Class GenericPrincipal
- All Implemented Interfaces:
Serializable
,Principal
,TomcatPrincipal
- Direct Known Subclasses:
UserDatabaseRealm.UserDatabasePrincipal
Realm
implementations.- Author:
- Craig R. McClanahan
- See Also:
-
Field Summary
Modifier and TypeFieldDescriptionThe additional attributes associated with this Principal.protected GSSCredential
The user's delegated credentials.protected final LoginContext
The JAAS LoginContext, if any, used to authenticate this Principal.protected final String
The username of the user represented by this Principal.protected final String
The authentication credentials for the user represented by this Principal.protected final String[]
The set of roles associated with this user.protected final Principal
The authenticated Principal to be exposed to applications. -
Constructor Summary
ConstructorDescriptionGenericPrincipal
(String name, String password, List<String> roles) Construct a new Principal, associated with the specified Realm, for the specified username and password, with the specified role names (as Strings).Construct a new Principal, associated with the specified Realm, for the specified username and password, with the specified role names (as Strings).GenericPrincipal
(String name, String password, List<String> roles, Principal userPrincipal, LoginContext loginContext) Construct a new Principal, associated with the specified Realm, for the specified username and password, with the specified role names (as Strings).GenericPrincipal
(String name, String password, List<String> roles, Principal userPrincipal, LoginContext loginContext, GSSCredential gssCredential, Map<String, Object> attributes) Construct a new Principal, associated with the specified Realm, for the specified username and password, with the specified role names (as Strings). -
Method Summary
Modifier and TypeMethodDescriptiongetAttribute
(String name) Returns the value of the named attribute as anObject
, ornull
if no attribute of the given name exists, or ifnull
has been specified as the attribute's name.Returns anEnumeration
containing the names of the attributes available to this Principal.getName()
String[]
getRoles()
boolean
Does the user represented by this Principal possess the specified role?void
logout()
Calls logout, if necessary, on any associated JAASLoginContext and/or GSSContext.protected void
setGssCredential
(GSSCredential gssCredential) toString()
-
Field Details
-
name
The username of the user represented by this Principal. -
password
The authentication credentials for the user represented by this Principal. -
roles
The set of roles associated with this user. -
userPrincipal
The authenticated Principal to be exposed to applications. -
loginContext
The JAAS LoginContext, if any, used to authenticate this Principal. Kept so we can call logout(). -
gssCredential
The user's delegated credentials. -
attributes
The additional attributes associated with this Principal.
-
-
Constructor Details
-
GenericPrincipal
Construct a new Principal, associated with the specified Realm, for the specified username and password, with the specified role names (as Strings).- Parameters:
name
- The username of the user represented by this Principalpassword
- Credentials used to authenticate this userroles
- List of roles (must be Strings) possessed by this user
-
GenericPrincipal
Construct a new Principal, associated with the specified Realm, for the specified username and password, with the specified role names (as Strings).- Parameters:
name
- The username of the user represented by this Principalpassword
- Credentials used to authenticate this userroles
- List of roles (must be Strings) possessed by this useruserPrincipal
- - the principal to be returned from the request getUserPrincipal call if not null; if null, this will be returned
-
GenericPrincipal
public GenericPrincipal(String name, String password, List<String> roles, Principal userPrincipal, LoginContext loginContext) Construct a new Principal, associated with the specified Realm, for the specified username and password, with the specified role names (as Strings).- Parameters:
name
- The username of the user represented by this Principalpassword
- Credentials used to authenticate this userroles
- List of roles (must be Strings) possessed by this useruserPrincipal
- - the principal to be returned from the request getUserPrincipal call if not null; if null, this will be returnedloginContext
- - If provided, this will be used to log out the user at the appropriate time
-
GenericPrincipal
public GenericPrincipal(String name, String password, List<String> roles, Principal userPrincipal, LoginContext loginContext, GSSCredential gssCredential, Map<String, Object> attributes) Construct a new Principal, associated with the specified Realm, for the specified username and password, with the specified role names (as Strings).- Parameters:
name
- The username of the user represented by this Principalpassword
- Credentials used to authenticate this userroles
- List of roles (must be Strings) possessed by this useruserPrincipal
- - the principal to be returned from the request getUserPrincipal call if not null; if null, this will be returnedloginContext
- - If provided, this will be used to log out the user at the appropriate timegssCredential
- - If provided, the user's delegated credentialsattributes
- - If provided, additional attributes associated with this Principal
-
-
Method Details
-
getName
-
getPassword
-
getRoles
-
getUserPrincipal
- Specified by:
getUserPrincipal
in interfaceTomcatPrincipal
- Returns:
- The authenticated Principal to be exposed to applications.
-
getGssCredential
- Specified by:
getGssCredential
in interfaceTomcatPrincipal
- Returns:
- The user's delegated credentials.
-
setGssCredential
-
hasRole
Does the user represented by this Principal possess the specified role?- Parameters:
role
- Role to be tested- Returns:
true
if this Principal has been assigned the given role, otherwisefalse
-
toString
-
logout
Description copied from interface:TomcatPrincipal
Calls logout, if necessary, on any associated JAASLoginContext and/or GSSContext. May in the future be extended to cover other logout requirements.- Specified by:
logout
in interfaceTomcatPrincipal
- Throws:
Exception
- If something goes wrong with the logout. Uses Exception to allow for future expansion of this method to cover other logout mechanisms that might throw a different exception to LoginContext
-
getAttribute
Description copied from interface:TomcatPrincipal
Returns the value of the named attribute as anObject
, ornull
if no attribute of the given name exists, or ifnull
has been specified as the attribute's name.Only the servlet container may set attributes to make available custom information about a Principal or the user it represents.
The purpose of the method is to implement read only access to attributes which may be stored in the
Realm
implementation's backend due to its inherent design.As using this method from application code will make it non portable to other EE compliant containers, it is advised this should never be used as an object storage facility tied to the
Principal
, but rather as simple extra additional metadata. It is recommended that a container level object is used to further process the attributes that may be associated with thePrincipal
.Realm
implementations that are provided by Tomcat will not provide complex type mapping, but will in most cases always return a result as aString
object which may need custom decoding.Realm
implementations that are provided by Tomcat will not provide an implementation for this facility unless it is inherent to the storage backend of theRealm
itself and metadata is available without additional user intervention or configuration.- Specified by:
getAttribute
in interfaceTomcatPrincipal
- Parameters:
name
- aString
specifying the name of the attribute- Returns:
- an
Object
containing the value of the attribute, ornull
if the attribute does not exist, or ifnull
has been specified as the attribute's name
-
getAttributeNames
Description copied from interface:TomcatPrincipal
Returns anEnumeration
containing the names of the attributes available to this Principal. This method returns an emptyEnumeration
if the Principal has no attributes available to it.- Specified by:
getAttributeNames
in interfaceTomcatPrincipal
- Returns:
- an
Enumeration
of strings containing the names of the Principal's attributes
-