Package org.apache.catalina.authenticator
This package contains Authenticator
implementations for the
various supported authentication methods (BASIC, DIGEST, and FORM). In
addition, there is a convenience base class,
AuthenticatorBase
, for customized Authenticator
implementations.
If you are using the standard context configuration class
(org.apache.catalina.startup.ContextConfig
) to configure the
Authenticator associated with a particular context, you can register the Java
class to be used for each possible authentication method by modifying the
following Properties file:
src/share/org/apache/catalina/startup/Authenticators.properties
Each of the standard implementations extends a common base class
(AuthenticatorBase
), which is configured by setting the
following JavaBeans properties (with default values in square brackets):
- cache - Should we cache authenticated Principals (thus avoiding
per-request lookups in our underlying
Realm
) if this request is part of an HTTP session? [true] - debug - Debugging detail level for this component. [0]
The standard authentication methods that are currently provided include:
- BasicAuthenticator - Implements HTTP BASIC authentication, as described in RFC 2617.
- DigestAuthenticator - Implements HTTP DIGEST authentication, as described in RFC 2617.
- FormAuthenticator - Implements FORM-BASED authentication, as described in the Servlet API Specification.
-
Class Summary Class Description AuthenticatorBase Basic implementation of the Valve interface that enforces the<security-constraint>
elements in the web application deployment descriptor.BasicAuthenticator An Authenticator and Valve implementation of HTTP BASIC Authentication, as outlined in RFC 2617: "HTTP Authentication: Basic and Digest Access Authentication."BasicAuthenticator.BasicCredentials Parser for an HTTP Authorization header for BASIC authentication as per RFC 2617 section 2, and the Base64 encoded credentials as per RFC 2045 section 6.8.Constants DigestAuthenticator An Authenticator and Valve implementation of HTTP DIGEST Authentication (see RFC 2069).DigestAuthenticator.DigestInfo DigestAuthenticator.NonceInfo FormAuthenticator An Authenticator and Valve implementation of FORM BASED Authentication, as described in the Servlet API Specification.NonLoginAuthenticator An Authenticator and Valve implementation that checks only security constraints not involving user authentication.SavedRequest Object that saves the critical information from a request so that form-based authentication can reproduce it once the user has been authenticated.SingleSignOn A Valve that supports a "single sign on" user experience, where the security identity of a user who successfully authenticates to one web application is propagated to other web applications in the same security domain.SingleSignOnEntry A class that represents entries in the cache of authenticated users.SingleSignOnListener SingleSignOnSessionKey Key used by SSO to identify a session.SpnegoAuthenticator A SPNEGO authenticator that uses the SPNEGO/Kerberos support built in to Java 6.SpnegoAuthenticator.AcceptAction This class gets a gss credential via a privileged action.SpnegoAuthenticator.AuthenticateAction SpnegoAuthenticator.SpnegoTokenFixer This class implements a hack around an incompatibility between the SPNEGO implementation in Windows and the SPNEGO implementation in Java 8 update 40 onwards.SSLAuthenticator An Authenticator and Valve implementation of authentication that utilizes SSL certificates to identify client users. -
Enum Summary Enum Description AuthenticatorBase.AllowCorsPreflight