Java Doc for JAASRealm.java in » Sevlet-Container » tomcat-catalina » org » apache » catalina » realm » Java Source Code / Java DocumentationJava Source Code and Java Documentation

Java Source Code / Java Documentation

1.	6.0 JDK Core
2.	6.0 JDK Modules
3.	6.0 JDK Modules com.sun
4.	6.0 JDK Modules com.sun.java
5.	6.0 JDK Modules sun
6.	6.0 JDK Platform
7.	Ajax
8.	Apache Harmony Java SE
9.	Aspect oriented
10.	Authentication Authorization
11.	Blogger System
12.	Build
13.	Byte Code
14.	Cache
15.	Chart
16.	Chat
17.	Code Analyzer
18.	Collaboration
19.	Content Management System
20.	Database Client
21.	Database DBMS
22.	Database JDBC Connection Pool
23.	Database ORM
24.	Development
25.	EJB Server geronimo
26.	EJB Server GlassFish
27.	EJB Server JBoss 4.2.1
28.	EJB Server resin 3.1.5
29.	ERP CRM Financial
30.	ESB
31.	Forum
32.	GIS
33.	Graphic Library
34.	Groupware
35.	HTML Parser
36.	IDE
37.	IDE Eclipse
38.	IDE Netbeans
39.	Installer
40.	Internationalization Localization
41.	Inversion of Control
42.	Issue Tracking
43.	J2EE
44.	JBoss
45.	JMS
46.	JMX
47.	Library
48.	Mail Clients
49.	Net
50.	Parser
51.	PDF
52.	Portal
53.	Profiler
54.	Project Management
55.	Report
56.	RSS RDF
57.	Rule Engine
58.	Science
59.	Scripting
60.	Search Engine
61.	Security
62.	Sevlet Container
63.	Source Control
64.	Swing Library
65.	Template Engine
66.	Test Coverage
67.	Testing
68.	UML
69.	Web Crawler
70.	Web Framework
71.	Web Mail
72.	Web Server
73.	Web Services
74.	Web Services apache cxf 2.0.1
75.	Web Services AXIS2
76.	Wiki Engine
77.	Workflow Engines
78.	XML
79.	XML UI

Java

Java Tutorial

Illustrator Tutorials

GIMP Tutorials

C# / C Sharp

C# / CSharp Tutorial

C# / CSharp Open Source

SQL Server / T-SQL Tutorial

Oracle PL / SQL

Oracle PL/SQL Tutorial

Flash / Flex / ActionScript

VBA / Excel / Access / Word

XML

XML Tutorial

Microsoft Office PowerPoint 2007 Tutorial

Microsoft Office Excel 2007 Tutorial

Microsoft Office Word 2007 Tutorial

Java Source Code / Java Documentation » Sevlet Container » tomcat catalina » org.apache.catalina.realm

Source Cross Reference Class Diagram Java Document (Java Doc)

java.lang .Object

org.apache.catalina.realm .RealmBase

org.apache.catalina.realm .JAASRealm

JAASRealm

public class JAASRealm extends RealmBase (Code)

Implmentation of Realm that authenticates users via the Java Authentication and Authorization Service (JAAS). JAAS support requires either JDK 1.4 (which includes it as part of the standard platform) or JDK 1.3 (with the plug-in jaas.jar file).

The value configured for the appName property is passed to the javax.security.auth.login.LoginContext constructor, to specify the application name used to select the set of relevant LoginModules required.

The JAAS Specification describes the result of a successful login as a javax.security.auth.Subject instance, which can contain zero or more java.security.Principal objects in the return value of the Subject.getPrincipals() method. However, it provides no guidance on how to distinguish Principals that describe the individual user (and are thus appropriate to return as the value of request.getUserPrincipal() in a web application) from the Principal(s) that describe the authorized roles for this user. To maintain as much independence as possible from the underlying LoginMethod implementation executed by JAAS, the following policy is implemented by this Realm:

The JAAS LoginModule is assumed to return a Subject with at least one Principal instance representing the user himself or herself, and zero or more separate Principals representing the security roles authorized for this user.


 On the Principal representing the user, the Principal
 name is an appropriate value to return via the Servlet API method
 HttpServletRequest.getRemoteUser().
 On the Principals representing the security roles, the
 name is the name of the authorized security role.
 This Realm will be configured with two lists of fully qualified Java
 class names of classes that implement
 java.security.Principal - one that identifies class(es)
 representing a user, and one that identifies class(es) representing
 a security role.
 As this Realm iterates over the Principals returned by
 Subject.getPrincipals(), it will identify the first
 Principal that matches the "user classes" list as the
 Principal for this user.
 As this Realm iterates over the Princpals returned by
 Subject.getPrincipals(), it will accumulate the set of
 all Principals matching the "role classes" list as
 identifying the security roles for this user.
 It is a configuration error for the JAAS login method to return a
 validated Subject without a Principal that
 matches the "user classes" list.



author:
    Craig R. McClanahan
author:
    Yoav Shapira
version:
    $Revision: 1.6.2.1 $ $Date: 2004/08/21 15:49:53 $

Field Summary
protected String	appName The application name passed to the JAAS `LoginContext`, which uses it to select the set of relevant `LoginModules`.
final protected static String	info Descriptive information about this Realm implementation.
final protected static String	name Descriptive information about this Realm implementation.
protected String	roleClassNames Comma-delimited list of `javax.security.Principal` classes that represent security roles.
protected ArrayList	roleClasses The list of role class names, split out for easy processing.
final protected static StringManager	sm The string manager for this package.
protected boolean	useContextClassLoader Whether to use context ClassLoader or default ClassLoader.
protected String	userClassNames Comma-delimited list of `javax.security.Principal` classes that represent individual users.
protected ArrayList	userClasses The set of user class names, split out for easy processing.

Method Summary
public Principal	authenticate(String username, String credentials) Return the Principal associated with the specified username and credentials, if there is one; otherwise return `null`. If there are any errors with the JDBC connection, executing the query or anything we return null (don't authenticate).
protected Principal	createPrincipal(String username, Subject subject) Construct and return a `java.security.Principal` instance representing the authenticated user for the specified Subject.
public String	getAppName()
protected String	getName() Return a short name for this Realm implementation.
protected String	getPassword(String username) Return the password associated with the given principal's user name.
protected Principal	getPrincipal(String username) Return the Principal associated with the given user name.
public String	getRoleClassNames()
public String	getUserClassNames()
public boolean	isUseContextClassLoader() Returns whether to use the context or default ClassLoader.
public void	setAppName(String name)
public void	setContainer(Container container)
public void	setRoleClassNames(String roleClassNames)
public void	setUseContextClassLoader(boolean useContext) Sets whether to use the context or default ClassLoader.
public void	setUserClassNames(String userClassNames)
public void	start() Prepare for active use of the public methods of this Component.
public void	stop() Gracefully shut down active use of the public methods of this Component.

Field Detail

appName
protected String appName(Code)
	The application name passed to the JAAS `LoginContext`, which uses it to select the set of relevant `LoginModules`.

info
final protected static String info(Code)
	Descriptive information about this Realm implementation.

name
final protected static String name(Code)
	Descriptive information about this Realm implementation.

roleClassNames
protected String roleClassNames(Code)
	Comma-delimited list of `javax.security.Principal` classes that represent security roles.

roleClasses
protected ArrayList roleClasses(Code)
	The list of role class names, split out for easy processing.

sm
final protected static StringManager sm(Code)
	The string manager for this package.

useContextClassLoader
protected boolean useContextClassLoader(Code)
	Whether to use context ClassLoader or default ClassLoader. True means use context ClassLoader, and True is the default value.

userClassNames
protected String userClassNames(Code)
	Comma-delimited list of `javax.security.Principal` classes that represent individual users.

userClasses
protected ArrayList userClasses(Code)
	The set of user class names, split out for easy processing.

Method Detail

authenticate
public Principal authenticate(String username, String credentials)(Code)
	Return the Principal associated with the specified username and credentials, if there is one; otherwise return `null`. If there are any errors with the JDBC connection, executing the query or anything we return null (don't authenticate). This event is also logged, and the connection will be closed so that a subsequent request will automatically re-open it. Parameters: username - Username of the Principal to look up Parameters: credentials - Password or other credentials to use inauthenticating this username

createPrincipal
protected Principal createPrincipal(String username, Subject subject)(Code)
	Construct and return a `java.security.Principal` instance representing the authenticated user for the specified Subject. If no such Principal can be constructed, return `null`. Parameters: subject - The Subject representing the logged in user

getAppName
public String getAppName()(Code)
	getter for the appName member variable

getName
protected String getName()(Code)
	Return a short name for this Realm implementation.

getPassword
protected String getPassword(String username)(Code)
	Return the password associated with the given principal's user name.

getPrincipal
protected Principal getPrincipal(String username)(Code)
	Return the Principal associated with the given user name.

getRoleClassNames
public String getRoleClassNames()(Code)

getUserClassNames
public String getUserClassNames()(Code)

isUseContextClassLoader
public boolean isUseContextClassLoader()(Code)
	Returns whether to use the context or default ClassLoader. True means to use the context ClassLoader. The value of useContextClassLoader

setAppName
public void setAppName(String name)(Code)
	setter for the appName member variable

setContainer
public void setContainer(Container container)(Code)

setRoleClassNames
public void setRoleClassNames(String roleClassNames)(Code)

setUseContextClassLoader
public void setUseContextClassLoader(boolean useContext)(Code)
	Sets whether to use the context or default ClassLoader. True means use context ClassLoader. Parameters: useContext - True means use context ClassLoader

setUserClassNames
public void setUserClassNames(String userClassNames)(Code)

start
public void start() throws LifecycleException(Code)
	Prepare for active use of the public methods of this Component. exception: LifecycleException - if this component detects a fatal errorthat prevents it from being started

stop
public void stop() throws LifecycleException(Code)
	Gracefully shut down active use of the public methods of this Component. exception: LifecycleException - if this component detects a fatal errorthat needs to be reported

