Package org.apache.catalina.realm
Class DataSourceRealm
java.lang.Object
org.apache.catalina.util.LifecycleBase
org.apache.catalina.util.LifecycleMBeanBase
org.apache.catalina.realm.RealmBase
org.apache.catalina.realm.DataSourceRealm
- All Implemented Interfaces:
MBeanRegistration
,Contained
,JmxEnabled
,Lifecycle
,Realm
Implementation of Realm that works with any JDBC JNDI DataSource. See the Realm How-To for more details on how
to set up the database and for configuration options.
- Author:
- Glenn L. Nielsen, Craig R. McClanahan, Carson McDonald, Ignacio Ortega
-
Nested Class Summary
Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase
RealmBase.AllRolesMode
Nested classes/interfaces inherited from interface org.apache.catalina.Lifecycle
Lifecycle.SingleUse
-
Field Summary
Modifier and TypeFieldDescriptionprotected String
The name of the JNDI JDBC DataSourceprotected boolean
Context local datasource.protected String
The column in the user role table that names a roleprotected String
The column in the user table that holds the user's credentialsprotected String
The column in the user table that holds the user's nameprotected String
The table that holds the relation between user's and rolesprotected String
The table that holds user data.Fields inherited from class org.apache.catalina.realm.RealmBase
allRolesMode, container, containerLog, realmPath, sm, stripRealmForGss, support, USER_ATTRIBUTES_DELIMITER, USER_ATTRIBUTES_WILDCARD, userAttributes, userAttributesList, validate, x509UsernameRetriever, x509UsernameRetrieverClassName
Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionauthenticate
(String username, String credentials) Try to authenticate using the specified username and credentials.protected Principal
authenticate
(Connection dbConnection, String username, String credentials) Return the Principal associated with the specified username and credentials, if there is one; otherwise returnnull
.protected void
close
(Connection dbConnection) Close the specified database connection.boolean
protected String
getPassword
(String username) Get the password for the specified user.protected String
getPassword
(Connection dbConnection, String username) Return the password associated with the given principal's user name.protected Principal
getPrincipal
(String username) Get the principal associated with the specified user.Return the roles associated with the given user name.getRoles
(Connection dbConnection, String username) Return the roles associated with the given user name.boolean
Return the availability of the realm for authentication.protected Connection
open()
Open the specified database connection.void
setDataSourceName
(String dataSourceName) Set the name of the JNDI JDBC DataSource.void
setLocalDataSource
(boolean localDataSource) Set to true to cause the datasource to be looked up in the webapp JNDI Context.void
setRoleNameCol
(String roleNameCol) Set the column in the user role table that names a role.void
setUserCredCol
(String userCredCol) Set the column in the user table that holds the user's credentials.void
setUserNameCol
(String userNameCol) Set the column in the user table that holds the user's name.void
setUserRoleTable
(String userRoleTable) Set the table that holds the relation between user's and roles.void
setUserTable
(String userTable) Set the table that holds user data.protected void
Prepare for the beginning of active use of the public methods of this component and implement the requirements ofLifecycleBase.startInternal()
.Methods inherited from class org.apache.catalina.realm.RealmBase
addPropertyChangeListener, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, backgroundProcess, findSecurityConstraints, getAllRolesMode, getContainer, getCredentialHandler, getDigest, getDigest, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getServer, getTransportGuaranteeRedirectStatus, getUserAttributes, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasRoleInternal, hasUserDataPermission, initInternal, isStripRealmForGss, main, parseUserAttributes, removePropertyChangeListener, setAllRolesMode, setContainer, setCredentialHandler, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setUserAttributes, setValidate, setX509UsernameRetrieverClassName, stopInternal, toString
Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregister
Methods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
-
Field Details
-
dataSourceName
The name of the JNDI JDBC DataSource -
localDataSource
protected boolean localDataSourceContext local datasource. -
roleNameCol
The column in the user role table that names a role -
userCredCol
The column in the user table that holds the user's credentials -
userNameCol
The column in the user table that holds the user's name -
userRoleTable
The table that holds the relation between user's and roles -
userTable
The table that holds user data.
