Package org.apache.catalina.realm
Class JDBCRealm
- java.lang.Object
-
- org.apache.catalina.util.LifecycleBase
-
- org.apache.catalina.util.LifecycleMBeanBase
-
- org.apache.catalina.realm.RealmBase
-
- org.apache.catalina.realm.JDBCRealm
-
- All Implemented Interfaces:
javax.management.MBeanRegistration,Contained,GSSRealm,JmxEnabled,Lifecycle,Realm
@Deprecated public class JDBCRealm extends RealmBase
Deprecated.Will be removed in Tomcat 10 onwards. Use the DataSourceRealm instead.Implementation of Realm that works with any JDBC supported database. See the JDBCRealm.howto for more details on how to set up the database and for configuration options.For a Realm implementation that supports connection pooling and doesn't require synchronisation of
authenticate(),getPassword(),roles()andgetPrincipal()or the ugly connection logic use theDataSourceRealm.- Author:
- Craig R. McClanahan, Carson McDonald, Ignacio Ortega
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase
RealmBase.AllRolesMode
-
Nested classes/interfaces inherited from interface org.apache.catalina.Lifecycle
Lifecycle.SingleUse
-
-
Field Summary
Fields Modifier and Type Field Description protected java.lang.StringconnectionNameDeprecated.The connection username to use when trying to connect to the database.protected java.lang.StringconnectionPasswordDeprecated.The connection URL to use when trying to connect to the database.protected java.lang.StringconnectionURLDeprecated.The connection URL to use when trying to connect to the database.protected java.sql.ConnectiondbConnectionDeprecated.The connection to the database.protected java.sql.DriverdriverDeprecated.Instance of the JDBC Driver class we use as a connection factory.protected java.lang.StringdriverNameDeprecated.The JDBC driver to use.protected static java.lang.StringnameDeprecated.This will be removed in Tomcat 9 onwards.protected java.sql.PreparedStatementpreparedCredentialsDeprecated.The PreparedStatement to use for authenticating users.protected java.sql.PreparedStatementpreparedRolesDeprecated.The PreparedStatement to use for identifying the roles for a specified user.protected java.lang.StringroleNameColDeprecated.The column in the user role table that names a roleprotected java.lang.StringuserCredColDeprecated.The column in the user table that holds the user's credentialsprotected java.lang.StringuserNameColDeprecated.The column in the user table that holds the user's nameprotected java.lang.StringuserRoleTableDeprecated.The table that holds the relation between user's and rolesprotected java.lang.StringuserTableDeprecated.The table that holds user data.-
Fields inherited from class org.apache.catalina.realm.RealmBase
allRolesMode, container, containerLog, realmPath, sm, stripRealmForGss, support, validate, x509UsernameRetriever, x509UsernameRetrieverClassName
-
Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase
mserver
-
Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
-
-
Constructor Summary
Constructors Constructor Description JDBCRealm()Deprecated.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description java.security.Principalauthenticate(java.lang.String username, java.lang.String credentials)Deprecated.Return the Principal associated with the specified username and credentials, if there is one; otherwise returnnull.java.security.Principalauthenticate(java.sql.Connection dbConnection, java.lang.String username, java.lang.String credentials)Deprecated.Attempt to authenticate the user with the provided credentials.protected voidclose(java.sql.Connection dbConnection)Deprecated.Close the specified database connection.protected java.sql.PreparedStatementcredentials(java.sql.Connection dbConnection, java.lang.String username)Deprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.java.lang.StringgetConnectionName()Deprecated.java.lang.StringgetConnectionPassword()Deprecated.java.lang.StringgetConnectionURL()Deprecated.java.lang.StringgetDriverName()Deprecated.protected java.lang.StringgetName()Deprecated.protected java.lang.StringgetPassword(java.lang.String username)Deprecated.Get the password for the specified user.protected java.security.PrincipalgetPrincipal(java.lang.String username)Deprecated.Get the principal associated with the specified user.java.lang.StringgetRoleNameCol()Deprecated.protected java.util.ArrayList<java.lang.String>getRoles(java.lang.String username)Deprecated.Return the roles associated with the given user name.java.lang.StringgetUserCredCol()Deprecated.java.lang.StringgetUserNameCol()Deprecated.java.lang.StringgetUserRoleTable()Deprecated.java.lang.StringgetUserTable()Deprecated.booleanisAvailable()Deprecated.Return the availability of the realm for authentication.protected java.sql.Connectionopen()Deprecated.Open (if necessary) and return a database connection for use by this Realm.protected java.sql.PreparedStatementroles(java.sql.Connection dbConnection, java.lang.String username)Deprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.voidsetConnectionName(java.lang.String connectionName)Deprecated.Set the username to use to connect to the database.voidsetConnectionPassword(java.lang.String connectionPassword)Deprecated.Set the password to use to connect to the database.voidsetConnectionURL(java.lang.String connectionURL)Deprecated.Set the URL to use to connect to the database.voidsetDriverName(java.lang.String