org.apache.catalina.authenticator
public abstract class AuthenticatorBase extends ValveBase implements Authenticator, Lifecycle
<security-constraint>
elements in the web application
deployment descriptor. This functionality is implemented as a Valve
so that it can be ommitted in environments that do not require these
features. Individual implementations of each supported authentication
method can subclass this base class as required.
USAGE CONSTRAINT: When this class is utilized, the Context to which it is attached (or a parent Container in a hierarchy) must have an associated Realm that can be used for authenticating users and enumerating the roles to which they have been assigned.
USAGE CONSTRAINT: This Valve is only useful when processing HTTP requests. Requests of any other type will simply be passed through.
Version: $Revision: 892545 $ $Date: 2009-12-20 02:04:17 +0100 (Sun, 20 Dec 2009) $
Field Summary | |
---|---|
protected String | algorithm
The message digest algorithm to be used when generating session
identifiers. |
protected boolean | cache
Should we cache authenticated Principals if the request is part of
an HTTP session? |
protected boolean | changeSessionIdOnAuthentication
Should the session ID, if any, be changed upon a successful
authentication to prevent a session fixation attack? |
protected Context | context
The Context to which this Valve is attached. |
protected MessageDigest | digest
Return the MessageDigest implementation to be used when
creating session identifiers. |
protected boolean | disableProxyCaching
Flag to determine if we disable proxy caching, or leave the issue
up to the webapp developer. |
protected static String | DEFAULT_ALGORITHM
The default message digest algorithm to use if we cannot use
the requested one. |
protected String | entropy
A String initialization parameter used to increase the entropy of
the initialization of our random number generator. |
protected static String | info
Descriptive information about this implementation. |
protected LifecycleSupport | lifecycle
The lifecycle event support for this component. |
protected Random | random
A random number generator to use when generating session identifiers. |
protected String | randomClass
The Java class name of the random number generator class to be used
when generating session identifiers. |
protected boolean | securePagesWithPragma
Flag to determine if we disable proxy caching with headers incompatible
with IE |
protected static StringManager | sm
The string manager for this package. |
protected SingleSignOn | sso
The SingleSignOn implementation in our request processing chain,
if there is one. |
protected boolean | started
Has this component been started? |
protected static int | SESSION_ID_BYTES
The number of random bytes to include when generating a
session identifier. |
Method Summary | |
---|---|
void | addLifecycleListener(LifecycleListener listener)
Add a lifecycle event listener to this component.
|
protected void | associate(String ssoId, Session session)
Associate the specified single sign on identifier with the
specified Session.
|
protected abstract boolean | authenticate(Request request, Response response, LoginConfig config)
Authenticate the user making this request, based on the specified
login configuration. |
LifecycleListener[] | findLifecycleListeners()
Get the lifecycle listeners associated with this lifecycle. |
protected String | generateSessionId()
Generate and return a new session identifier for the cookie that
identifies an SSO principal. |
String | getAlgorithm()
Return the message digest algorithm for this Manager. |
boolean | getCache()
Return the cache authenticated Principals flag. |
boolean | getChangeSessionIdOnAuthentication()
Return the flag that states if we should change the session ID of an
existing session upon successful authentication.
|
Container | getContainer()
Return the Container to which this Valve is attached. |
protected MessageDigest | getDigest()
Return the MessageDigest object to be used for calculating
session identifiers. |
boolean | getDisableProxyCaching()
Return the flag that states if we add headers to disable caching by
proxies. |
String | getEntropy()
Return the entropy increaser value, or compute a semi-useful value
if this String has not yet been set. |
String | getInfo()
Return descriptive information about this Valve implementation. |
protected Random | getRandom()
Return the random number generator instance we should use for
generating session identifiers. |
String | getRandomClass()
Return the random number generator class name. |
boolean | getSecurePagesWithPragma()
Return the flag that states, if proxy caching is disabled, what headers
we add to disable the caching. |
void | invoke(Request request, Response response)
Enforce the security restrictions in the web application deployment
descriptor of our associated Context.
|
protected boolean | reauthenticateFromSSO(String ssoId, Request request)
Attempts reauthentication to the Realm using
the credentials included in argument entry .
|
protected void | register(Request request, Response response, Principal principal, String authType, String username, String password)
Register an authenticated Principal and authentication type in our
request, in the current session (if there is one), and with our
SingleSignOn valve, if there is one. |
void | removeLifecycleListener(LifecycleListener listener)
Remove a lifecycle event listener from this component.
|
void | setAlgorithm(String algorithm)
Set the message digest algorithm for this Manager.
|
void | setCache(boolean cache)
Set the cache authenticated Principals flag.
|
void | setChangeSessionIdOnAuthentication(boolean changeSessionIdOnAuthentication)
Set the value of the flag that states if we should change the session ID
of an existing session upon successful authentication.
|
void | setContainer(Container container)
Set the Container to which this Valve is attached.
|
void | setDisableProxyCaching(boolean nocache)
Set the value of the flag that states if we add headers to disable
caching by proxies. |
void | setEntropy(String entropy)
Set the entropy increaser value.
|
void | setRandomClass(String randomClass)
Set the random number generator class name.
|
void | setSecurePagesWithPragma(boolean securePagesWithPragma)
Set the value of the flag that states what headers we add to disable
proxy caching. |
void | start()
Prepare for the beginning of active use of the public methods of this
component. |
void | stop()
Gracefully terminate the active use of the public methods of this
component. |
java.security.MessageDigest
class on your platform.Parameters: listener The listener to add
Parameters: ssoId Single sign on identifier session Session to be associated
true
if any specified
constraint has been satisfied, or false
if we have
created a response challenge already.
Parameters: request Request we are processing response Response we are creating config Login configuration describing how authentication should be performed
Throws: IOException if an input/output error occurs
Returns: true
to change session ID upon successful
authentication, false
to do not perform the change.
Parameters: request Request to be processed response Response to be processed
Throws: IOException if an input/output error occurs ServletException if thrown by a processing element
Realm
using
the credentials included in argument entry
.
Parameters: ssoId identifier of SingleSignOn session with which the caller is associated request the request that needs to be authenticated
Parameters: request The servlet request we are processing response The servlet response we are generating principal The authenticated Principal to be registered authType The authentication type to be registered username Username used to authenticate (if any) password Password used to authenticate (if any)
Parameters: listener The listener to remove
Parameters: algorithm The new message digest algorithm
Parameters: cache The new cache flag
Parameters: changeSessionIdOnAuthentication
true
to change session ID upon successful
authentication, false
to do not perform the
change.
Parameters: container The container to which we are attached
Parameters: nocache true
if we add headers to disable proxy
caching, false
if we leave the headers alone.
Parameters: entropy The new entropy increaser value
Parameters: randomClass The new random number generator class name
Parameters: securePagesWithPragma true
if we add headers which
are incompatible with downloading office documents in IE under SSL but
which fix a caching problem in Mozilla.
configure()
,
and before any of the public methods of the component are utilized.
Throws: LifecycleException if this component detects a fatal error that prevents this component from being used
Throws: LifecycleException if this component detects a fatal error that needs to be reported