| java.lang.Object
 org.apache.catalina.realm.RealmBase
All known Subclasses: org.apache.catalina.realm.UserDatabaseRealm, org.apache.catalina.realm.JNDIRealm, org.apache.catalina.realm.MemoryRealm, org.apache.catalina.realm.DataSourceRealm, org.apache.catalina.realm.JAASRealm, org.apache.catalina.realm.JDBCRealm,
| RealmBase | | abstract public class RealmBase implements Lifecycle,Realm,MBeanRegistration(Code) | | Simple implementation of Realm that reads an XML file to configure
the valid users, passwords, and roles. The file format (and default file
location) are identical to those currently supported by Tomcat 3.X.
author:
Craig R. McClanahan
version:
$Revision: 555304 $ $Date: 2007-07-11 17:28:52 +0200 (mer., 11 juil. 2007) $ |
| Inner Class :protected static class AllRolesMode | |
| Method Summary | |
| final public static String | Digest(String credentials, String algorithm, String encoding)
Digest password using the algorithm especificied and
convert the result to a corresponding hex string. | | public void | addLifecycleListener(LifecycleListener listener)
Add a lifecycle event listener to this component. | | public void | addPropertyChangeListener(PropertyChangeListener listener)
Add a property change listener to this component. | | public Principal | authenticate(String username, String credentials)
Return the Principal associated with the specified username and
credentials, if there is one; otherwise return null. | | public Principal | authenticate(String username, byte[] credentials)
Return the Principal associated with the specified username and
credentials, if there is one; otherwise return null. | | public Principal | authenticate(String username, String clientDigest, String nOnce, String nc, String cnonce, String qop, String realm, String md5a2)
Return the Principal associated with the specified username, which
matches the digest calculated using the given parameters using the
method described in RFC 2069; otherwise return null. | | public Principal | authenticate(X509Certificate certs)
Return the Principal associated with the specified chain of X509
client certificates. | | public void | backgroundProcess()
Execute a periodic task, such as reloading, etc. | | public void | destroy()
| | protected String | digest(String credentials)
Digest the password using the specified algorithm and
convert the result to a corresponding hexadecimal string. | | public LifecycleListener[] | findLifecycleListeners()
Get the lifecycle listeners associated with this lifecycle. | | public SecurityConstraint[] | findSecurityConstraints(Request request, Context context)
Return the SecurityConstraints configured to guard the request URI for
this request, or null if there is no such constraint. | | public String | getAllRolesMode()
Return the all roles mode. | | public Container | getContainer()
Return the Container with which this Realm has been associated. | | public ObjectName | getController()
| | public String | getDigest()
Return the digest algorithm used for storing credentials. | | protected String | getDigest(String username, String realmName)
Return the digest associated with given principal's user name. | | public String | getDigestEncoding()
Returns the digest encoding charset. | | public String | getDomain()
| | public String | getInfo()
Return descriptive information about this Realm implementation and
the corresponding version number, in the format
<description>/<version>. | | abstract protected String | getName()
Return a short name for this Realm implementation, for use in
log messages. | | public ObjectName | getObjectName()
| | abstract protected String | getPassword(String username)
Return the password associated with the given principal's user name. | | protected Principal | getPrincipal(X509Certificate usercert)
Return the Principal associated with the given certificate. | | abstract protected Principal | getPrincipal(String username)
Return the Principal associated with the given user name. | | public String | getType()
| | public boolean | getValidate()
Return the "validate certificate chains" flag. | | protected boolean | hasMessageDigest()
| | public boolean | hasResourcePermission(Request request, Response response, SecurityConstraint[] constraints, Context context)
Perform access control based on the specified authorization constraint. | | public boolean | hasRole(Principal principal, String role)
Return true if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false. | | public boolean | hasUserDataPermission(Request request, Response response, SecurityConstraint[] constraints)
Enforce any user data constraint required by the security constraint
guarding this request URI. | | public void | init()
| | public static void | main(String args)
Digest password using the algorithm especificied and
convert the result to a corresponding hex string. | | public void | postDeregister()
| | public void | postRegister(Boolean registrationDone)
| | public void | preDeregister()
| | public ObjectName | preRegister(MBeanServer server, ObjectName name)
| | public void | removeLifecycleListener(LifecycleListener listener)
Remove a lifecycle event listener from this component. | | public void | removePropertyChangeListener(PropertyChangeListener listener)
Remove a property change listener from this component. | | public void | setAllRolesMode(String allRolesMode)
Set the all roles mode. | | public void | setContainer(Container container)
Set the Container with which this Realm has been associated. | | public void | setController(ObjectName controller)
| | public void | setDigest(String digest)
Set the digest algorithm used for storing credentials. | | public void | setDigestEncoding(String charset)
Sets the digest encoding charset. | | public void | setValidate(boolean validate)
Set the "validate certificate chains" flag. | | public void | start()
Prepare for the beginning of active use of the public methods of this
component. | | public void | stop()
Gracefully terminate the active use of the public methods of this
component. |
| allRolesMode | | protected AllRolesMode allRolesMode(Code) | | The all role mode.
