Package org.apache.catalina.realm
Class JDBCRealm
- java.lang.Object
-
- org.apache.catalina.util.LifecycleBase
-
- org.apache.catalina.util.LifecycleMBeanBase
-
- org.apache.catalina.realm.RealmBase
-
- org.apache.catalina.realm.JDBCRealm
-
- All Implemented Interfaces:
javax.management.MBeanRegistration
,Contained
,JmxEnabled
,Lifecycle
,Realm
@Deprecated public class JDBCRealm extends RealmBase
Deprecated.Will be removed in Tomcat 10 onwards. Use the DataSourceRealm instead.Implementation of Realm that works with any JDBC supported database. See the JDBCRealm.howto for more details on how to set up the database and for configuration options.For a Realm implementation that supports connection pooling and doesn't require synchronisation of
authenticate()
,getPassword()
,roles()
andgetPrincipal()
or the ugly connection logic use theDataSourceRealm
.- Author:
- Craig R. McClanahan, Carson McDonald, Ignacio Ortega
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase
RealmBase.AllRolesMode
-
Nested classes/interfaces inherited from interface org.apache.catalina.Lifecycle
Lifecycle.SingleUse
-
-
Field Summary
Fields Modifier and Type Field Description protected java.lang.String
connectionName
Deprecated.The connection username to use when trying to connect to the database.protected java.lang.String
connectionPassword
Deprecated.The connection URL to use when trying to connect to the database.protected java.lang.String
connectionURL
Deprecated.The connection URL to use when trying to connect to the database.protected java.sql.Connection
dbConnection
Deprecated.The connection to the database.protected java.sql.Driver
driver
Deprecated.Instance of the JDBC Driver class we use as a connection factory.protected java.lang.String
driverName
Deprecated.The JDBC driver to use.protected java.sql.PreparedStatement
preparedCredentials
Deprecated.The PreparedStatement to use for authenticating users.protected java.sql.PreparedStatement
preparedRoles
Deprecated.The PreparedStatement to use for identifying the roles for a specified user.protected java.lang.String
roleNameCol
Deprecated.The column in the user role table that names a roleprotected java.lang.String
userCredCol
Deprecated.The column in the user table that holds the user's credentialsprotected java.lang.String
userNameCol
Deprecated.The column in the user table that holds the user's nameprotected java.lang.String
userRoleTable
Deprecated.The table that holds the relation between user's and rolesprotected java.lang.String
userTable
Deprecated.The table that holds user data.-
Fields inherited from class org.apache.catalina.realm.RealmBase
allRolesMode, container, containerLog, realmPath, sm, stripRealmForGss, support, USER_ATTRIBUTES_DELIMITER, USER_ATTRIBUTES_WILDCARD, userAttributes, userAttributesList, validate, x509UsernameRetriever, x509UsernameRetrieverClassName
-
Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase
mserver
-
Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
-
-
Constructor Summary
Constructors Constructor Description JDBCRealm()
Deprecated.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description java.security.Principal
authenticate(java.lang.String username, java.lang.String credentials)
Deprecated.Return the Principal associated with the specified username and credentials, if there is one; otherwise returnnull
.java.security.Principal
authenticate(java.sql.Connection dbConnection, java.lang.String username, java.lang.String credentials)
Deprecated.Attempt to authenticate the user with the provided credentials.protected void
close(java.sql.Connection dbConnection)
Deprecated.Close the specified database connection.protected java.sql.PreparedStatement
credentials(java.sql.Connection dbConnection, java.lang.String username)
Deprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.java.lang.String
getConnectionName()
Deprecated.java.lang.String
getConnectionPassword()
Deprecated.java.lang.String
getConnectionURL()
Deprecated.java.lang.String
getDriverName()
Deprecated.protected java.lang.String
getPassword(java.lang.String username)
Deprecated.Get the password for the specified user.protected java.security.Principal
getPrincipal(java.lang.String username)
Deprecated.Get the principal associated with the specified user.java.lang.String
getRoleNameCol()
Deprecated.protected java.util.ArrayList<java.lang.String>
getRoles(java.lang.String username)
Deprecated.Return the roles associated with the given user name.java.lang.String
getUserCredCol()
Deprecated.java.lang.String
getUserNameCol()
Deprecated.java.lang.String
getUserRoleTable()
Deprecated.java.lang.String
getUserTable()
Deprecated.boolean
isAvailable()
Deprecated.Return the availability of the realm for authentication.protected java.sql.Connection
open()
Deprecated.Open (if necessary) and return a database connection for use by this Realm.protected java.sql.PreparedStatement
roles(java.sql.Connection dbConnection, java.lang.String username)
Deprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.void
setConnectionName(java.lang.String connectionName)
Deprecated.Set the username to use to connect to the database.void
setConnectionPassword(java.lang.String connectionPassword)
Deprecated.Set the password to use to connect to the database.void
setConnectionURL(java.lang.String connectionURL)
