public interface Realm
Modifier and Type | Method and Description |
---|---|
void |
addPropertyChangeListener(java.beans.PropertyChangeListener listener)
Add a property change listener to this component.
|
java.security.Principal |
authenticate(org.ietf.jgss.GSSContext gssContext,
boolean storeCreds)
Try to authenticate using a
GSSContext |
java.security.Principal |
authenticate(java.lang.String username)
Try to authenticate with the specified username.
|
java.security.Principal |
authenticate(java.lang.String username,
java.lang.String credentials)
Try to authenticate using the specified username and
credentials.
|
java.security.Principal |
authenticate(java.lang.String username,
java.lang.String digest,
java.lang.String nonce,
java.lang.String nc,
java.lang.String cnonce,
java.lang.String qop,
java.lang.String realm,
java.lang.String md5a2)
Try to authenticate with the specified username, which
matches the digest calculated using the given parameters using the
method described in RFC 2617 (which is a superset of RFC 2069).
|
java.security.Principal |
authenticate(java.security.cert.X509Certificate[] certs)
Try to authenticate using
X509Certificate s |
void |
backgroundProcess()
Execute a periodic task, such as reloading, etc.
|
SecurityConstraint[] |
findSecurityConstraints(Request request,
Context context)
Find the SecurityConstraints configured to guard the request URI for
this request.
|
Container |
getContainer() |
CredentialHandler |
getCredentialHandler() |
boolean |
hasResourcePermission(Request request,
Response response,
SecurityConstraint[] constraint,
Context context)
Perform access control based on the specified authorization constraint.
|
boolean |
hasRole(Wrapper wrapper,
java.security.Principal principal,
java.lang.String role)
Check if the specified Principal has the specified
security role, within the context of this Realm.
|
boolean |
hasUserDataPermission(Request request,
Response response,
SecurityConstraint[] constraint)
Enforce any user data constraint required by the security constraint
guarding this request URI.
|
void |
removePropertyChangeListener(java.beans.PropertyChangeListener listener)
Remove a property change listener from this component.
|
void |
setContainer(Container container)
Set the Container with which this Realm has been associated.
|
void |
setCredentialHandler(CredentialHandler credentialHandler)
Set the CredentialHandler to be used by this Realm.
|
Container getContainer()
void setContainer(Container container)
container
- The associated ContainerCredentialHandler getCredentialHandler()
void setCredentialHandler(CredentialHandler credentialHandler)
credentialHandler
- the CredentialHandler
to usevoid addPropertyChangeListener(java.beans.PropertyChangeListener listener)
listener
- The listener to addjava.security.Principal authenticate(java.lang.String username)
username
- Username of the Principal to look upnull
if none is
associated.java.security.Principal authenticate(java.lang.String username, java.lang.String credentials)
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in
authenticating this usernamenull
if there is nonejava.security.Principal authenticate(java.lang.String username, java.lang.String digest, java.lang.String nonce, java.lang.String nc, java.lang.String cnonce, java.lang.String qop, java.lang.String realm, java.lang.String md5a2)
username
- Username of the Principal to look updigest
- Digest which has been submitted by the clientnonce
- Unique (or supposedly unique) token which has been used
for this requestnc
- the nonce countercnonce
- the client chosen nonceqop
- the "quality of protection" (nc
and cnonce
will only be used, if qop
is not null
).realm
- Realm namemd5a2
- Second MD5 digest used to calculate the digest :
MD5(Method + ":" + uri)null
if there is none.java.security.Principal authenticate(org.ietf.jgss.GSSContext gssContext, boolean storeCreds)
GSSContext
gssContext
- The gssContext processed by the Authenticator
.storeCreds
- Should the realm attempt to store the delegated
credentials in the returned Principal?null
if there is nonejava.security.Principal authenticate(java.security.cert.X509Certificate[] certs)
X509Certificate
scerts
- Array of client certificates, with the first one in
the array being the certificate of the client itself.null
if there is nonevoid backgroundProcess()
SecurityConstraint[] findSecurityConstraints(Request request, Context context)
request
- Request we are processingcontext
- Context
for this requestSecurityConstraint
, of null
if there is noneboolean hasResourcePermission(Request request, Response response, SecurityConstraint[] constraint, Context context) throws java.io.IOException
request
- Request we are processingresponse
- Response we are creatingconstraint
- Security constraint we are enforcingcontext
- The Context to which client of this class is attached.true
if this constraint is satisfied and processing
should continue, or false
otherwisejava.io.IOException
- if an input/output error occursboolean hasRole(Wrapper wrapper, java.security.Principal principal, java.lang.String role)
wrapper
- wrapper context for evaluating roleprincipal
- Principal for whom the role is to be checkedrole
- Security role to be checkedtrue
if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false
.boolean hasUserDataPermission(Request request, Response response, SecurityConstraint[] constraint) throws java.io.IOException
request
- Request we are processingresponse
- Response we are creatingconstraint
- Security constraint being checkedtrue
if this constraint
was not violated and processing should continue, or false
if we have created a response already.java.io.IOException
- if an input/output error occursvoid removePropertyChangeListener(java.beans.PropertyChangeListener listener)
listener
- The listener to removeCopyright © 2000-2018 Apache Software Foundation. All Rights Reserved.