|
| container | | protected Container container(Code) | | The Container with which this Realm is associated.
|
| containerLog | | protected Log containerLog(Code) | | Container log
|
| digest | | protected String digest(Code) | | Digest algorithm used in storing passwords in a non-plaintext format.
Valid values are those accepted for the algorithm name by the
MessageDigest class, or null if no digesting should
be performed.
|
| digestEncoding | | protected String digestEncoding(Code) | | The encoding charset for the digest.
|
| info | | final protected static String info(Code) | | Descriptive information about this Realm implementation.
|
| initialized | | protected boolean initialized(Code) | | |
| md | | protected MessageDigest md(Code) | | The MessageDigest object for digesting user credentials (passwords).
|
| md5Encoder | | final protected static MD5Encoder md5Encoder(Code) | | The MD5 helper object for this class.
|
| started | | protected boolean started(Code) | | Has this component been started?
|
| validate | | protected boolean validate(Code) | | Should we validate client certificate chains when they are presented?
|
| Digest | | final public static String Digest(String credentials, String algorithm, String encoding)(Code) | | Digest password using the algorithm especificied and
convert the result to a corresponding hex string.
If exception, the plain credentials string is returned
Parameters:
credentials - Password or other credentials to use inauthenticating this username
Parameters:
algorithm - Algorithm used to do the digest
Parameters:
encoding - Character encoding of the string to digest |
| addLifecycleListener | | public void addLifecycleListener(LifecycleListener listener)(Code) | | Add a lifecycle event listener to this component.
Parameters:
listener - The listener to add |
| addPropertyChangeListener | | public void addPropertyChangeListener(PropertyChangeListener listener)(Code) | | Add a property change listener to this component.
Parameters:
listener - The listener to add |
| authenticate | | public Principal authenticate(String username, String credentials)(Code) | | Return the Principal associated with the specified username and
credentials, if there is one; otherwise return null.
Parameters:
username - Username of the Principal to look up
Parameters:
credentials - Password or other credentials to use inauthenticating this username |
| authenticate | | public Principal authenticate(String username, byte[] credentials)(Code) | | Return the Principal associated with the specified username and
credentials, if there is one; otherwise return null.
Parameters:
username - Username of the Principal to look up
Parameters:
credentials - Password or other credentials to use inauthenticating this username |
| authenticate | | public Principal authenticate(String username, String clientDigest, String nOnce, String nc, String cnonce, String qop, String realm, String md5a2)(Code) | | Return the Principal associated with the specified username, which
matches the digest calculated using the given parameters using the
method described in RFC 2069; otherwise return null.
Parameters:
username - Username of the Principal to look up
Parameters:
clientDigest - Digest which has been submitted by the client
Parameters:
nOnce - Unique (or supposedly unique) token which has been usedfor this request
Parameters:
realm - Realm name
Parameters:
md5a2 - Second MD5 digest used to calculate the digest :MD5(Method + ":" + uri) |
| authenticate | | public Principal authenticate(X509Certificate certs)(Code) | | Return the Principal associated with the specified chain of X509
client certificates. If there is none, return null.
Parameters:
certs - Array of client certificates, with the first one inthe array being the certificate of the client itself. |
| backgroundProcess | | public void backgroundProcess()(Code) | | Execute a periodic task, such as reloading, etc. This method will be
invoked inside the classloading context of this container. Unexpected
throwables will be caught and logged.
|
| destroy | | public void destroy()(Code) | | |
| digest | | protected String digest(String credentials)(Code) | | Digest the password using the specified algorithm and
convert the result to a corresponding hexadecimal string.
If exception, the plain credentials string is returned.
Parameters:
credentials - Password or other credentials to use inauthenticating this username |
| findLifecycleListeners | | public LifecycleListener[] findLifecycleListeners()(Code) | | Get the lifecycle listeners associated with this lifecycle. If this
Lifecycle has no listeners registered, a zero-length array is returned.
|
| findSecurityConstraints | | public SecurityConstraint[] findSecurityConstraints(Request request, Context context)(Code) | | Return the SecurityConstraints configured to guard the request URI for
this request, or null if there is no such constraint.