-
-
Constructor Details
-
DataSourceRealm
public DataSourceRealm()
-
-
Method Details
-
getDataSourceName
- Returns:
- the name of the JNDI JDBC DataSource.
-
setDataSourceName
Set the name of the JNDI JDBC DataSource.- Parameters:
dataSourceName
- the name of the JNDI JDBC DataSource
-
getLocalDataSource
public boolean getLocalDataSource()- Returns:
- if the datasource will be looked up in the webapp JNDI Context.
-
setLocalDataSource
public void setLocalDataSource(boolean localDataSource) Set to true to cause the datasource to be looked up in the webapp JNDI Context.- Parameters:
localDataSource
- the new flag value
-
getRoleNameCol
- Returns:
- the column in the user role table that names a role.
-
setRoleNameCol
Set the column in the user role table that names a role.- Parameters:
roleNameCol
- The column name
-
getUserCredCol
- Returns:
- the column in the user table that holds the user's credentials.
-
setUserCredCol
Set the column in the user table that holds the user's credentials.- Parameters:
userCredCol
- The column name
-
getUserNameCol
- Returns:
- the column in the user table that holds the user's name.
-
setUserNameCol
Set the column in the user table that holds the user's name.- Parameters:
userNameCol
- The column name
-
getUserRoleTable
- Returns:
- the table that holds the relation between user's and roles.
-
setUserRoleTable
Set the table that holds the relation between user's and roles.- Parameters:
userRoleTable
- The table name
-
getUserTable
- Returns:
- the table that holds user data..
-
setUserTable
Set the table that holds user data.- Parameters:
userTable
- The table name
-
authenticate
Try to authenticate using the specified username and credentials.If there are any errors with the JDBC connection, executing the query or anything this method returns null (doesn't authenticate). This event is also logged, and the connection will be closed so that a subsequent request will automatically re-open it.
- Specified by:
authenticate
in interfaceRealm
- Overrides:
authenticate
in classRealmBase
- Parameters:
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in authenticating this username- Returns:
- the associated principal, or
null
if there is none
-
isAvailable
public boolean isAvailable()Description copied from interface:Realm
Return the availability of the realm for authentication.- Returns:
true
if the realm is able to perform authentication
-
authenticate
Return the Principal associated with the specified username and credentials, if there is one; otherwise returnnull
.- Parameters:
dbConnection
- The database connection to be usedusername
- Username of the Principal to look upcredentials
- Password or other credentials to use in authenticating this username- Returns:
- the associated principal, or
null
if there is none.
-
close
Close the specified database connection.- Parameters:
dbConnection
- The connection to be closed
-
open
Open the specified database connection.- Returns:
- Connection to the database
-
getPassword
Description copied from class:RealmBase
Get the password for the specified user.- Specified by:
getPassword
in classRealmBase
- Parameters:
username
- The user name- Returns:
- the password associated with the given principal's user name.
-
getPassword
Return the password associated with the given principal's user name.- Parameters:
dbConnection
- The database connection to be usedusername
- Username for which password should be retrieved- Returns:
- the password for the specified user
-
getPrincipal
Description copied from class:RealmBase
Get the principal associated with the specified user.- Specified by:
getPrincipal
in classRealmBase
- Parameters:
username
- The user name- Returns:
- the Principal associated with the given user name.
-
getRoles
-
getRoles
Return the roles associated with the given user name.- Parameters:
dbConnection
- The database connection to be usedusername
- User name for which roles should be retrieved- Returns:
- an array list of the role names
-
startInternal
Description copied from class:RealmBase
Prepare for the beginning of active use of the public methods of this component and implement the requirements ofLifecycleBase.startInternal()
.- Overrides:
startInternal
in classRealmBase
- Throws:
LifecycleException
- if this component detects a fatal error that prevents this component from being used
-