|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.catalina.realm.RealmBase org.objectweb.jonas.security.realm.web.catalina55.JACC
Implementation of a Realm. (by a wrapper) Use any JOnAS realm by specifying the resource name This implementation manages the security with JACC specification It implements Cloneable to allow clones. Each context must have its own Realm. A realm can not be shared across different contexts or an engine. This is because each realm is associated to a permission manager Extends the Realmbase class of the Tomcat Server.
Nested Class Summary |
Nested classes inherited from class org.apache.catalina.realm.RealmBase |
org.apache.catalina.realm.RealmBase.AllRolesMode |
Field Summary |
Fields inherited from class org.apache.catalina.realm.RealmBase |
allRolesMode, container, containerLog, controller, digest, digestEncoding, domain, host, info, initialized, lifecycle, md, md5Encoder, md5Helper, mserver, oname, path, started, support, type, validate |
Fields inherited from interface org.apache.catalina.Lifecycle |
AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, DESTROY_EVENT, INIT_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT |
Constructor Summary | |
JACC()
|
Method Summary | |
java.security.Principal |
authenticate(java.lang.String username,
java.lang.String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null . |
java.security.Principal |
authenticate(java.security.cert.X509Certificate[] cert)
Return the Principal associated with the specified chain of X509 client certificates. |
java.security.Principal |
authenticateJAAS(java.lang.String username,
java.lang.String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null . |
java.security.Principal |
authenticateResource(java.lang.String username,
java.lang.String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null . |
java.lang.Object |
clone()
Creates and returns a copy of this object. |
org.apache.catalina.deploy.SecurityConstraint[] |
findSecurityConstraints(org.apache.catalina.connector.Request request,
org.apache.catalina.Context context)
Return the SecurityConstraints configured to guard the request URI for this request, or null if there is no such constraint. |
java.lang.String |
getInfo()
Return descriptive information about this Realm implementation and the corresponding version number, in the format <description>/<version> . |
protected java.lang.String |
getName()
Return a short name for this Realm implementation. |
protected java.lang.String |
getPassword(java.lang.String username)
Return the password associated with the given principal's user name. |
PermissionManager |
getPermissionManager()
|
protected java.security.Principal |
getPrincipal(java.lang.String username)
Return the Principal associated with the given user name. |
java.lang.String |
getResourceName()
Return the resource name we will be using. |
boolean |
hasResourcePermission(org.apache.catalina.connector.Request request,
org.apache.catalina.connector.Response response,
org.apache.catalina.deploy.SecurityConstraint[] constraints,
org.apache.catalina.Context context)
Perform access control based on the specified authorization constraint. |
boolean |
hasRole(java.security.Principal principal,
java.lang.String role)
|
boolean |
hasUserDataPermission(org.apache.catalina.connector.Request request,
org.apache.catalina.connector.Response response,
org.apache.catalina.deploy.SecurityConstraint[] constraints)
Enforce any user data constraint required by the security constraint guarding this request URI. |
protected void |
log(java.lang.String message)
Log a message on the Logger associated with our Container (if any) |
void |
setContext(org.apache.catalina.Context context)
Set the context of this Realm. |
void |
setPermissionManager(PermissionManager permissionManager)
Set the permission manager used by this realm |
void |
setResourceName(java.lang.String resourceName)
Set the resource name we will be using. |
void |
start()
Prepare for active use of the public methods of this Component. |
void |
stop()
Gracefully shut down active use of the public methods of this Component. |
Methods inherited from class org.apache.catalina.realm.RealmBase |
addLifecycleListener, addPropertyChangeListener, authenticate, authenticate, backgroundProcess, destroy, digest, Digest, findLifecycleListeners, getAllRolesMode, getContainer, getController, getDigest, getDigest, getDigestEncoding, getDomain, getObjectName, getPrincipal, getType, getValidate, hasMessageDigest, init, main, postDeregister, postRegister, preDeregister, preRegister, removeLifecycleListener, removePropertyChangeListener, setAllRolesMode, setContainer, setController, setDigest, setDigestEncoding, setValidate |
Methods inherited from class java.lang.Object |
equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public JACC()
Method Detail |
public java.lang.String getInfo()
<description>/<version>
.
getInfo
in interface org.apache.catalina.Realm
public java.lang.String getResourceName()
public void setResourceName(java.lang.String resourceName)
resourceName
- The new resource namepublic void setPermissionManager(PermissionManager permissionManager)
permissionManager
- the permission manager to usepublic org.apache.catalina.deploy.SecurityConstraint[] findSecurityConstraints(org.apache.catalina.connector.Request request, org.apache.catalina.Context context)
null
if there is no such constraint.
findSecurityConstraints
in interface org.apache.catalina.Realm
request
- Request we are processingcontext
- Context the Request is mapped to
public boolean hasResourcePermission(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response, org.apache.catalina.deploy.SecurityConstraint[] constraints, org.apache.catalina.Context context) throws java.io.IOException
hasResourcePermission
in interface org.apache.catalina.Realm
request
- Request we are processingresponse
- Response we are creatingconstraints
- Security constraint we are enforcingcontext
- The Context to which client of this class is attached.
true
if this constraint is satisfied and
processing should continue, or false
otherwise.
java.io.IOException
- if an input/output error occurspublic boolean hasRole(java.security.Principal principal, java.lang.String role)
hasRole
in interface org.apache.catalina.Realm
principal
- Principal for whom the role is to be checkedrole
- Security role to be checked
true
if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false
. This method can be overridden by Realm
implementations, but the default is adequate when an instance of
GenericPrincipal
is used to represent
authenticated Principals from this Realm.public boolean hasUserDataPermission(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response, org.apache.catalina.deploy.SecurityConstraint[] constraints) throws java.io.IOException
hasUserDataPermission
in interface org.apache.catalina.Realm
request
- Request we are processingresponse
- Response we are creatingconstraints
- Security constraints being checked
true
if this constraint was not violated and
processing should continue, or false
if we have
created a response already.
java.io.IOException
- if an input/output error occurspublic java.security.Principal authenticate(java.lang.String username, java.lang.String credentials)
null
.
authenticate
in interface org.apache.catalina.Realm
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in authenticating
this username
public java.security.Principal authenticateResource(java.lang.String username, java.lang.String credentials)
null
.
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in authenticating
this username
public java.security.Principal authenticateJAAS(java.lang.String username, java.lang.String credentials)
null
.
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in
authenticating this username
public java.security.Principal authenticate(java.security.cert.X509Certificate[] cert)
null
.
authenticate
in interface org.apache.catalina.Realm
cert
- Array of client certificates, with the first one in the array
being the certificate of the client itself.
protected java.lang.String getName()
protected java.lang.String getPassword(java.lang.String username)
username
- the given principal's user name.
protected java.security.Principal getPrincipal(java.lang.String username)
username
- the given principal's user name.
public void setContext(org.apache.catalina.Context context)
context
- Context for this realmpublic void start() throws org.apache.catalina.LifecycleException
start
in interface org.apache.catalina.Lifecycle
org.apache.catalina.LifecycleException
- if this component detects a fatal error
that prevents it from being startedpublic void stop() throws org.apache.catalina.LifecycleException
stop
in interface org.apache.catalina.Lifecycle
org.apache.catalina.LifecycleException
- if this component detects a fatal error
that needs to be reportedprotected void log(java.lang.String message)
message
- Message to be loggedpublic java.lang.Object clone() throws java.lang.CloneNotSupportedException
java.lang.CloneNotSupportedException
- if the copy failspublic PermissionManager getPermissionManager()
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |