public class CombinedRealm extends RealmBase
RealmBase.AllRolesModeLifecycle.SingleUse| Modifier and Type | Field and Description |
|---|---|
protected static String |
name
Deprecated.
This will be removed in Tomcat 9 onwards.
|
protected List<Realm> |
realms
The list of Realms contained by this Realm.
|
allRolesMode, container, containerLog, realmPath, sm, stripRealmForGss, support, validate, x509UsernameRetriever, x509UsernameRetrieverClassNamemserverAFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT| Constructor and Description |
|---|
CombinedRealm() |
| Modifier and Type | Method and Description |
|---|---|
void |
addRealm(Realm theRealm)
Add a realm to the list of realms that will be used to authenticate
users.
|
Principal |
authenticate(GSSContext gssContext,
boolean storeCred)
Try to authenticate using a
GSSContext |
Principal |
authenticate(GSSName gssName,
GSSCredential gssCredential)
Try to authenticate using a
GSSName |
Principal |
authenticate(String username)
Return the Principal associated with the specified user name otherwise
return
null. |
Principal |
authenticate(String username,
String credentials)
Return the Principal associated with the specified username and
credentials, if there is one; otherwise return
null. |
Principal |
authenticate(String username,
String clientDigest,
String nonce,
String nc,
String cnonce,
String qop,
String realmName,
String md5a2)
Return the Principal associated with the specified username, which
matches the digest calculated using the given parameters using the
method described in RFC 2069; otherwise return
null. |
Principal |
authenticate(X509Certificate[] certs)
Return the Principal associated with the specified chain of X509
client certificates.
|
void |
backgroundProcess()
Delegate the backgroundProcess call to all sub-realms.
|
protected void |
destroyInternal()
Ensure child Realms are destroyed when this Realm is destroyed.
|
protected String |
getName()
Deprecated.
|
Realm[] |
getNestedRealms() |
protected String |
getPassword(String username)
Get the password for the specified user.
|
protected Principal |
getPrincipal(String username)
Get the principal associated with the specified user.
|
ObjectName[] |
getRealms() |
boolean |
hasRole(Wrapper wrapper,
Principal principal,
String role)
Check if the specified Principal has the specified
security role, within the context of this Realm.
|
boolean |
isAvailable()
Return the availability of the realm for authentication.
|
void |
setContainer(Container container)
Set the Container with which this Realm has been associated.
|
void |
setCredentialHandler(CredentialHandler credentialHandler)
Set the CredentialHandler to be used by this Realm.
|
protected void |
startInternal()
Prepare for the beginning of active use of the public methods of this
component and implement the requirements of
LifecycleBase.startInternal(). |
protected void |
stopInternal()
Gracefully terminate the active use of the public methods of this
component and implement the requirements of
LifecycleBase.stopInternal(). |
addPropertyChangeListener, Digest, findSecurityConstraints, getAllRolesMode, getContainer, getCredentialHandler, getDigest, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getRoles, getServer, getTransportGuaranteeRedirectStatus, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRoleInternal, hasUserDataPermission, initInternal, isStripRealmForGss, main, removePropertyChangeListener, setAllRolesMode, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setValidate, setX509UsernameRetrieverClassName, toStringgetDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregisteraddLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop@Deprecated protected static final String name
public void addRealm(Realm theRealm)
theRealm - realm which should be wrapped by the combined realmpublic ObjectName[] getRealms()
public Realm[] getNestedRealms()
public Principal authenticate(String username, String clientDigest, String nonce, String nc, String cnonce, String qop, String realmName, String md5a2)
null.authenticate in interface Realmauthenticate in class RealmBaseusername - Username of the Principal to look upclientDigest - Digest which has been submitted by the clientnonce - Unique (or supposedly unique) token which has been used
for this requestrealmName - Realm namemd5a2 - Second MD5 digest used to calculate the digest :
MD5(Method + ":" + uri)nc - the nonce countercnonce - the client chosen nonceqop - the "quality of protection" (nc and cnonce
will only be used, if qop is not null).null if there is none.public Principal authenticate(String username)
null.authenticate in interface Realmauthenticate in class RealmBaseusername - User name of the Principal to look upnull if none is
associated.public Principal authenticate(String username, String credentials)
null.authenticate in interface Realmauthenticate in class RealmBaseusername - Username of the Principal to look upcredentials - Password or other credentials to use in
authenticating this usernamenull if there is none.public void setContainer(Container container)
setContainer in interface RealmsetContainer in class RealmBasecontainer - The associated Containerprotected void startInternal()
throws LifecycleException
LifecycleBase.startInternal().startInternal in class RealmBaseLifecycleException - if this component detects a fatal error
that prevents this component from being usedprotected void stopInternal()
throws LifecycleException
LifecycleBase.stopInternal().stopInternal in class RealmBaseLifecycleException - if this component detects a fatal error
that needs to be reportedprotected void destroyInternal()
throws LifecycleException
destroyInternal in class LifecycleMBeanBaseLifecycleException - If the destruction failspublic void backgroundProcess()
backgroundProcess in interface RealmbackgroundProcess in class RealmBasepublic Principal authenticate(X509Certificate[] certs)
null.authenticate in interface Realmauthenticate in class RealmBasecerts - Array of client certificates, with the first one in
the array being the certificate of the client itself.null if there is nonepublic Principal authenticate(GSSContext gssContext, boolean storeCred)
GSSContextauthenticate in interface Realmauthenticate in class RealmBasegssContext - The gssContext processed by the Authenticator.storeCred - Should the realm attempt to store the delegated
credentials in the returned Principal?null if there is nonepublic Principal authenticate(GSSName gssName, GSSCredential gssCredential)
GSSNameauthenticate in interface GSSRealmauthenticate in class RealmBasegssName - The GSSName of the principal to look upgssCredential - The GSSCredential of the principal, may be
nullnull if there is nonepublic boolean hasRole(Wrapper wrapper, Principal principal, String role)
RealmBase.hasRoleInternal(Principal,
String) can be overridden by Realm implementations, but the default is
adequate when an instance of GenericPrincipal is used to
represent authenticated Principals from this Realm.hasRole in interface RealmhasRole in class RealmBasewrapper - wrapper context for evaluating roleprincipal - Principal for whom the role is to be checkedrole - Security role to be checkedtrue if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false.@Deprecated protected String getName()
protected String getPassword(String username)
RealmBasegetPassword in class RealmBaseusername - The user nameprotected Principal getPrincipal(String username)
RealmBasegetPrincipal in class RealmBaseusername - The user namepublic boolean isAvailable()
RealmisAvailable in interface RealmisAvailable in class RealmBasetrue if the realm is able to perform authenticationpublic void setCredentialHandler(CredentialHandler credentialHandler)
RealmsetCredentialHandler in interface RealmsetCredentialHandler in class RealmBasecredentialHandler - the CredentialHandler to useCopyright © 2000-2021 Apache Software Foundation. All Rights Reserved.