Package org.apache.catalina.realm
This package contains Realm implementations for the
various supported realm technologies for authenticating users and
identifying their associated roles. The Realm that is
associated with a web application's Context (or a hierarchically
superior Container) is used to resolve authentication and role presence
questions when a web application uses container managed security as described
in the Servlet API Specification.
The implementations share a common base class that supports basic
functionality for all of the standard Realm implementations.
-
Interface Summary Interface Description X509UsernameRetriever Provides an interface for retrieving a user name from an X509Certificate. -
Class Summary Class Description AuthenticatedUserRealm This Realm is intended for use with Authenticator implementations (SSLAuthenticator,SpnegoAuthenticator) that authenticate the user as well as obtain the user credentials.CombinedRealm Realm implementation that contains one or more realms.DataSourceRealm Implementation of Realm that works with any JDBC JNDI DataSource.DigestCredentialHandlerBase Base implementation for the Tomcat providedCredentialHandlers.GenericPrincipal Generic implementation of java.security.Principal that is available for use byRealmimplementations.JAASCallbackHandler Implementation of the JAASCallbackHandlerinterface, used to negotiate delivery of the username and credentials that were specified to our constructor.JAASMemoryLoginModule Implementation of the JAAS LoginModule interface, primarily for use in testingJAASRealm.JAASRealm Implementation of Realm that authenticates users via the Java Authentication and Authorization Service (JAAS).JNDIRealm Implementation of Realm that works with a directory server accessed via the Java Naming and Directory Interface (JNDI) APIs.JNDIRealm.JNDIConnection Class holding the connection to the directory plus the associated non thread safe message formats.JNDIRealm.User A protected class representing a UserLockOutRealm This class extends the CombinedRealm (hence it can wrap other Realms) to provide a user lock out mechanism if there are too many failed authentication attempts in a given period of time.LockOutRealm.LockRecord MemoryRealm Simple implementation of Realm that reads an XML file to configure the valid users, passwords, and roles.MemoryRuleSet RuleSet for recognizing the users defined in the XML file processed byMemoryRealm.MessageDigestCredentialHandler This credential handler supports the following forms of stored passwords: encodedCredential - a hex encoded digest of the password digested using the configured digest {MD5}encodedCredential - a Base64 encoded MD5 digest of the password {SHA}encodedCredential - a Base64 encoded SHA1 digest of the password {SSHA}encodedCredential - 20 byte Base64 encoded SHA1 digest followed by variable length salt.NestedCredentialHandler NullRealm Minimal Realm implementation that always returns null when an attempt is made to validate a user name and password.RealmBase Simple implementation of Realm that reads an XML file to configure the valid users, passwords, and roles.RealmBase.AllRolesMode SecretKeyCredentialHandler UserDatabaseRealm Implementation ofRealmthat is based on an implementation ofUserDatabasemade available through the JNDI resources configured for this instance of Catalina.UserDatabaseRealm.UserDatabasePrincipal X509SubjectDnRetriever An X509UsernameRetriever that returns a certificate's entire SubjectDN as the username.