Deprecated.Set the URL to use to connect to the database.void
setDriverName(java.lang.String driverName)
Deprecated.Set the JDBC driver that will be used.void
setRoleNameCol(java.lang.String roleNameCol)
Deprecated.Set the column in the user role table that names a role.void
setUserCredCol(java.lang.String userCredCol)
Deprecated.Set the column in the user table that holds the user's credentials.void
setUserNameCol(java.lang.String userNameCol)
Deprecated.Set the column in the user table that holds the user's name.void
setUserRoleTable(java.lang.String userRoleTable)
Deprecated.Set the table that holds the relation between user's and roles.void
setUserTable(java.lang.String userTable)
Deprecated.Set the table that holds user data.protected void
startInternal()
Deprecated.Prepare for the beginning of active use of the public methods of this component and implement the requirements ofLifecycleBase.startInternal()
.protected void
stopInternal()
Deprecated.Gracefully terminate the active use of the public methods of this component and implement the requirements ofLifecycleBase.stopInternal()
.-
Methods inherited from class org.apache.catalina.realm.RealmBase
addPropertyChangeListener, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, backgroundProcess, findSecurityConstraints, getAllRolesMode, getContainer, getCredentialHandler, getDigest, getDigest, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getRoles, getServer, getTransportGuaranteeRedirectStatus, getUserAttributes, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasRoleInternal, hasUserDataPermission, initInternal, isStripRealmForGss, main, parseUserAttributes, removePropertyChangeListener, setAllRolesMode, setContainer, setCredentialHandler, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setUserAttributes, setValidate, setX509UsernameRetrieverClassName, toString
-
Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregister
-
Methods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
-
-
-
-
Field Detail
-
connectionName
protected java.lang.String connectionName
Deprecated.The connection username to use when trying to connect to the database.
-
connectionPassword
protected java.lang.String connectionPassword
Deprecated.The connection URL to use when trying to connect to the database.
-
connectionURL
protected java.lang.String connectionURL
Deprecated.The connection URL to use when trying to connect to the database.
-
dbConnection
protected java.sql.Connection dbConnection
Deprecated.The connection to the database.
-
driver
protected java.sql.Driver driver
Deprecated.Instance of the JDBC Driver class we use as a connection factory.
-
driverName
protected java.lang.String driverName
Deprecated.The JDBC driver to use.
-
preparedCredentials
protected java.sql.PreparedStatement preparedCredentials
Deprecated.The PreparedStatement to use for authenticating users.
-
preparedRoles
protected java.sql.PreparedStatement preparedRoles
Deprecated.The PreparedStatement to use for identifying the roles for a specified user.
-
roleNameCol
protected java.lang.String roleNameCol
Deprecated.The column in the user role table that names a role
-
userCredCol
protected java.lang.String userCredCol
Deprecated.The column in the user table that holds the user's credentials
-
userNameCol
protected java.lang.String userNameCol
Deprecated.The column in the user table that holds the user's name
-
userRoleTable
protected java.lang.String userRoleTable
Deprecated.The table that holds the relation between user's and roles
-
userTable
protected java.lang.String userTable
Deprecated.The table that holds user data.
-
-
Method Detail
-
getConnectionName
public java.lang.String getConnectionName()
Deprecated.- Returns:
- the username to use to connect to the database.
-
setConnectionName
public void setConnectionName(java.lang.String connectionName)
Deprecated.Set the username to use to connect to the database.- Parameters:
connectionName
- Username
-
getConnectionPassword
public java.lang.String getConnectionPassword()
Deprecated.- Returns:
- the password to use to connect to the database.
-
setConnectionPassword
public void setConnectionPassword(java.lang.String connectionPassword)
Deprecated.Set the password to use to connect to the database.- Parameters:
connectionPassword
- User password
-
getConnectionURL
public java.lang.String getConnectionURL()
Deprecated.- Returns:
- the URL to use to connect to the database.
-
setConnectionURL
public void setConnectionURL(java.lang.String connectionURL)
Deprecated.Set the URL to use to connect to the database.- Parameters:
connectionURL
- The new connection URL
-
getDriverName
public java.lang.String getDriverName()
Deprecated.- Returns:
- the JDBC driver that will be used.
-
setDriverName
public void setDriverName(java.lang.String driverName)
Deprecated.Set the JDBC driver that will be used.- Parameters:
driverName
- The driver name
-
getRoleNameCol
public java.lang.String getRoleNameCol()
Deprecated.- Returns:
- the column in the user role table that names a role.
-
setRoleNameCol
public void setRoleNameCol(java.lang.String roleNameCol)
Deprecated.Set the column in the user role table that names a role.- Parameters:
roleNameCol
- The column name
-
getUserCredCol
public java.lang.String getUserCredCol()
Deprecated.- Returns:
- the column in the user table that holds the user's credentials.