Fields inherited from org.apache.catalina.realm.RealmBase

protected Container container(Code)(Java Doc)
protected ObjectName controller(Code)(Java Doc)
protected int debug(Code)(Java Doc)
protected String digest(Code)(Java Doc)
protected String domain(Code)(Java Doc)
protected String host(Code)(Java Doc)
final protected static String info(Code)(Java Doc)
protected boolean initialized(Code)(Java Doc)
protected LifecycleSupport lifecycle(Code)(Java Doc)
protected MessageDigest md(Code)(Java Doc)
final protected static MD5Encoder md5Encoder(Code)(Java Doc)
protected static MessageDigest md5Helper(Code)(Java Doc)
protected MBeanServer mserver(Code)(Java Doc)
protected ObjectName oname(Code)(Java Doc)
protected String path(Code)(Java Doc)
protected static StringManager sm(Code)(Java Doc)
protected boolean started(Code)(Java Doc)
protected PropertyChangeSupport support(Code)(Java Doc)
protected String type(Code)(Java Doc)
protected boolean validate(Code)(Java Doc)

Methods inherited from org.apache.catalina.realm.RealmBase

final public static String Digest(String credentials, String algorithm)(Code)(Java Doc)
public void addLifecycleListener(LifecycleListener listener)(Code)(Java Doc)
public void addPropertyChangeListener(PropertyChangeListener listener)(Code)(Java Doc)
public Principal authenticate(String username, String credentials)(Code)(Java Doc)
public Principal authenticate(String username, byte[] credentials)(Code)(Java Doc)
public Principal authenticate(String username, String clientDigest, String nOnce, String nc, String cnonce, String qop, String realm, String md5a2)(Code)(Java Doc)
public Principal authenticate(X509Certificate certs)(Code)(Java Doc)
public void destroy()(Code)(Java Doc)
protected String digest(String credentials)(Code)(Java Doc)
public LifecycleListener[] findLifecycleListeners()(Code)(Java Doc)
public SecurityConstraint[] findSecurityConstraints(HttpRequest request, Context context)(Code)(Java Doc)
public Container getContainer()(Code)(Java Doc)
public ObjectName getController()(Code)(Java Doc)
public int getDebug()(Code)(Java Doc)
public String getDigest()(Code)(Java Doc)
protected String getDigest(String username, String realmName)(Code)(Java Doc)
public String getDomain()(Code)(Java Doc)
public String getInfo()(Code)(Java Doc)
abstract protected String getName()(Code)(Java Doc)
public ObjectName getObjectName()(Code)(Java Doc)
abstract protected String getPassword(String username)(Code)(Java Doc)
abstract protected Principal getPrincipal(String username)(Code)(Java Doc)
public String getType()(Code)(Java Doc)
public boolean getValidate()(Code)(Java Doc)
protected boolean hasMessageDigest()(Code)(Java Doc)
public boolean hasResourcePermission(HttpRequest request, HttpResponse response, SecurityConstraint[] constraints, Context context) throws IOException(Code)(Java Doc)
public boolean hasRole(Principal principal, String role)(Code)(Java Doc)
public boolean hasUserDataPermission(HttpRequest request, HttpResponse response, SecurityConstraint[] constraints) throws IOException(Code)(Java Doc)
public void init()(Code)(Java Doc)
protected void log(String message)(Code)(Java Doc)
protected void log(String message, Throwable throwable)(Code)(Java Doc)
public static void main(String args)(Code)(Java Doc)
public void postDeregister()(Code)(Java Doc)
public void postRegister(Boolean registrationDone)(Code)(Java Doc)
public void preDeregister() throws Exception(Code)(Java Doc)
public ObjectName preRegister(MBeanServer server, ObjectName name) throws Exception(Code)(Java Doc)
public void removeLifecycleListener(LifecycleListener listener)(Code)(Java Doc)
public void removePropertyChangeListener(PropertyChangeListener listener)(Code)(Java Doc)
public void setContainer(Container container)(Code)(Java Doc)
public void setController(ObjectName controller)(Code)(Java Doc)
public void setDebug(int debug)(Code)(Java Doc)
public void setDigest(String digest)(Code)(Java Doc)
public void setValidate(boolean validate)(Code)(Java Doc)
public void start() throws LifecycleException(Code)(Java Doc)
public void stop() throws LifecycleException(Code)(Java Doc)

Methods inherited from java.lang.Object

native protected Object clone() throws CloneNotSupportedException(Code)(Java Doc)
public boolean equals(Object obj)(Code)(Java Doc)
protected void finalize() throws Throwable(Code)(Java Doc)
final native public Class getClass()(Code)(Java Doc)
native public int hashCode()(Code)(Java Doc)
final native public void notify()(Code)(Java Doc)
final native public void notifyAll()(Code)(Java Doc)
public String toString()(Code)(Java Doc)
final native public void wait(long timeout) throws InterruptedException(Code)(Java Doc)
final public void wait(long timeout, int nanos) throws InterruptedException(Code)(Java Doc)
final public void wait() throws InterruptedException(Code)(Java Doc)

www.java2java.com | Contact Us

All other trademarks are property of their respective owners.