org.apache.geronimo.tomcat.realm
Class TomcatEJBWSGeronimoRealm

java.lang.Object
  org.apache.catalina.realm.RealmBase
      org.apache.catalina.realm.JAASRealm
          org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm
              org.apache.geronimo.tomcat.realm.TomcatEJBWSGeronimoRealm

All Implemented Interfaces:

MBeanRegistration, org.apache.catalina.Lifecycle, org.apache.catalina.Realm

public class TomcatEJBWSGeronimoRealm
extends TomcatGeronimoRealm

TomcatEJBWSGeronimoRealm is intended only for use with ejb web services in tomcat. Tomcat appears to conflate the separate concepts of logging in and checking permissions into one class. This is wholly inappropriate for ejb web services, where logging in is handled by the web container but authorization is handled by the ejb container. This class "separates" the concerns by always authorizing everything.

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase

org.apache.catalina.realm.RealmBase.AllRolesMode

Field Summary

Fields inherited from class org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm

info, name

Fields inherited from class org.apache.catalina.realm.JAASRealm

appName, roleClasses, roleClassNames, sm, useContextClassLoader, userClasses, userClassNames

Fields inherited from class org.apache.catalina.realm.RealmBase

allRolesMode, container, containerLog, controller, digest, digestEncoding, domain, host, initialized, lifecycle, md, md5Encoder, md5Helper, mserver, oname, path, started, support, type, validate

Fields inherited from interface org.apache.catalina.Lifecycle

AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, DESTROY_EVENT, INIT_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT

Constructor Summary

TomcatEJBWSGeronimoRealm()

Method Summary

boolean	hasResourcePermission(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response, org.apache.catalina.deploy.SecurityConstraint[] constraints, org.apache.catalina.Context context) Perform access control based on the specified authorization constraint.
boolean	hasUserDataPermission(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response, org.apache.catalina.deploy.SecurityConstraint[] constraints) Enforce any user data constraint required by the security constraint guarding this request URI.

Methods inherited from class org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm

authenticate, authenticate, authenticate, hasRole, setRequestWrapperName, start, stop

Methods inherited from class org.apache.catalina.realm.JAASRealm

createPrincipal, getAppName, getName, getPassword, getPrincipal, getRoleClassNames, getUserClassNames, isUseContextClassLoader, makeLegalForJAAS, parseClassNames, setAppName, setContainer, setRoleClassNames, setUseContextClassLoader, setUserClassNames

Methods inherited from class org.apache.catalina.realm.RealmBase

addLifecycleListener, addPropertyChangeListener, authenticate, authenticate, backgroundProcess, destroy, digest, Digest, findLifecycleListeners, findSecurityConstraints, getAllRolesMode, getContainer, getController, getDigest, getDigest, getDigestEncoding, getDomain, getInfo, getObjectName, getPrincipal, getType, getValidate, hasMessageDigest, init, main, postDeregister, postRegister, preDeregister, preRegister, removeLifecycleListener, removePropertyChangeListener, setAllRolesMode, setController, setDigest, setDigestEncoding, setValidate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

TomcatEJBWSGeronimoRealm

public TomcatEJBWSGeronimoRealm()

Method Detail

hasResourcePermission

public boolean hasResourcePermission(org.apache.catalina.connector.Request request,
                                     org.apache.catalina.connector.Response response,
                                     org.apache.catalina.deploy.SecurityConstraint[] constraints,
                                     org.apache.catalina.Context context)
                              throws IOException

Description copied from class: TomcatGeronimoRealm

Perform access control based on the specified authorization constraint. Return true if this constraint is satisfied and processing should continue, or false otherwise.

Specified by:

hasResourcePermission in interface org.apache.catalina.Realm

Overrides:

hasResourcePermission in class TomcatGeronimoRealm

Parameters:

request - Request we are processing

response - Response we are creating

constraints - Security constraints we are enforcing

context - The Context to which client of this class is attached.

Throws:

IOException - if an input/output error occurs

hasUserDataPermission

public boolean hasUserDataPermission(org.apache.catalina.connector.Request request,
                                     org.apache.catalina.connector.Response response,
                                     org.apache.catalina.deploy.SecurityConstraint[] constraints)
                              throws IOException

Description copied from class: TomcatGeronimoRealm

Enforce any user data constraint required by the security constraint guarding this request URI. Return true if this constraint was not violated and processing should continue, or false if we have created a response already.

Specified by:

hasUserDataPermission in interface org.apache.catalina.Realm

Overrides:

hasUserDataPermission in class TomcatGeronimoRealm

Parameters:

request - Request we are processing

response - Response we are creating

constraints - Security constraint being checked

Throws:

IOException - if an input/output error occurs