org.apache.geronimo.tomcat.realm
Class TomcatGeronimoRealm

java.lang.Object
  org.apache.catalina.realm.RealmBase
      org.apache.catalina.realm.JAASRealm
          org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm

All Implemented Interfaces:

MBeanRegistration, org.apache.catalina.Lifecycle, org.apache.catalina.Realm

Direct Known Subclasses:

TomcatEJBWSGeronimoRealm

public class TomcatGeronimoRealm
extends org.apache.catalina.realm.JAASRealm

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase

org.apache.catalina.realm.RealmBase.AllRolesMode

Field Summary

protected static String	info Descriptive information about this Realm implementation.
protected static String	name Descriptive information about this Realm implementation.

Fields inherited from class org.apache.catalina.realm.JAASRealm

appName, roleClasses, roleClassNames, sm, useContextClassLoader, userClasses, userClassNames

Fields inherited from class org.apache.catalina.realm.RealmBase

allRolesMode, container, containerLog, controller, digest, digestEncoding, domain, host, initialized, lifecycle, md, md5Encoder, md5Helper, mserver, oname, path, started, support, type, validate

Fields inherited from interface org.apache.catalina.Lifecycle

AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, DESTROY_EVENT, INIT_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT

Constructor Summary

TomcatGeronimoRealm()

Method Summary

Principal	authenticate(CallbackHandler callbackHandler, String principalName)
Principal	authenticate(String username, String credentials) Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.
Principal	authenticate(X509Certificate[] certs)
boolean	hasResourcePermission(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response, org.apache.catalina.deploy.SecurityConstraint[] constraints, org.apache.catalina.Context context) Perform access control based on the specified authorization constraint.
boolean	hasRole(Principal principal, String role) Return true if the specified Principal has the specified security role, within the context of this Realm; otherwise return false.
boolean	hasUserDataPermission(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response, org.apache.catalina.deploy.SecurityConstraint[] constraints) Enforce any user data constraint required by the security constraint guarding this request URI.
static String	setRequestWrapperName(String requestWrapperName)
void	start() Prepare for active use of the public methods of this Component.
void	stop() Gracefully shut down active use of the public methods of this Component.

Methods inherited from class org.apache.catalina.realm.JAASRealm

createPrincipal, getAppName, getName, getPassword, getPrincipal, getRoleClassNames, getUserClassNames, isUseContextClassLoader, makeLegalForJAAS, parseClassNames, setAppName, setContainer, setRoleClassNames, setUseContextClassLoader, setUserClassNames

Methods inherited from class org.apache.catalina.realm.RealmBase

addLifecycleListener, addPropertyChangeListener, authenticate, authenticate, backgroundProcess, destroy, digest, Digest, findLifecycleListeners, findSecurityConstraints, getAllRolesMode, getContainer, getController, getDigest, getDigest, getDigestEncoding, getDomain, getInfo, getObjectName, getPrincipal, getType, getValidate, hasMessageDigest, init, main, postDeregister, postRegister, preDeregister, preRegister, removeLifecycleListener, removePropertyChangeListener, setAllRolesMode, setController, setDigest, setDigestEncoding, setValidate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

info

protected static final String info

Descriptive information about this Realm implementation.

See Also:

Constant Field Values

name

protected static final String name

Descriptive information about this Realm implementation.

See Also:

Constant Field Values

Constructor Detail

TomcatGeronimoRealm

public TomcatGeronimoRealm()

Method Detail

setRequestWrapperName

public static String setRequestWrapperName(String requestWrapperName)

hasUserDataPermission

public boolean hasUserDataPermission(org.apache.catalina.connector.Request request,
                                     org.apache.catalina.connector.Response response,
                                     org.apache.catalina.deploy.SecurityConstraint[] constraints)
                              throws IOException

Enforce any user data constraint required by the security constraint guarding this request URI. Return true if this constraint was not violated and processing should continue, or false if we have created a response already.

Specified by:

hasUserDataPermission in interface org.apache.catalina.Realm

Overrides:

hasUserDataPermission in class org.apache.catalina.realm.RealmBase

Parameters:

request - Request we are processing

response - Response we are creating

constraints - Security constraint being checked

Throws:

IOException - if an input/output error occurs

hasResourcePermission

public boolean hasResourcePermission(org.apache.catalina.connector.Request request,
                                     org.apache.catalina.connector.Response response,
                                     org.apache.catalina.deploy.SecurityConstraint[] constraints,
                                     org.apache.catalina.Context context)
                              throws IOException

Perform access control based on the specified authorization constraint. Return true if this constraint is satisfied and processing should continue, or false otherwise.

Specified by:

hasResourcePermission in interface org.apache.catalina.Realm

Overrides:

hasResourcePermission in class org.apache.catalina.realm.RealmBase

Parameters:

request - Request we are processing

response - Response we are creating

constraints - Security constraints we are enforcing

context - The Context to which client of this class is attached.

Throws:

IOException - if an input/output error occurs

hasRole

public boolean hasRole(Principal principal,
                       String role)

Return true if the specified Principal has the specified security role, within the context of this Realm; otherwise return false.

Specified by:

hasRole in interface org.apache.catalina.Realm

Overrides:

hasRole in class org.apache.catalina.realm.RealmBase

Parameters:

principal - Principal for whom the role is to be checked

role - Security role to be checked

authenticate

public Principal authenticate(String username,
                              String credentials)

Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.

If there are any errors with the JDBC connection, executing the query or anything we return null (don't authenticate). This event is also logged, and the connection will be closed so that a subsequent request will automatically re-open it.

Specified by:

authenticate in interface org.apache.catalina.Realm

Overrides:

authenticate in class org.apache.catalina.realm.JAASRealm

Parameters:

username - Username of the Principal to look up

credentials - Password or other credentials to use in authenticating this username

authenticate

public Principal authenticate(X509Certificate[] certs)

Specified by:

authenticate in interface org.apache.catalina.Realm

Overrides:

authenticate in class org.apache.catalina.realm.RealmBase

authenticate

public Principal authenticate(CallbackHandler callbackHandler,
                              String principalName)

start

public void start()
           throws org.apache.catalina.LifecycleException

Prepare for active use of the public methods of this Component.

Specified by:

start in interface org.apache.catalina.Lifecycle

Overrides:

start in class org.apache.catalina.realm.JAASRealm

Throws:

org.apache.catalina.LifecycleException - if this component detects a fatal error that prevents it from being started

stop

public void stop()
          throws org.apache.catalina.LifecycleException

Gracefully shut down active use of the public methods of this Component.

Specified by:

stop in interface org.apache.catalina.Lifecycle

Overrides:

stop in class org.apache.catalina.realm.JAASRealm

Throws:

org.apache.catalina.LifecycleException - if this component detects a fatal error that needs to be reported