driverName)Deprecated.Set the JDBC driver that will be used.voidsetRoleNameCol(java.lang.String roleNameCol)Deprecated.Set the column in the user role table that names a role.voidsetUserCredCol(java.lang.String userCredCol)Deprecated.Set the column in the user table that holds the user's credentials.voidsetUserNameCol(java.lang.String userNameCol)Deprecated.Set the column in the user table that holds the user's name.voidsetUserRoleTable(java.lang.String userRoleTable)Deprecated.Set the table that holds the relation between user's and roles.voidsetUserTable(java.lang.String userTable)Deprecated.Set the table that holds user data.protected voidstartInternal()Deprecated.Prepare for the beginning of active use of the public methods of this component and implement the requirements ofLifecycleBase.startInternal().protected voidstopInternal()Deprecated.Gracefully terminate the active use of the public methods of this component and implement the requirements ofLifecycleBase.stopInternal().-
Methods inherited from class org.apache.catalina.realm.RealmBase
addPropertyChangeListener, authenticate, authenticate, authenticate, authenticate, authenticate, backgroundProcess, Digest, findSecurityConstraints, getAllRolesMode, getContainer, getCredentialHandler, getDigest, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getRoles, getServer, getTransportGuaranteeRedirectStatus, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasRoleInternal, hasUserDataPermission, initInternal, isStripRealmForGss, main, removePropertyChangeListener, setAllRolesMode, setContainer, setCredentialHandler, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setValidate, setX509UsernameRetrieverClassName, toString
-
Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister
-
Methods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
-
-
-
-
Field Detail
-
connectionName
protected java.lang.String connectionName
Deprecated.The connection username to use when trying to connect to the database.
-
connectionPassword
protected java.lang.String connectionPassword
Deprecated.The connection URL to use when trying to connect to the database.
-
connectionURL
protected java.lang.String connectionURL
Deprecated.The connection URL to use when trying to connect to the database.
-
dbConnection
protected java.sql.Connection dbConnection
Deprecated.The connection to the database.
-
driver
protected java.sql.Driver driver
Deprecated.Instance of the JDBC Driver class we use as a connection factory.
-
driverName
protected java.lang.String driverName
Deprecated.The JDBC driver to use.
-
name
@Deprecated protected static final java.lang.String name
Deprecated.This will be removed in Tomcat 9 onwards.Descriptive information about this Realm implementation.- See Also:
- Constant Field Values
-
preparedCredentials
protected java.sql.PreparedStatement preparedCredentials
Deprecated.The PreparedStatement to use for authenticating users.
-
preparedRoles
protected java.sql.PreparedStatement preparedRoles
Deprecated.The PreparedStatement to use for identifying the roles for a specified user.
-
roleNameCol
protected java.lang.String roleNameCol
Deprecated.The column in the user role table that names a role
-
userCredCol
protected java.lang.String userCredCol
Deprecated.The column in the user table that holds the user's credentials
-
userNameCol
protected java.lang.String userNameCol
Deprecated.The column in the user table that holds the user's name
-
userRoleTable
protected java.lang.String userRoleTable
Deprecated.The table that holds the relation between user's and roles
-
userTable
protected java.lang.String userTable
Deprecated.The table that holds user data.
-
-
Method Detail
-
getConnectionName
public java.lang.String getConnectionName()
Deprecated.- Returns:
- the username to use to connect to the database.
-
setConnectionName
public void setConnectionName(java.lang.String connectionName)
Deprecated.Set the username to use to connect to the database.- Parameters:
connectionName- Username
-
getConnectionPassword
public java.lang.String getConnectionPassword()
Deprecated.- Returns:
- the password to use to connect to the database.
-
setConnectionPassword
public void setConnectionPassword(java.lang.String connectionPassword)
Deprecated.Set the password to use to connect to the database.- Parameters:
connectionPassword- User password
-
getConnectionURL
public java.lang.String getConnectionURL()
Deprecated.- Returns:
- the URL to use to connect to the database.
-
setConnectionURL
public void setConnectionURL(java.lang.String connectionURL)
Deprecated.Set the URL to use to connect to the database.- Parameters:
connectionURL- The new connection URL
-
getDriverName
public java.lang.String getDriverName()
Deprecated.- Returns:
- the JDBC driver that will be used.
-
setDriverName
public void setDriverName(java.lang.String driverName)
Deprecated.Set the JDBC driver that will be used.- Parameters:
driverName- The driver name
-
getRoleNameCol
public java.lang.String getRoleNameCol()
Deprecated.- Returns:
- the column in the user role table that names a role.
-
setRoleNameCol
public void setRoleNameCol(java.lang.String roleNameCol)
Deprecated.Set the column in the user role table that names a role.- Parameters:
roleNameCol- The column name
-
getUserCredCol
public java.lang.String getUserCredCol()
Deprecated.- Returns:
- the column in the user table that holds the user's credentials.
