|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.catalina.realm.RealmBase
org.objectweb.jonas.security.realm.web.catalina50.JACC
Implementation of a Realm. (by a wrapper) Use any JOnAS realm by specifying the resource name This implementation manages the security with JACC specification It implements Cloneable to allow clones. Each context must have its own Realm. A realm can not be shared across different contexts or an engine. This is because each realm is associated to a permission manager Extends the Realmbase class of the Tomcat Server.
Field Summary |
Fields inherited from class org.apache.catalina.realm.RealmBase |
container, controller, debug, digest, domain, host, info, initialized, lifecycle, md, md5Encoder, md5Helper, mserver, oname, path, started, support, type, validate |
Fields inherited from interface org.apache.catalina.Lifecycle |
AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, START_EVENT, STOP_EVENT |
Constructor Summary | |
JACC()
|
Method Summary | |
java.security.Principal |
authenticate(java.lang.String username,
java.lang.String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null . |
java.security.Principal |
authenticate(java.security.cert.X509Certificate[] cert)
Return the Principal associated with the specified chain of X509 client certificates. |
java.lang.Object |
clone()
Creates and returns a copy of this object. |
org.apache.catalina.deploy.SecurityConstraint[] |
findSecurityConstraints(org.apache.catalina.HttpRequest request,
org.apache.catalina.Context context)
Return the SecurityConstraints configured to guard the request URI for this request, or null if there is no such constraint. |
java.lang.String |
getInfo()
Return descriptive information about this Realm implementation and the corresponding version number, in the format <description>/<version> . |
protected java.lang.String |
getName()
Return a short name for this Realm implementation. |
protected java.lang.String |
getPassword(java.lang.String username)
Return the password associated with the given principal's user name. |
protected java.security.Principal |
getPrincipal(java.lang.String username)
Return the Principal associated with the given user name. |
java.lang.String |
getResourceName()
Return the resource name we will be using. |
boolean |
hasResourcePermission(org.apache.catalina.HttpRequest request,
org.apache.catalina.HttpResponse response,
org.apache.catalina.deploy.SecurityConstraint[] constraints,
org.apache.catalina.Context context)
Perform access control based on the specified authorization constraint. |
boolean |
hasRole(java.security.Principal principal,
java.lang.String role)
Return true if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false . |
boolean |
hasUserDataPermission(org.apache.catalina.HttpRequest request,
org.apache.catalina.HttpResponse response,
org.apache.catalina.deploy.SecurityConstraint[] constraints)
Enforce any user data constraint required by the security constraint guarding this request URI. |
protected void |
log(java.lang.String message)
Log a message on the Logger associated with our Container (if any) |
void |
setContext(org.apache.catalina.Context context)
Set the context of this Realm This is used to retrieve xml information of the web.xml file |
void |
setPermissionManager(PermissionManager permissionManager)
Set the permission manager used by this realm |
void |
setResourceName(java.lang.String resourceName)
Set the resource name we will be using. |
void |
start()
Prepare for active use of the public methods of this Component. |
void |
stop()
Gracefully shut down active use of the public methods of this Component. |
Methods inherited from class org.apache.catalina.realm.RealmBase |
addLifecycleListener, addPropertyChangeListener, authenticate, authenticate, destroy, digest, Digest, findLifecycleListeners, getContainer, getController, getDebug, getDigest, getDigest, getDomain, getObjectName, getType, getValidate, hasMessageDigest, init, log, main, postDeregister, postRegister, preDeregister, preRegister, removeLifecycleListener, removePropertyChangeListener, setContainer, setController, setDebug, setDigest, setValidate |
Methods inherited from class java.lang.Object |
equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public JACC()
Method Detail |
public java.lang.String getInfo()
<description>/<version>
.
getInfo
in interface org.apache.catalina.Realm
public java.lang.String getResourceName()
public void setResourceName(java.lang.String resourceName)
resourceName
- The new resource namepublic void setPermissionManager(PermissionManager permissionManager)
permissionManager
- the permission manager to usepublic org.apache.catalina.deploy.SecurityConstraint[] findSecurityConstraints(org.apache.catalina.HttpRequest request, org.apache.catalina.Context context)
null
if there is no such constraint.
findSecurityConstraints
in interface org.apache.catalina.Realm
request
- Request we are processingcontext
- Context the Request is mapped topublic boolean hasResourcePermission(org.apache.catalina.HttpRequest request, org.apache.catalina.HttpResponse response, org.apache.catalina.deploy.SecurityConstraint[] constraints, org.apache.catalina.Context context) throws java.io.IOException
true
if this constraint is satisfied and processing
should continue, or false
otherwise.
hasResourcePermission
in interface org.apache.catalina.Realm
request
- Request we are processingresponse
- Response we are creating
java.io.IOException
- if an input/output error occurspublic boolean hasRole(java.security.Principal principal, java.lang.String role)
true
if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false
. This method can be overridden by Realm
implementations, but the default is adequate when an instance of
GenericPrincipal
is used to represent authenticated
Principals from this Realm.
hasRole
in interface org.apache.catalina.Realm
principal
- Principal for whom the role is to be checkedrole
- Security role to be checkedpublic boolean hasUserDataPermission(org.apache.catalina.HttpRequest request, org.apache.catalina.HttpResponse response, org.apache.catalina.deploy.SecurityConstraint[] constraints) throws java.io.IOException
true
if this constraint
was not violated and processing should continue, or false
if we have created a response already.
hasUserDataPermission
in interface org.apache.catalina.Realm
request
- Request we are processingresponse
- Response we are creating
java.io.IOException
- if an input/output error occurspublic java.security.Principal authenticate(java.lang.String username, java.lang.String credentials)
null
.
authenticate
in interface org.apache.catalina.Realm
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in
authenticating this username
public java.security.Principal authenticate(java.security.cert.X509Certificate[] cert)
null
.
authenticate
in interface org.apache.catalina.Realm
cert
- Array of client certificates, with the first one in
the array being the certificate of the client itself.
protected java.lang.String getName()
protected java.lang.String getPassword(java.lang.String username)
username
- the given principal's user name.
protected java.security.Principal getPrincipal(java.lang.String username)
username
- the given principal's user name.
public void setContext(org.apache.catalina.Context context)
public void start() throws org.apache.catalina.LifecycleException
start
in interface org.apache.catalina.Lifecycle
org.apache.catalina.LifecycleException
- if this component detects a fatal error
that prevents it from being startedpublic void stop() throws org.apache.catalina.LifecycleException
stop
in interface org.apache.catalina.Lifecycle
org.apache.catalina.LifecycleException
- if this component detects a fatal error
that needs to be reportedprotected void log(java.lang.String message)
message
- Message to be loggedpublic java.lang.Object clone() throws java.lang.CloneNotSupportedException
java.lang.CloneNotSupportedException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |