|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.catalina.realm.RealmBase org.objectweb.jonas.security.realm.web.catalina55.JACC
public class JACC
Implementation of a Realm. (by a wrapper) Use any JOnAS realm by specifying the resource name This implementation manages the security with JACC specification It implements Cloneable to allow clones. Each context must have its own Realm. A realm can not be shared across different contexts or an engine. This is because each realm is associated to a permission manager Extends the Realmbase class of the Tomcat Server.
Nested Class Summary |
---|
Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase |
---|
org.apache.catalina.realm.RealmBase.AllRolesMode |
Field Summary |
---|
Fields inherited from class org.apache.catalina.realm.RealmBase |
---|
allRolesMode, container, containerLog, controller, digest, digestEncoding, domain, host, info, initialized, lifecycle, md, md5Encoder, md5Helper, mserver, oname, path, started, support, type, validate |
Fields inherited from interface org.apache.catalina.Lifecycle |
---|
AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, DESTROY_EVENT, INIT_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT |
Constructor Summary | |
---|---|
JACC()
|
Method Summary | |
---|---|
java.security.Principal |
authenticate(java.lang.String username,
java.lang.String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null . |
java.security.Principal |
authenticate(java.security.cert.X509Certificate[] cert)
Return the Principal associated with the specified chain of X509 client certificates. |
java.security.Principal |
authenticateJAAS(java.lang.String username,
java.lang.String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null . |
java.security.Principal |
authenticateResource(java.lang.String username,
java.lang.String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null . |
java.lang.Object |
clone()
Creates and returns a copy of this object. |
org.apache.catalina.deploy.SecurityConstraint[] |
findSecurityConstraints(org.apache.catalina.connector.Request request,
org.apache.catalina.Context context)
Return the SecurityConstraints configured to guard the request URI for this request, or null if there is no such constraint. |
java.lang.String |
getInfo()
Return descriptive information about this Realm implementation and the corresponding version number, in the format <description>/<version> . |
protected java.lang.String |
getName()
Return a short name for this Realm implementation. |
protected java.lang.String |
getPassword(java.lang.String username)
Return the password associated with the given principal's user name. |
PermissionManager |
getPermissionManager()
|
protected java.security.Principal |
getPrincipal(java.lang.String username)
Return the Principal associated with the given user name. |
java.lang.String |
getResourceName()
Return the resource name we will be using. |
boolean |
hasResourcePermission(org.apache.catalina.connector.Request request,
org.apache.catalina.connector.Response response,
org.apache.catalina.deploy.SecurityConstraint[] constraints,
org.apache.catalina.Context context)
Perform access control based on the specified authorization constraint. |
boolean |
hasRole(java.security.Principal principal,
java.lang.String role)
|
boolean |
hasUserDataPermission(org.apache.catalina.connector.Request request,
org.apache.catalina.connector.Response response,
org.apache.catalina.deploy.SecurityConstraint[] constraints)
Enforce any user data constraint required by the security constraint guarding this request URI. |
protected void |
log(java.lang.String message)
Log a message on the Logger associated with our Container (if any) |
void |
setContext(org.apache.catalina.Context context)
Set the context of this Realm. |
void |
setPermissionManager(PermissionManager permissionManager)
Set the permission manager used by this realm |
void |
setResourceName(java.lang.String resourceName)
Set the resource name we will be using. |
void |
start()
Prepare for active use of the public methods of this Component. |
void |
stop()
Gracefully shut down active use of the public methods of this Component. |
Methods inherited from class org.apache.catalina.realm.RealmBase |
---|
addLifecycleListener, addPropertyChangeListener, authenticate, authenticate, backgroundProcess, destroy, digest, Digest, findLifecycleListeners, getAllRolesMode, getContainer, getController, getDigest, getDigest, getDigestEncoding, getDomain, getObjectName, getPrincipal, getType, getValidate, hasMessageDigest, init, main, postDeregister, postRegister, preDeregister, preRegister, removeLifecycleListener, removePropertyChangeListener, setAllRolesMode, setContainer, setController, setDigest, setDigestEncoding, setValidate |
Methods inherited from class java.lang.Object |
---|
equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public JACC()
Method Detail |
---|
public java.lang.String getInfo()
<description>/<version>
.
getInfo
in interface org.apache.catalina.Realm
getInfo
in class org.apache.catalina.realm.RealmBase
public java.lang.String getResourceName()
public void setResourceName(java.lang.String resourceName)
resourceName
- The new resource namepublic void setPermissionManager(PermissionManager permissionManager)
permissionManager
- the permission manager to usepublic org.apache.catalina.deploy.SecurityConstraint[] findSecurityConstraints(org.apache.catalina.connector.Request request, org.apache.catalina.Context context)
null
if there is no such constraint.
findSecurityConstraints
in interface org.apache.catalina.Realm
findSecurityConstraints
in class org.apache.catalina.realm.RealmBase
request
- Request we are processingcontext
- Context the Request is mapped to
public boolean hasResourcePermission(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response, org.apache.catalina.deploy.SecurityConstraint[] constraints, org.apache.catalina.Context context) throws java.io.IOException
hasResourcePermission
in interface org.apache.catalina.Realm
hasResourcePermission
in class org.apache.catalina.realm.RealmBase
request
- Request we are processingresponse
- Response we are creatingconstraints
- Security constraint we are enforcingcontext
- The Context to which client of this class is attached.
true
if this constraint is satisfied and
processing should continue, or false
otherwise.
java.io.IOException
- if an input/output error occurspublic boolean hasRole(java.security.Principal principal, java.lang.String role)
hasRole
in interface org.apache.catalina.Realm
hasRole
in class org.apache.catalina.realm.RealmBase
principal
- Principal for whom the role is to be checkedrole
- Security role to be checked
true
if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false
. This method can be overridden by Realm
implementations, but the default is adequate when an instance of
GenericPrincipal
is used to represent
authenticated Principals from this Realm.public boolean hasUserDataPermission(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response, org.apache.catalina.deploy.SecurityConstraint[] constraints) throws java.io.IOException
hasUserDataPermission
in interface org.apache.catalina.Realm
hasUserDataPermission
in class org.apache.catalina.realm.RealmBase
request
- Request we are processingresponse
- Response we are creatingconstraints
- Security constraints being checked
true
if this constraint was not violated and
processing should continue, or false
if we have
created a response already.
java.io.IOException
- if an input/output error occurspublic java.security.Principal authenticate(java.lang.String username, java.lang.String credentials)
null
.
authenticate
in interface org.apache.catalina.Realm
authenticate
in class org.apache.catalina.realm.RealmBase
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in authenticating
this username
public java.security.Principal authenticateResource(java.lang.String username, java.lang.String credentials)
null
.
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in authenticating
this username
public java.security.Principal authenticateJAAS(java.lang.String username, java.lang.String credentials)
null
.
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in
authenticating this username
public java.security.Principal authenticate(java.security.cert.X509Certificate[] cert)
null
.
authenticate
in interface org.apache.catalina.Realm
authenticate
in class org.apache.catalina.realm.RealmBase
cert
- Array of client certificates, with the first one in the array
being the certificate of the client itself.
protected java.lang.String getName()
getName
in class org.apache.catalina.realm.RealmBase
protected java.lang.String getPassword(java.lang.String username)
getPassword
in class org.apache.catalina.realm.RealmBase
username
- the given principal's user name.
protected java.security.Principal getPrincipal(java.lang.String username)
getPrincipal
in class org.apache.catalina.realm.RealmBase
username
- the given principal's user name.
public void setContext(org.apache.catalina.Context context)
context
- Context for this realmpublic void start() throws org.apache.catalina.LifecycleException
start
in interface org.apache.catalina.Lifecycle
start
in class org.apache.catalina.realm.RealmBase
org.apache.catalina.LifecycleException
- if this component detects a fatal error
that prevents it from being startedpublic void stop() throws org.apache.catalina.LifecycleException
stop
in interface org.apache.catalina.Lifecycle
stop
in class org.apache.catalina.realm.RealmBase
org.apache.catalina.LifecycleException
- if this component detects a fatal error
that needs to be reportedprotected void log(java.lang.String message)
message
- Message to be loggedpublic java.lang.Object clone() throws java.lang.CloneNotSupportedException
clone
in class java.lang.Object
java.lang.CloneNotSupportedException
- if the copy failspublic PermissionManager getPermissionManager()
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |