org.apache.catalina
Interface Realm
- DataSourceRealm, JAASMemoryLoginModule, JAASRealm, JDBCRealm, JNDIRealm, MemoryRealm, RealmBase, UserDatabaseRealm
A Realm is a read-only facade for an underlying security realm
used to authenticate individual users, and identify the security roles
associated with those users. Realms can be attached at any Container
level, but will typically only be attached to a Context, or higher level,
Container.
Version:
- Craig R. McClanahan
void | addPropertyChangeListener(PropertyChangeListener listener) - Add a property change listener to this component.
|
Principal | authenticate(String username, String credentials) - Return the Principal associated with the specified username and
credentials, if there is one; otherwise return
null .
|
Principal | authenticate(String username, String digest, String nonce, String nc, String cnonce, String qop, String realm, String md5a2) - Return the Principal associated with the specified username, which
matches the digest calculated using the given parameters using the
method described in RFC 2069; otherwise return
null .
|
Principal | authenticate(String username, byte[] credentials) - Return the Principal associated with the specified username and
credentials, if there is one; otherwise return
null .
|
Principal | authenticate(certs[] ) - Return the Principal associated with the specified chain of X509
client certificates.
|
SecurityConstraint[] | findSecurityConstraints(HttpRequest request, Context context) - Return the SecurityConstraints configured to guard the request URI for
this request, or
null if there is no such constraint.
|
Container | getContainer() - Return the Container with which this Realm has been associated.
|
String | getInfo() - Return descriptive information about this Realm implementation and
the corresponding version number, in the format
<description>/<version> .
|
boolean | hasResourcePermission(HttpRequest request, HttpResponse response, SecurityConstraint constraint, Context context) - Perform access control based on the specified authorization constraint.
|
boolean | hasRole(Principal principal, String role) - Return
true if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false .
|
boolean | hasUserDataPermission(HttpRequest request, HttpResponse response, SecurityConstraint constraint) - Enforce any user data constraint required by the security constraint
guarding this request URI.
|
void | removePropertyChangeListener(PropertyChangeListener listener) - Remove a property change listener from this component.
|
void | setContainer(Container container) - Set the Container with which this Realm has been associated.
|
addPropertyChangeListener
public void addPropertyChangeListener(PropertyChangeListener listener)
Add a property change listener to this component.
listener
- The listener to add
authenticate
public Principal authenticate(String username,
String credentials)
Return the Principal associated with the specified username and
credentials, if there is one; otherwise return null
.
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in
authenticating this username
authenticate
public Principal authenticate(String username,
String digest,
String nonce,
String nc,
String cnonce,
String qop,
String realm,
String md5a2)
Return the Principal associated with the specified username, which
matches the digest calculated using the given parameters using the
method described in RFC 2069; otherwise return null
.
username
- Username of the Principal to look updigest
- Digest which has been submitted by the clientnonce
- Unique (or supposedly unique) token which has been used
for this requestrealm
- Realm namemd5a2
- Second MD5 digest used to calculate the digest :
MD5(Method + ":" + uri)
authenticate
public Principal authenticate(String username,
byte[] credentials)
Return the Principal associated with the specified username and
credentials, if there is one; otherwise return null
.
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in
authenticating this username
authenticate
public Principal authenticate(certs[] )
Return the Principal associated with the specified chain of X509
client certificates. If there is none, return null
.
findSecurityConstraints
public SecurityConstraint[] findSecurityConstraints(HttpRequest request,
Context context)
Return the SecurityConstraints configured to guard the request URI for
this request, or null
if there is no such constraint.
request
- Request we are processing
getContainer
public Container getContainer()
Return the Container with which this Realm has been associated.
getInfo
public String getInfo()
Return descriptive information about this Realm implementation and
the corresponding version number, in the format
<description>/<version>
.
hasResourcePermission
public boolean hasResourcePermission(HttpRequest request,
HttpResponse response,
SecurityConstraint constraint,
Context context)
throws IOException
Perform access control based on the specified authorization constraint.
Return true
if this constraint is satisfied and processing
should continue, or false
otherwise.
request
- Request we are processingresponse
- Response we are creatingconstraint
- Security constraint we are enforcingcontext
- The Context to which client of this class is attached.
hasRole
public boolean hasRole(Principal principal,
String role)
Return true
if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false
.
principal
- Principal for whom the role is to be checkedrole
- Security role to be checked
hasUserDataPermission
public boolean hasUserDataPermission(HttpRequest request,
HttpResponse response,
SecurityConstraint constraint)
throws IOException
Enforce any user data constraint required by the security constraint
guarding this request URI. Return true
if this constraint
was not violated and processing should continue, or false
if we have created a response already.
request
- Request we are processingresponse
- Response we are creatingconstraint
- Security constraint being checked
removePropertyChangeListener
public void removePropertyChangeListener(PropertyChangeListener listener)
Remove a property change listener from this component.
listener
- The listener to remove
setContainer
public void setContainer(Container container)
Set the Container with which this Realm has been associated.
container
- The associated Container
Copyright B) 2000-2003 Apache Software Foundation. All Rights Reserved.