Overview  Package   Class  Tree  Deprecated  Index  Help 
Apache Tomcat 7.0.28
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.catalina.realm
Class CombinedRealm

java.lang.Object
  extended by org.apache.catalina.util.LifecycleBase
      extended by org.apache.catalina.util.LifecycleMBeanBase
          extended by org.apache.catalina.realm.RealmBase
              extended by org.apache.catalina.realm.CombinedRealm
All Implemented Interfaces:
MBeanRegistration, Lifecycle, Realm
Direct Known Subclasses:
LockOutRealm
public class CombinedRealm
extends RealmBase

Realm implementation that contains one or more realms. Authentication is attempted for each realm in the order they were configured. If any realm authenticates the user then the authentication succeeds. When combining realms usernames should be unique across all combined realms.

Nested Class Summary
 
Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase
RealmBase.AllRolesMode
 
Field Summary
protected static String name
          Descriptive information about this Realm implementation.
protected  List<Realm> realms
          The list of Realms contained by this Realm.
 
Fields inherited from class org.apache.catalina.realm.RealmBase
allRolesMode, container, containerLog, digest, digestEncoding, info, md, md5Encoder, md5Helper, realmPath, sm, stripRealmForGss, support, validate, x509UsernameRetriever, x509UsernameRetrieverClassName
 
Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase
mserver
 
Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
 
Constructor Summary
CombinedRealm()
           
 
Method Summary
 void addRealm(Realm theRealm)
          Add a realm to the list of realms that will be used to authenticate users.
 Principal authenticate(GSSContext gssContext, boolean storeCreds)
          Return the Principal associated with the specified GSSContext.
 Principal authenticate(String username, String credentials)
          Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.
 Principal authenticate(String username, String clientDigest, String nonce, String nc, String cnonce, String qop, String realmName, String md5a2)
          Return the Principal associated with the specified username, which matches the digest calculated using the given parameters using the method described in RFC 2069; otherwise return null.
 Principal authenticate(X509Certificate[] certs)
          Return the Principal associated with the specified chain of X509 client certificates.
protected  String getName()
          Return a short name for this Realm implementation, for use in log messages.
protected  String getPassword(String username)
          Return the password associated with the given principal's user name.
protected  Principal getPrincipal(String username)
          Return the Principal associated with the given user name.
 ObjectName[] getRealms()
          Return the set of Realms that this Realm is wrapping
 void setContainer(Container container)
          Set the Container with which this Realm has been associated.
protected  void startInternal()
          Prepare for the beginning of active use of the public methods of this component and implement the requirements of LifecycleBase.startInternal().
protected  void stopInternal()
          Gracefully terminate the active use of the public methods of this component and implement the requirements of LifecycleBase.stopInternal().
 
Methods inherited from class org.apache.catalina.realm.RealmBase
addPropertyChangeListener, backgroundProcess, digest, Digest, findSecurityConstraints, getAllRolesMode, getContainer, getDigest, getDigest, getDigestCharset, getDigestEncoding, getDomainInternal, getInfo, getObjectNameKeyProperties, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getServer, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasUserDataPermission, initInternal, isStripRealmForGss, main, removePropertyChangeListener, setAllRolesMode, setDigest, setDigestEncoding, setRealmPath, setStripRealmForGss, setValidate, setX509UsernameRetrieverClassName, toString
 
Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister
 
Methods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, init, removeLifecycleListener, setState, setState, start, stop
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

realms

protected List<Realm> realms
The list of Realms contained by this Realm.

name

protected static final String name
Descriptive information about this Realm implementation.

See Also:
Constant Field Values
Constructor Detail

CombinedRealm

public CombinedRealm()
Method Detail

addRealm

public void addRealm(Realm theRealm)
Add a realm to the list of realms that will be used to authenticate users.

getRealms

public ObjectName[] getRealms()
Return the set of Realms that this Realm is wrapping

authenticate

public Principal authenticate(String username,
                              String clientDigest,
                              String nonce,
                              String nc,
                              String cnonce,
                              String qop,
                              String realmName,
                              String md5a2)
Return the Principal associated with the specified username, which matches the digest calculated using the given parameters using the method described in RFC 2069; otherwise return null.

Specified by:
authenticate in interface Realm
Overrides:
authenticate in class RealmBase
Parameters:
username - Username of the Principal to look up
clientDigest - Digest which has been submitted by the client
nonce - Unique (or supposedly unique) token which has been used for this request
realmName - Realm name
md5a2 - Second MD5 digest used to calculate the digest : MD5(Method + ":" + uri)

authenticate

public Principal authenticate(String username,
                              String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.

Specified by:
authenticate in interface Realm
Overrides:
authenticate in class RealmBase
Parameters:
username - Username of the Principal to look up
credentials - Password or other credentials to use in authenticating this username

setContainer

public void setContainer(Container container)
Set the Container with which this Realm has been associated.

Specified by:
setContainer in interface Realm
Overrides:
setContainer in class RealmBase
Parameters:
container - The associated Container

startInternal

protected void startInternal()
                      throws LifecycleException
Prepare for the beginning of active use of the public methods of this component and implement the requirements of LifecycleBase.startInternal().

Overrides:
startInternal in class RealmBase
Throws:
LifecycleException - if this component detects a fatal error that prevents this component from being used

stopInternal

protected void stopInternal()
                     throws LifecycleException
Gracefully terminate the active use of the public methods of this component and implement the requirements of LifecycleBase.stopInternal().

Overrides:
stopInternal in class RealmBase
Throws:
LifecycleException - if this component detects a fatal error that needs to be reported

authenticate

public Principal authenticate(X509Certificate[] certs)
Return the Principal associated with the specified chain of X509 client certificates. If there is none, return null.

Specified by:
authenticate in interface Realm
Overrides:
authenticate in class RealmBase
Parameters:
certs - Array of client certificates, with the first one in the array being the certificate of the client itself.

authenticate

public Principal authenticate(GSSContext gssContext,
                              boolean storeCreds)
Return the Principal associated with the specified GSSContext. If there is none, return null.

Specified by:
authenticate in interface Realm
Overrides:
authenticate in class RealmBase
Parameters:
gssContext - The gssContext processed by the Authenticator.
storeCreds - Should the realm attempt to store the delegated credentials in the returned Principal?

getName

protected String getName()
Description copied from class: RealmBase
Return a short name for this Realm implementation, for use in log messages.

Specified by:
getName in class RealmBase

getPassword

protected String getPassword(String username)
Description copied from class: RealmBase
Return the password associated with the given principal's user name.

Specified by:
getPassword in class RealmBase

getPrincipal

protected Principal getPrincipal(String username)
Description copied from class: RealmBase
Return the Principal associated with the given user name.

Specified by:
getPrincipal in class RealmBase
Overview  Package   Class  Tree  Deprecated  Index  Help 
Apache Tomcat 7.0.28
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2000-2012 Apache Software Foundation. All Rights Reserved.