org.apache.catalina.realm
public abstract class RealmBase extends Object implements Lifecycle, Realm, MBeanRegistration
Version: $Revision: 781465 $ $Date: 2009-06-03 18:38:25 +0200 (Wed, 03 Jun 2009) $
Nested Class Summary | |
---|---|
protected static class | RealmBase.AllRolesMode |
Field Summary | |
---|---|
protected RealmBase.AllRolesMode | allRolesMode
The all role mode. |
protected Container | container
The Container with which this Realm is associated. |
protected Log | containerLog
Container log |
protected ObjectName | controller |
protected String | digest
Digest algorithm used in storing passwords in a non-plaintext format.
|
protected String | digestEncoding
The encoding charset for the digest. |
protected String | domain |
protected String | host |
protected static String | info
Descriptive information about this Realm implementation. |
protected boolean | initialized |
protected LifecycleSupport | lifecycle
The lifecycle event support for this component. |
protected MessageDigest | md
The MessageDigest object for digesting user credentials (passwords). |
protected static MD5Encoder | md5Encoder
The MD5 helper object for this class. |
protected static MessageDigest | md5Helper
MD5 message digest provider. |
protected MBeanServer | mserver |
protected ObjectName | oname |
protected String | path |
protected String | realmPath |
protected static StringManager | sm
The string manager for this package. |
protected boolean | started
Has this component been started? |
protected PropertyChangeSupport | support
The property change support for this component. |
protected String | type |
protected boolean | validate
Should we validate client certificate chains when they are presented? |
Method Summary | |
---|---|
void | addLifecycleListener(LifecycleListener listener)
Add a lifecycle event listener to this component.
|
void | addPropertyChangeListener(PropertyChangeListener listener)
Add a property change listener to this component.
|
Principal | authenticate(String username, String credentials)
Return the Principal associated with the specified username and
credentials, if there is one; otherwise return null .
|
Principal | authenticate(String username, byte[] credentials)
Return the Principal associated with the specified username and
credentials, if there is one; otherwise return null .
|
Principal | authenticate(String username, String clientDigest, String nOnce, String nc, String cnonce, String qop, String realm, String md5a2)
Return the Principal associated with the specified username, which
matches the digest calculated using the given parameters using the
method described in RFC 2069; otherwise return null .
|
Principal | authenticate(X509Certificate[] certs)
Return the Principal associated with the specified chain of X509
client certificates. |
void | backgroundProcess()
Execute a periodic task, such as reloading, etc. |
void | destroy() |
protected String | digest(String credentials)
Digest the password using the specified algorithm and
convert the result to a corresponding hexadecimal string.
|
static String | Digest(String credentials, String algorithm, String encoding)
Digest password using the algorithm specified and
convert the result to a corresponding hex string.
|
LifecycleListener[] | findLifecycleListeners()
Get the lifecycle listeners associated with this lifecycle. |
SecurityConstraint[] | findSecurityConstraints(Request request, Context context)
Return the SecurityConstraints configured to guard the request URI for
this request, or null if there is no such constraint.
|
String | getAllRolesMode()
Return the all roles mode. |
Container | getContainer()
Return the Container with which this Realm has been associated. |
ObjectName | getController() |
String | getDigest()
Return the digest algorithm used for storing credentials. |
protected String | getDigest(String username, String realmName)
Return the digest associated with given principal's user name. |
String | getDigestEncoding()
Returns the digest encoding charset.
|
String | getDomain() |
String | getInfo()
Return descriptive information about this Realm implementation and
the corresponding version number, in the format
<description>/<version> . |
protected abstract String | getName()
Return a short name for this Realm implementation, for use in
log messages. |
ObjectName | getObjectName() |
protected abstract String | getPassword(String username)
Return the password associated with the given principal's user name. |
protected Principal | getPrincipal(X509Certificate usercert)
Return the Principal associated with the given certificate. |
protected abstract Principal | getPrincipal(String username)
Return the Principal associated with the given user name. |
String | getRealmPath() |
protected String | getRealmSuffix() |
String | getType() |
boolean | getValidate()
Return the "validate certificate chains" flag. |
protected boolean | hasMessageDigest() |
boolean | hasResourcePermission(Request request, Response response, SecurityConstraint[] constraints, Context context)
Perform access control based on the specified authorization constraint.
|
boolean | hasRole(Principal principal, String role)
Return true if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false . |
boolean | hasUserDataPermission(Request request, Response response, SecurityConstraint[] constraints)
Enforce any user data constraint required by the security constraint
guarding this request URI. |
void | init() |
static void | main(String[] args)
Digest password using the algorithm specified and
convert the result to a corresponding hex string.
|
void | postDeregister() |
void | postRegister(Boolean registrationDone) |
void | preDeregister() |
ObjectName | preRegister(MBeanServer server, ObjectName name) |
void | removeLifecycleListener(LifecycleListener listener)
Remove a lifecycle event listener from this component.
|
void | removePropertyChangeListener(PropertyChangeListener listener)
Remove a property change listener from this component.
|
void | setAllRolesMode(String allRolesMode)
Set the all roles mode. |
void | setContainer(Container container)
Set the Container with which this Realm has been associated.
|
void | setController(ObjectName controller) |
void | setDigest(String digest)
Set the digest algorithm used for storing credentials.
|
void | setDigestEncoding(String charset)
Sets the digest encoding charset.
|
void | setRealmPath(String theRealmPath) |
void | setValidate(boolean validate)
Set the "validate certificate chains" flag.
|
void | start()
Prepare for the beginning of active use of the public methods of this
component. |
void | stop()
Gracefully terminate the active use of the public methods of this
component. |
null
if no digesting should
be performed.Parameters: listener The listener to add
Parameters: listener The listener to add
null
.
Parameters: username Username of the Principal to look up credentials Password or other credentials to use in authenticating this username
null
.
Parameters: username Username of the Principal to look up credentials Password or other credentials to use in authenticating this username
null
.
Parameters: username Username of the Principal to look up clientDigest Digest which has been submitted by the client nOnce Unique (or supposedly unique) token which has been used for this request realm Realm name md5a2 Second MD5 digest used to calculate the digest : MD5(Method + ":" + uri)
null
.
Parameters: certs Array of client certificates, with the first one in the array being the certificate of the client itself.
Parameters: credentials Password or other credentials to use in authenticating this username
Parameters: credentials Password or other credentials to use in authenticating this username algorithm Algorithm used to do the digest encoding Character encoding of the string to digest
null
if there is no such constraint.
Parameters: request Request we are processing context Context the Request is mapped to
Returns: The charset (may be null) for platform default
<description>/<version>
.true
if this constraint is satisfied and processing
should continue, or false
otherwise.
Parameters: request Request we are processing response Response we are creating constraints Security constraint we are enforcing context The Context to which client of this class is attached.
Throws: IOException if an input/output error occurs
true
if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false
. This method can be overridden by Realm
implementations, but the default is adequate when an instance of
GenericPrincipal
is used to represent authenticated
Principals from this Realm.
Parameters: principal Principal for whom the role is to be checked role Security role to be checked
true
if this constraint
was not violated and processing should continue, or false
if we have created a response already.
Parameters: request Request we are processing response Response we are creating constraints Security constraint being checked
Throws: IOException if an input/output error occurs
Parameters: listener The listener to remove
Parameters: listener The listener to remove
Parameters: container The associated Container
Parameters: digest The new digest algorithm
Parameters: charset The charset (null for platform default)
Parameters: validate The new validate certificate chains flag
Throws: LifecycleException if this component detects a fatal error that prevents this component from being used
Throws: LifecycleException if this component detects a fatal error that needs to be reported