Package org.apache.catalina.realm

package org.apache.catalina.realm

This package contains Realm implementations for the various supported realm technologies for authenticating users and identifying their associated roles. The Realm that is associated with a web application's Context (or a hierarchically superior Container) is used to resolve authentication and role presence questions when a web application uses container managed security as described in the Servlet API Specification.

The implementations share a common base class that supports basic functionality for all of the standard Realm implementations.

  • Class
    Description
    CombinedRealm
    Realm implementation that contains one or more realms.
    Constants
    Deprecated.
    Unused.
    DataSourceRealm
    Implementation of Realm that works with any JDBC JNDI DataSource.
    DigestCredentialHandlerBase
    Base implementation for the Tomcat provided CredentialHandlers.
    GenericPrincipal
    Generic implementation of java.security.Principal that is available for use by Realm implementations.
    JAASCallbackHandler
    Implementation of the JAAS CallbackHandler interface, used to negotiate delivery of the username and credentials that were specified to our constructor.
    JAASMemoryLoginModule
    Implementation of the JAAS LoginModule interface, primarily for use in testing JAASRealm.
    JAASRealm
    Implementation of Realm that authenticates users via the Java Authentication and Authorization Service (JAAS).
    JDBCRealm
    Deprecated.
    Will be removed in Tomcat 10 onwards.
    JNDIRealm
    Implementation of Realm that works with a directory server accessed via the Java Naming and Directory Interface (JNDI) APIs.
    JNDIRealm.JNDIConnection
    Class holding the connection to the directory plus the associated non thread safe message formats.
    JNDIRealm.User
    A protected class representing a User
    LockOutRealm
    This class extends the CombinedRealm (hence it can wrap other Realms) to provide a user lock out mechanism if there are too many failed authentication attempts in a given period of time.
    LockOutRealm.LockRecord
     
    MemoryRealm
    Simple implementation of Realm that reads an XML file to configure the valid users, passwords, and roles.
    MemoryRuleSet
    RuleSet for recognizing the users defined in the XML file processed by MemoryRealm.
    MessageDigestCredentialHandler
    This credential handler supports the following forms of stored passwords: encodedCredential - a hex encoded digest of the password digested using the configured digest {MD5}encodedCredential - a Base64 encoded MD5 digest of the password {SHA}encodedCredential - a Base64 encoded SHA1 digest of the password {SSHA}encodedCredential - 20 byte Base64 encoded SHA1 digest followed by variable length salt.
    NestedCredentialHandler
     
    NullRealm
    Minimal Realm implementation that always returns null when an attempt is made to validate a user name and password.
    RealmBase
    Simple implementation of Realm that reads an XML file to configure the valid users, passwords, and roles.
    RealmBase.AllRolesMode
     
    SecretKeyCredentialHandler
     
    UserDatabaseRealm
    Implementation of Realm that is based on an implementation of UserDatabase made available through the JNDI resources configured for this instance of Catalina.
    UserDatabaseRealm.UserDatabasePrincipal
     
    X509SubjectDnRetriever
    An X509UsernameRetriever that returns a certificate's entire SubjectDN as the username.
    X509UsernameRetriever
    Provides an interface for retrieving a user name from an X509Certificate.