|
Apache Tomcat 7.0.28 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface Realm
A Realm is a read-only facade for an underlying security realm used to authenticate individual users, and identify the security roles associated with those users. Realms can be attached at any Container level, but will typically only be attached to a Context, or higher level, Container.
Method Summary | |
---|---|
void |
addPropertyChangeListener(PropertyChangeListener listener)
Add a property change listener to this component. |
Principal |
authenticate(GSSContext gssContext,
boolean storeCreds)
Return the Principal associated with the specified GSSContext . |
Principal |
authenticate(String username,
String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null . |
Principal |
authenticate(String username,
String digest,
String nonce,
String nc,
String cnonce,
String qop,
String realm,
String md5a2)
Return the Principal associated with the specified username, which matches the digest calculated using the given parameters using the method described in RFC 2069; otherwise return null . |
Principal |
authenticate(X509Certificate[] certs)
Return the Principal associated with the specified chain of X509 client certificates. |
void |
backgroundProcess()
Execute a periodic task, such as reloading, etc. |
SecurityConstraint[] |
findSecurityConstraints(Request request,
Context context)
Return the SecurityConstraints configured to guard the request URI for this request, or null if there is no such constraint. |
Container |
getContainer()
Return the Container with which this Realm has been associated. |
String |
getInfo()
Return descriptive information about this Realm implementation and the corresponding version number, in the format <description>/<version> . |
boolean |
hasResourcePermission(Request request,
Response response,
SecurityConstraint[] constraint,
Context context)
Perform access control based on the specified authorization constraint. |
boolean |
hasRole(Wrapper wrapper,
Principal principal,
String role)
Return true if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false . |
boolean |
hasUserDataPermission(Request request,
Response response,
SecurityConstraint[] constraint)
Enforce any user data constraint required by the security constraint guarding this request URI. |
void |
removePropertyChangeListener(PropertyChangeListener listener)
Remove a property change listener from this component. |
void |
setContainer(Container container)
Set the Container with which this Realm has been associated. |
Method Detail |
---|
Container getContainer()
void setContainer(Container container)
container
- The associated ContainerString getInfo()
<description>/<version>
.
void addPropertyChangeListener(PropertyChangeListener listener)
listener
- The listener to addPrincipal authenticate(String username, String credentials)
null
.
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in
authenticating this usernamePrincipal authenticate(String username, String digest, String nonce, String nc, String cnonce, String qop, String realm, String md5a2)
null
.
username
- Username of the Principal to look updigest
- Digest which has been submitted by the clientnonce
- Unique (or supposedly unique) token which has been used
for this requestrealm
- Realm namemd5a2
- Second MD5 digest used to calculate the digest :
MD5(Method + ":" + uri)Principal authenticate(GSSContext gssContext, boolean storeCreds)
GSSContext
.
If there is none, return null
.
gssContext
- The gssContext processed by the Authenticator
.storeCreds
- Should the realm attempt to store the delegated
credentials in the returned Principal?Principal authenticate(X509Certificate[] certs)
null
.
certs
- Array of client certificates, with the first one in
the array being the certificate of the client itself.void backgroundProcess()
SecurityConstraint[] findSecurityConstraints(Request request, Context context)
null
if there is no such constraint.
request
- Request we are processingboolean hasResourcePermission(Request request, Response response, SecurityConstraint[] constraint, Context context) throws IOException
true
if this constraint is satisfied and processing
should continue, or false
otherwise.
request
- Request we are processingresponse
- Response we are creatingconstraint
- Security constraint we are enforcingcontext
- The Context to which client of this class is attached.
IOException
- if an input/output error occursboolean hasRole(Wrapper wrapper, Principal principal, String role)
true
if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false
.
wrapper
- wrapper context for evaluating roleprincipal
- Principal for whom the role is to be checkedrole
- Security role to be checkedboolean hasUserDataPermission(Request request, Response response, SecurityConstraint[] constraint) throws IOException
true
if this constraint
was not violated and processing should continue, or false
if we have created a response already.
request
- Request we are processingresponse
- Response we are creatingconstraint
- Security constraint being checked
IOException
- if an input/output error occursvoid removePropertyChangeListener(PropertyChangeListener listener)
listener
- The listener to remove
|
Apache Tomcat 7.0.28 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |