public class CombinedRealm extends RealmBase
RealmBase.AllRolesModeLifecycle.SingleUse| Modifier and Type | Field and Description |
|---|---|
protected static String |
name
Descriptive information about this Realm implementation.
|
protected List<Realm> |
realms
The list of Realms contained by this Realm.
|
allRolesMode, container, containerLog, digest, digestEncoding, info, md, md5Encoder, md5Helper, realmPath, sm, stripRealmForGss, support, validate, x509UsernameRetriever, x509UsernameRetrieverClassNamemserverAFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT| Constructor and Description |
|---|
CombinedRealm() |
| Modifier and Type | Method and Description |
|---|---|
void |
addRealm(Realm theRealm)
Add a realm to the list of realms that will be used to authenticate
users.
|
Principal |
authenticate(GSSContext gssContext,
boolean storeCred)
Try to authenticate using a
GSSContext |
Principal |
authenticate(GSSName gssName,
GSSCredential gssCredential)
Try to authenticate using a
GSSName |
Principal |
authenticate(String username)
Return the Principal associated with the specified user name otherwise
return
null. |
Principal |
authenticate(String username,
String credentials)
Return the Principal associated with the specified username and
credentials, if there is one; otherwise return
null. |
Principal |
authenticate(String username,
String clientDigest,
String nonce,
String nc,
String cnonce,
String qop,
String realmName,
String md5a2)
Return the Principal associated with the specified username, which
matches the digest calculated using the given parameters using the
method described in RFC 2069; otherwise return
null. |
Principal |
authenticate(X509Certificate[] certs)
Return the Principal associated with the specified chain of X509
client certificates.
|
void |
backgroundProcess()
Delegate the backgroundProcess call to all sub-realms.
|
protected void |
destroyInternal()
Ensure child Realms are destroyed when this Realm is destroyed.
|
protected String |
getName()
Return a short name for this Realm implementation, for use in
log messages.
|
protected String |
getPassword(String username)
Return the password associated with the given principal's user name.
|
protected Principal |
getPrincipal(String username)
Return the Principal associated with the given user name.
|
ObjectName[] |
getRealms()
Return the set of Realms that this Realm is wrapping
|
boolean |
hasRole(Wrapper wrapper,
Principal principal,
String role)
Return
true if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false. |
void |
setContainer(Container container)
Set the Container with which this Realm has been associated.
|
protected void |
startInternal()
Prepare for the beginning of active use of the public methods of this
component and implement the requirements of
LifecycleBase.startInternal(). |
protected void |
stopInternal()
Gracefully terminate the active use of the public methods of this
component and implement the requirements of
LifecycleBase.stopInternal(). |
addPropertyChangeListener, compareCredentials, digest, Digest, findSecurityConstraints, getAllRolesMode, getContainer, getDigest, getDigest, getDigestCharset, getDigestEncoding, getDomainInternal, getInfo, getObjectNameKeyProperties, getPrincipal, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getServer, getTransportGuaranteeRedirectStatus, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasUserDataPermission, initInternal, isStripRealmForGss, main, removePropertyChangeListener, setAllRolesMode, setDigest, setDigestEncoding, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setValidate, setX509UsernameRetrieverClassName, toStringgetDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregisteraddLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stopprotected static final String name
public void addRealm(Realm theRealm)
public ObjectName[] getRealms()
public Principal authenticate(String username, String clientDigest, String nonce, String nc, String cnonce, String qop, String realmName, String md5a2)
null.authenticate in interface Realmauthenticate in class RealmBaseusername - Username of the Principal to look upclientDigest - Digest which has been submitted by the clientnonce - Unique (or supposedly unique) token which has been used
for this requestrealmName - Realm namemd5a2 - Second MD5 digest used to calculate the digest :
MD5(Method + ":" + uri)nc - the nonce countercnonce - the client chosen nonceqop - the "quality of protection" (nc and cnonce
will only be used, if qop is not null).null if there is none.public Principal authenticate(String username)
null.authenticate in interface Realmauthenticate in class RealmBaseusername - User name of the Principal to look upnull if none is
associated.public Principal authenticate(String username, String credentials)
null.authenticate in interface Realmauthenticate in class RealmBaseusername - Username of the Principal to look upcredentials - Password or other credentials to use in
authenticating this usernamenull if there is none.public void setContainer(Container container)
setContainer in interface RealmsetContainer in class RealmBasecontainer - The associated Containerprotected void startInternal()
throws LifecycleException
LifecycleBase.startInternal().startInternal in class RealmBaseLifecycleException - if this component detects a fatal error
that prevents this component from being usedprotected void stopInternal()
throws LifecycleException
LifecycleBase.stopInternal().stopInternal in class RealmBaseLifecycleException - if this component detects a fatal error
that needs to be reportedprotected void destroyInternal()
throws LifecycleException
destroyInternal in class LifecycleMBeanBaseLifecycleException - If the destruction failspublic void backgroundProcess()
backgroundProcess in interface RealmbackgroundProcess in class RealmBasepublic Principal authenticate(X509Certificate[] certs)
null.authenticate in interface Realmauthenticate in class RealmBasecerts - Array of client certificates, with the first one in
the array being the certificate of the client itself.null if there is nonepublic Principal authenticate(GSSContext gssContext, boolean storeCred)
GSSContextauthenticate in interface Realmauthenticate in class RealmBasegssContext - The gssContext processed by the Authenticator.storeCred - Should the realm attempt to store the delegated
credentials in the returned Principal?null if there is nonepublic Principal authenticate(GSSName gssName, GSSCredential gssCredential)
GSSNameauthenticate in interface GSSRealmauthenticate in class RealmBasegssName - The GSSName of the principal to look upgssCredential - The GSSCredential of the principal, may be
nullnull if there is nonepublic boolean hasRole(Wrapper wrapper, Principal principal, String role)
true if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false. This method can be overridden by Realm
implementations, but the default is adequate when an instance of
GenericPrincipal is used to represent authenticated
Principals from this Realm.hasRole in interface RealmhasRole in class RealmBasewrapper - wrapper context for evaluating roleprincipal - Principal for whom the role is to be checkedrole - Security role to be checkedtrue if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false.protected String getName()
RealmBaseprotected String getPassword(String username)
RealmBasegetPassword in class RealmBaseprotected Principal getPrincipal(String username)
RealmBasegetPrincipal in class RealmBaseCopyright © 2000-2021 Apache Software Foundation. All Rights Reserved.