-
setUserCredCol
public void setUserCredCol(java.lang.String userCredCol)
Deprecated.Set the column in the user table that holds the user's credentials.- Parameters:
userCredCol- The column name
-
getUserNameCol
public java.lang.String getUserNameCol()
Deprecated.- Returns:
- the column in the user table that holds the user's name.
-
setUserNameCol
public void setUserNameCol(java.lang.String userNameCol)
Deprecated.Set the column in the user table that holds the user's name.- Parameters:
userNameCol- The column name
-
getUserRoleTable
public java.lang.String getUserRoleTable()
Deprecated.- Returns:
- the table that holds the relation between user's and roles.
-
setUserRoleTable
public void setUserRoleTable(java.lang.String userRoleTable)
Deprecated.Set the table that holds the relation between user's and roles.- Parameters:
userRoleTable- The table name
-
getUserTable
public java.lang.String getUserTable()
Deprecated.- Returns:
- the table that holds user data..
-
setUserTable
public void setUserTable(java.lang.String userTable)
Deprecated.Set the table that holds user data.- Parameters:
userTable- The table name
-
authenticate
public java.security.Principal authenticate(java.lang.String username, java.lang.String credentials)Deprecated.Return the Principal associated with the specified username and credentials, if there is one; otherwise returnnull. If there are any errors with the JDBC connection, executing the query or anything we return null (don't authenticate). This event is also logged, and the connection will be closed so that a subsequent request will automatically re-open it.- Specified by:
authenticatein interfaceRealm- Overrides:
authenticatein classRealmBase- Parameters:
username- Username of the Principal to look upcredentials- Password or other credentials to use in authenticating this username- Returns:
- the associated principal, or
nullif there is none.
-
authenticate
public java.security.Principal authenticate(java.sql.Connection dbConnection, java.lang.String username, java.lang.String credentials)Deprecated.Attempt to authenticate the user with the provided credentials.- Parameters:
dbConnection- The database connection to be usedusername- Username of the Principal to look upcredentials- Password or other credentials to use in authenticating this username- Returns:
- Return the Principal associated with the specified username and
credentials, if there is one; otherwise return
null.
-
isAvailable
public boolean isAvailable()
Deprecated.Description copied from interface:RealmReturn the availability of the realm for authentication.- Specified by:
isAvailablein interfaceRealm- Overrides:
isAvailablein classRealmBase- Returns:
trueif the realm is able to perform authentication
-
close
protected void close(java.sql.Connection dbConnection)
Deprecated.Close the specified database connection.- Parameters:
dbConnection- The connection to be closed
-
credentials
protected java.sql.PreparedStatement credentials(java.sql.Connection dbConnection, java.lang.String username) throws java.sql.SQLExceptionDeprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.- Parameters:
dbConnection- The database connection to be usedusername- Username for which credentials should be retrieved- Returns:
- the prepared statement
- Throws:
java.sql.SQLException- if a database error occurs
-
getName
@Deprecated protected java.lang.String getName()
Deprecated.
-
getPassword
protected java.lang.String getPassword(java.lang.String username)
Deprecated.Get the password for the specified user.- Specified by:
getPasswordin classRealmBase- Parameters:
username- The user name- Returns:
- the password associated with the given principal's user name.
-
getPrincipal
protected java.security.Principal getPrincipal(java.lang.String username)
Deprecated.Get the principal associated with the specified user.- Specified by:
getPrincipalin classRealmBase- Parameters:
username- The user name- Returns:
- the Principal associated with the given user name.
-
getRoles
protected java.util.ArrayList<java.lang.String> getRoles(java.lang.String username)
Deprecated.Return the roles associated with the given user name.- Parameters:
username- The user name- Returns:
- an array list of the role names
-
open
protected java.sql.Connection open() throws java.sql.SQLExceptionDeprecated.Open (if necessary) and return a database connection for use by this Realm.- Returns:
- the opened connection
- Throws:
java.sql.SQLException- if a database error occurs
-
roles
protected java.sql.PreparedStatement roles(java.sql.Connection dbConnection, java.lang.String username) throws java.sql.SQLExceptionDeprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.- Parameters:
dbConnection- The database connection to be usedusername- Username for which roles should be retrieved- Returns:
- the prepared statement
- Throws:
java.sql.SQLException- if a database error occurs
-
startInternal
protected void startInternal() throws LifecycleExceptionDeprecated.Prepare for the beginning of active use of the public methods of this component and implement the requirements ofLifecycleBase.startInternal().- Overrides:
startInternalin classRealmBase- Throws:
LifecycleException- if this component detects a fatal error that prevents this component from being used
-
stopInternal
protected void stopInternal() throws LifecycleExceptionDeprecated.Gracefully terminate the active use of the public methods of this component and implement the requirements ofLifecycleBase.stopInternal().- Overrides:
stopInternalin classRealmBase- Throws:
LifecycleException- if this component detects a fatal error that needs to be reported
-
-