org.apache.catalina.realm (Apache Tomcat 7.0.28 API Documentation)

Overview

Package

Class

Tree

Deprecated

Index

Help

Apache Tomcat 7.0.28

PREV PACKAGE NEXT PACKAGE

FRAMES NO FRAMES

Package org.apache.catalina.realm

This package contains Realm implementations for the various supported realm technologies for authenticating users and identifying their associated roles.

See:
Description

Interface Summary
X509UsernameRetriever	Provides an interface for retrieving a user name from an X509Certificate.

Class Summary
CombinedRealm	Realm implementation that contains one or more realms.
Constants	Manifest constants for this Java package.
DataSourceRealm	Implementation of Realm that works with any JDBC JNDI DataSource.
GenericPrincipal	Generic implementation of java.security.Principal that is available for use by `Realm` implementations.
JAASCallbackHandler	Implementation of the JAAS `CallbackHandler` interface, used to negotiate delivery of the username and credentials that were specified to our constructor.
JAASMemoryLoginModule	Implementation of the JAAS LoginModule interface, primarily for use in testing `JAASRealm`.
JAASRealm	Implementation of Realm that authenticates users via the Java Authentication and Authorization Service (JAAS).
JDBCRealm	Implementation of Realm that works with any JDBC supported database.
JNDIRealm	Implementation of Realm that works with a directory server accessed via the Java Naming and Directory Interface (JNDI) APIs.
JNDIRealm.User	A protected class representing a User
LockOutRealm	This class extends the CombinedRealm (hence it can wrap other Realms) to provide a user lock out mechanism if there are too many failed authentication attempts in a given period of time.
LockOutRealm.LockRecord
MemoryRealm	Simple implementation of Realm that reads an XML file to configure the valid users, passwords, and roles.
MemoryRuleSet	RuleSet for recognizing the users defined in the XML file processed by `MemoryRealm`.
NullRealm	Minimal Realm implementation that always returns null when an attempt is made to validate a user name and password.
RealmBase	Simple implementation of Realm that reads an XML file to configure the valid users, passwords, and roles.
RealmBase.AllRolesMode
UserDatabaseRealm	Implementation of `Realm` that is based on an implementation of `UserDatabase` made available through the global JNDI resources configured for this instance of Catalina.
X509SubjectDnRetriever	An X509UsernameRetriever that returns a certificate's entire SubjectDN as the username.

Package org.apache.catalina.realm Description

This package contains Realm implementations for the various supported realm technologies for authenticating users and identifying their associated roles. The Realm that is associated with a web application's Context (or a hierarchically superior Container) is used to resolve authentication and role presence questions when a web application uses container managed security as described in the Servlet API Specification, version 2.2.

The implementations share a common base class that supports basic functionality for all of the standard Realm implementations, and can be configured by setting the following properties (default values are in square brackets):

debug - Debugging detail level for this component. [0]

The standard Realm implementations that are currently available include the following (with additional configuration properties as specified):

JDBCRealm - Implementation of Realm that operates from data stored in a relational database that is accessed via a JDBC driver. The name of the driver, database connection information, and the names of the relevant tables and columns are configured with the following additional properties:
- connectionURL - The URL to use when connecting to this database. [REQUIRED - NO DEFAULT]
- driverName - Fully qualified Java class name of the JDBC driver to be used. [REQUIRED - NO DEFAULT]
- roleNameCol - Name of the database column that contains role names. [REQUIRED - NO DEFAULT]
- userCredCol - Name of the database column that contains the user's credentials (i.e. password) in cleartext. [REQUIRED - NO DEFAULT]
- userNameCol - Name of the database column that contains the user's logon username. [REQUIRED - NO DEFAULT]
- userRoleTable - Name of the database table containing user role information. This table must include the columns specified by the userNameCol and roleNameCol properties. [REQUIRED - NO DEFAULT]
- userTable - Name of the database table containing user information. This table must include the columns specified by the userNameCol and userCredCol properties. [REQUIRED - NO DEFAULT]
MemoryRealm - Implementation of Realm that uses the contents of a simple XML file (conf/tomcat-users.xml) as the list of valid users and their roles. This implementation is primarily to demonstrate that the authentication technology functions correctly, and is not anticipated as adequate for general purpose use. This component supports the following additional properties:
- pathname - Pathname of the XML file containing our user and role information. If a relative pathname is specified, it is resolved against the pathname specified by the "catalina.home" system property. [conf/tomcat-users.xml]