-
setUserCredCol
public void setUserCredCol(java.lang.String userCredCol)
Deprecated.Set the column in the user table that holds the user's credentials.- Parameters:
userCredCol
- The column name
-
getUserNameCol
public java.lang.String getUserNameCol()
Deprecated.- Returns:
- the column in the user table that holds the user's name.
-
setUserNameCol
public void setUserNameCol(java.lang.String userNameCol)
Deprecated.Set the column in the user table that holds the user's name.- Parameters:
userNameCol
- The column name
-
getUserRoleTable
public java.lang.String getUserRoleTable()
Deprecated.- Returns:
- the table that holds the relation between user's and roles.
-
setUserRoleTable
public void setUserRoleTable(java.lang.String userRoleTable)
Deprecated.Set the table that holds the relation between user's and roles.- Parameters:
userRoleTable
- The table name
-
getUserTable
public java.lang.String getUserTable()
Deprecated.- Returns:
- the table that holds user data..
-
setUserTable
public void setUserTable(java.lang.String userTable)
Deprecated.Set the table that holds user data.- Parameters:
userTable
- The table name
-
authenticate
public java.security.Principal authenticate(java.lang.String username, java.lang.String credentials)
Deprecated.Return the Principal associated with the specified username and credentials, if there is one; otherwise returnnull
. If there are any errors with the JDBC connection, executing the query or anything we return null (don't authenticate). This event is also logged, and the connection will be closed so that a subsequent request will automatically re-open it.- Specified by:
authenticate
in interfaceRealm
- Overrides:
authenticate
in classRealmBase
- Parameters:
username
- Username of the Principal to look upcredentials
- Password or other credentials to use in authenticating this username- Returns:
- the associated principal, or
null
if there is none.
-
authenticate
public java.security.Principal authenticate(java.sql.Connection dbConnection, java.lang.String username, java.lang.String credentials)
Deprecated.Attempt to authenticate the user with the provided credentials.- Parameters:
dbConnection
- The database connection to be usedusername
- Username of the Principal to look upcredentials
- Password or other credentials to use in authenticating this username- Returns:
- Return the Principal associated with the specified username and credentials, if there is one; otherwise
return
null
.
-
isAvailable
public boolean isAvailable()
Deprecated.Description copied from interface:Realm
Return the availability of the realm for authentication.- Returns:
true
if the realm is able to perform authentication
-
close
protected void close(java.sql.Connection dbConnection)
Deprecated.Close the specified database connection.- Parameters:
dbConnection
- The connection to be closed
-
credentials
protected java.sql.PreparedStatement credentials(java.sql.Connection dbConnection, java.lang.String username) throws java.sql.SQLException
Deprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.- Parameters:
dbConnection
- The database connection to be usedusername
- Username for which credentials should be retrieved- Returns:
- the prepared statement
- Throws:
java.sql.SQLException
- if a database error occurs
-
getPassword
protected java.lang.String getPassword(java.lang.String username)
Deprecated.Get the password for the specified user.- Specified by:
getPassword
in classRealmBase
- Parameters:
username
- The user name- Returns:
- the password associated with the given principal's user name.
-
getPrincipal
protected java.security.Principal getPrincipal(java.lang.String username)
Deprecated.Get the principal associated with the specified user.- Specified by:
getPrincipal
in classRealmBase
- Parameters:
username
- The user name- Returns:
- the Principal associated with the given user name.
-
getRoles
protected java.util.ArrayList<java.lang.String> getRoles(java.lang.String username)
Deprecated.Return the roles associated with the given user name.- Parameters:
username
- The user name- Returns:
- an array list of the role names
-
open
protected java.sql.Connection open() throws java.sql.SQLException
Deprecated.Open (if necessary) and return a database connection for use by this Realm.- Returns:
- the opened connection
- Throws:
java.sql.SQLException
- if a database error occurs
-
roles
protected java.sql.PreparedStatement roles(java.sql.Connection dbConnection, java.lang.String username) throws java.sql.SQLException
Deprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.- Parameters:
dbConnection
- The database connection to be usedusername
- Username for which roles should be retrieved- Returns:
- the prepared statement
- Throws:
java.sql.SQLException
- if a database error occurs
-
startInternal
protected void startInternal() throws LifecycleException
Deprecated.Prepare for the beginning of active use of the public methods of this component and implement the requirements ofLifecycleBase.startInternal()
.- Overrides:
startInternal
in classRealmBase
- Throws:
LifecycleException
- if this component detects a fatal error that prevents this component from being used
-
stopInternal
protected void stopInternal() throws LifecycleException
Deprecated.Gracefully terminate the active use of the public methods of this component and implement the requirements ofLifecycleBase.stopInternal()
.- Overrides:
stopInternal
in classRealmBase
- Throws:
LifecycleException
- if this component detects a fatal error that needs to be reported
-
-