Parameters:
request - Request we are processing
Parameters:
context - Context the Request is mapped to |
| getAllRolesMode | | public String getAllRolesMode()(Code) | | Return the all roles mode.
|
| getContainer | | public Container getContainer()(Code) | | Return the Container with which this Realm has been associated.
|
| getDigest | | public String getDigest()(Code) | | Return the digest algorithm used for storing credentials.
|
| getDigest | | protected String getDigest(String username, String realmName)(Code) | | Return the digest associated with given principal's user name.
|
| getDigestEncoding | | public String getDigestEncoding()(Code) | | Returns the digest encoding charset.
The charset (may be null) for platform default |
| getInfo | | public String getInfo()(Code) | | Return descriptive information about this Realm implementation and
the corresponding version number, in the format
<description>/<version>.
|
| getName | | abstract protected String getName()(Code) | | Return a short name for this Realm implementation, for use in
log messages.
|
| getPassword | | abstract protected String getPassword(String username)(Code) | | Return the password associated with the given principal's user name.
|
| getPrincipal | | abstract protected Principal getPrincipal(String username)(Code) | | Return the Principal associated with the given user name.
|
| getValidate | | public boolean getValidate()(Code) | | Return the "validate certificate chains" flag.
|
| hasMessageDigest | | protected boolean hasMessageDigest()(Code) | | |
| hasResourcePermission | | public boolean hasResourcePermission(Request request, Response response, SecurityConstraint[] constraints, Context context) throws IOException(Code) | | Perform access control based on the specified authorization constraint.
Return true if this constraint is satisfied and processing
should continue, or false otherwise.
Parameters:
request - Request we are processing
Parameters:
response - Response we are creating
Parameters:
constraints - Security constraint we are enforcing
Parameters:
context - The Context to which client of this class is attached.
exception:
IOException - if an input/output error occurs |
| hasRole | | public boolean hasRole(Principal principal, String role)(Code) | | Return true if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false. This method can be overridden by Realm
implementations, but the default is adequate when an instance of
GenericPrincipal is used to represent authenticated
Principals from this Realm.
Parameters:
principal - Principal for whom the role is to be checked
Parameters:
role - Security role to be checked |
| hasUserDataPermission | | public boolean hasUserDataPermission(Request request, Response response, SecurityConstraint[] constraints) throws IOException(Code) | | Enforce any user data constraint required by the security constraint
guarding this request URI. Return true if this constraint
was not violated and processing should continue, or false
if we have created a response already.
Parameters:
request - Request we are processing
Parameters:
response - Response we are creating
Parameters:
constraints - Security constraint being checked
exception:
IOException - if an input/output error occurs |
| main | | public static void main(String args)(Code) | | Digest password using the algorithm especificied and
convert the result to a corresponding hex string.
If exception, the plain credentials string is returned
|
| postDeregister | | public void postDeregister()(Code) | | |
| postRegister | | public void postRegister(Boolean registrationDone)(Code) | | |
| removeLifecycleListener | | public void removeLifecycleListener(LifecycleListener listener)(Code) | | Remove a lifecycle event listener from this component.
Parameters:
listener - The listener to remove |
| removePropertyChangeListener | | public void removePropertyChangeListener(PropertyChangeListener listener)(Code) | | Remove a property change listener from this component.
Parameters:
listener - The listener to remove |
| setAllRolesMode | | public void setAllRolesMode(String allRolesMode)(Code) | | Set the all roles mode.
|
| setContainer | | public void setContainer(Container container)(Code) | | Set the Container with which this Realm has been associated.
Parameters:
container - The associated Container |
| setDigest | | public void setDigest(String digest)(Code) | | Set the digest algorithm used for storing credentials.
Parameters:
digest - The new digest algorithm |
| setDigestEncoding | | public void setDigestEncoding(String charset)(Code) | | Sets the digest encoding charset.
Parameters:
charset - The charset (null for platform default) |
| setValidate | | public void setValidate(boolean validate)(Code) | | Set the "validate certificate chains" flag.
Parameters:
validate - The new validate certificate chains flag |
| start | | public void start() throws LifecycleException(Code) | | Prepare for the beginning of active use of the public methods of this
component. This method should be called before any of the public
methods of this component are utilized. It should also send a
LifecycleEvent of type START_EVENT to any registered listeners.
exception:
LifecycleException - if this component detects a fatal errorthat prevents this component from being used |
| stop | | public void stop() throws LifecycleException(Code) | | Gracefully terminate the active use of the public methods of this
component. This method should be the last one called on a given
instance of this component. It should also send a LifecycleEvent
of type STOP_EVENT to any registered listeners.
exception:
LifecycleException - if this component detects a fatal errorthat needs to be reported |
|
|