Class GenericPrincipal

java.lang.Object
org.apache.catalina.realm.GenericPrincipal
All Implemented Interfaces:
Serializable, Principal, TomcatPrincipal
Direct Known Subclasses:
UserDatabaseRealm.UserDatabasePrincipal

public class GenericPrincipal extends Object implements TomcatPrincipal, Serializable
Generic implementation of java.security.Principal that is available for use by Realm implementations.
Author:
Craig R. McClanahan
See Also:
  • Field Details

    • name

      protected final String name
      The username of the user represented by this Principal.
    • password

      protected final String password
      The authentication credentials for the user represented by this Principal.
    • roles

      protected final String[] roles
      The set of roles associated with this user.
    • userPrincipal

      protected final Principal userPrincipal
      The authenticated Principal to be exposed to applications.
    • loginContext

      protected final transient LoginContext loginContext
      The JAAS LoginContext, if any, used to authenticate this Principal. Kept so we can call logout().
    • gssCredential

      protected transient GSSCredential gssCredential
      The user's delegated credentials.
    • attributes

      protected final Map<String,Object> attributes
      The additional attributes associated with this Principal.
  • Constructor Details

    • GenericPrincipal

      public GenericPrincipal(String name, String password, List<String> roles)
      Construct a new Principal, associated with the specified Realm, for the specified username and password, with the specified role names (as Strings).
      Parameters:
      name - The username of the user represented by this Principal
      password - Credentials used to authenticate this user
      roles - List of roles (must be Strings) possessed by this user
    • GenericPrincipal

      public GenericPrincipal(String name, String password, List<String> roles, Principal userPrincipal)
      Construct a new Principal, associated with the specified Realm, for the specified username and password, with the specified role names (as Strings).
      Parameters:
      name - The username of the user represented by this Principal
      password - Credentials used to authenticate this user
      roles - List of roles (must be Strings) possessed by this user
      userPrincipal - - the principal to be returned from the request getUserPrincipal call if not null; if null, this will be returned
    • GenericPrincipal

      public GenericPrincipal(String name, String password, List<String> roles, Principal userPrincipal, LoginContext loginContext)
      Construct a new Principal, associated with the specified Realm, for the specified username and password, with the specified role names (as Strings).
      Parameters:
      name - The username of the user represented by this Principal
      password - Credentials used to authenticate this user
      roles - List of roles (must be Strings) possessed by this user
      userPrincipal - - the principal to be returned from the request getUserPrincipal call if not null; if null, this will be returned
      loginContext - - If provided, this will be used to log out the user at the appropriate time
    • GenericPrincipal

      public GenericPrincipal(String name, String password, List<String> roles, Principal userPrincipal, LoginContext loginContext, GSSCredential gssCredential, Map<String,Object> attributes)
      Construct a new Principal, associated with the specified Realm, for the specified username and password, with the specified role names (as Strings).
      Parameters:
      name - The username of the user represented by this Principal
      password - Credentials used to authenticate this user
      roles - List of roles (must be Strings) possessed by this user
      userPrincipal - - the principal to be returned from the request getUserPrincipal call if not null; if null, this will be returned
      loginContext - - If provided, this will be used to log out the user at the appropriate time
      gssCredential - - If provided, the user's delegated credentials
      attributes - - If provided, additional attributes associated with this Principal
  • Method Details

    • getName

      public String getName()
      Specified by:
      getName in interface Principal
    • getPassword

      public String getPassword()
    • getRoles

      public String[] getRoles()
    • getUserPrincipal

      public Principal getUserPrincipal()
      Specified by:
      getUserPrincipal in interface TomcatPrincipal
      Returns:
      The authenticated Principal to be exposed to applications.
    • getGssCredential

      public GSSCredential getGssCredential()
      Specified by:
      getGssCredential in interface TomcatPrincipal
      Returns:
      The user's delegated credentials.
    • setGssCredential

      protected void setGssCredential(GSSCredential gssCredential)
    • hasRole

      public boolean hasRole(String role)
      Does the user represented by this Principal possess the specified role?
      Parameters:
      role - Role to be tested
      Returns:
      true if this Principal has been assigned the given role, otherwise false
    • toString

      public String toString()
      Specified by:
      toString in interface Principal
      Overrides:
      toString in class Object
    • logout

      public void logout() throws Exception
      Description copied from interface: TomcatPrincipal
      Calls logout, if necessary, on any associated JAASLoginContext and/or GSSContext. May in the future be extended to cover other logout requirements.
      Specified by:
      logout in interface TomcatPrincipal
      Throws:
      Exception - If something goes wrong with the logout. Uses Exception to allow for future expansion of this method to cover other logout mechanisms that might throw a different exception to LoginContext
    • getAttribute

      public Object getAttribute(String name)
      Description copied from interface: TomcatPrincipal
      Returns the value of the named attribute as an Object, or null if no attribute of the given name exists, or if null has been specified as the attribute's name.

      Only the servlet container may set attributes to make available custom information about a Principal or the user it represents.

      The purpose of the method is to implement read only access to attributes which may be stored in the Realm implementation's backend due to its inherent design.

      As using this method from application code will make it non portable to other EE compliant containers, it is advised this should never be used as an object storage facility tied to the Principal, but rather as simple extra additional metadata. It is recommended that a container level object is used to further process the attributes that may be associated with the Principal.

      Realm implementations that are provided by Tomcat will not provide complex type mapping, but will in most cases always return a result as a String object which may need custom decoding.

      Realm implementations that are provided by Tomcat will not provide an implementation for this facility unless it is inherent to the storage backend of the Realm itself and metadata is available without additional user intervention or configuration.

      Specified by:
      getAttribute in interface TomcatPrincipal
      Parameters:
      name - a String specifying the name of the attribute
      Returns:
      an Object containing the value of the attribute, or null if the attribute does not exist, or if null has been specified as the attribute's name
    • getAttributeNames

      public Enumeration<String> getAttributeNames()
      Description copied from interface: TomcatPrincipal
      Returns an Enumeration containing the names of the attributes available to this Principal. This method returns an empty Enumeration if the Principal has no attributes available to it.
      Specified by:
      getAttributeNames in interface TomcatPrincipal
      Returns:
      an Enumeration of strings containing the names of the Principal's attributes