:22, Mircea Butmalai wrote:

<snip/>

> Questions are:
> 
> 1.  Is Jakarta Authentication specification going to replace the authentication \
> part of Jakarta Servlet specification?

Unlikely.

> 2.  Are current authenticatiors from Tomcat (FORM, SPNEGO, SSL, HTTP DIGEST, HTTP \
> BASIC, SSO) going to be implemented as Jakarta Authentication providers in future \
> versions of Tomcat?

This has been discussed in the past but there is little motivation to do 
so as there are no obvious benefits and possible negative performance 
impacts.

> 3.  Is any effort to introduce in Jakarta standards + Tomcat an authentcator of \
> type 2FA?

No plans I am aware of.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]