Class JDBCRealm

  • All Implemented Interfaces:
    javax.management.MBeanRegistration, Contained, JmxEnabled, Lifecycle, Realm

    @Deprecated
    public class JDBCRealm
    extends RealmBase
    Deprecated.
    Will be removed in Tomcat 10 onwards. Use the DataSourceRealm instead.
    Implementation of Realm that works with any JDBC supported database. See the JDBCRealm.howto for more details on how to set up the database and for configuration options.

    For a Realm implementation that supports connection pooling and doesn't require synchronisation of authenticate(), getPassword(), roles() and getPrincipal() or the ugly connection logic use the DataSourceRealm.

    Author:
    Craig R. McClanahan, Carson McDonald, Ignacio Ortega
    • Field Detail

      • connectionName

        protected java.lang.String connectionName
        Deprecated.
        The connection username to use when trying to connect to the database.
      • connectionPassword

        protected java.lang.String connectionPassword
        Deprecated.
        The connection URL to use when trying to connect to the database.
      • connectionURL

        protected java.lang.String connectionURL
        Deprecated.
        The connection URL to use when trying to connect to the database.
      • dbConnection

        protected java.sql.Connection dbConnection
        Deprecated.
        The connection to the database.
      • driver

        protected java.sql.Driver driver
        Deprecated.
        Instance of the JDBC Driver class we use as a connection factory.
      • driverName

        protected java.lang.String driverName
        Deprecated.
        The JDBC driver to use.
      • preparedCredentials

        protected java.sql.PreparedStatement preparedCredentials
        Deprecated.
        The PreparedStatement to use for authenticating users.
      • preparedRoles

        protected java.sql.PreparedStatement preparedRoles
        Deprecated.
        The PreparedStatement to use for identifying the roles for a specified user.
      • roleNameCol

        protected java.lang.String roleNameCol
        Deprecated.
        The column in the user role table that names a role
      • userCredCol

        protected java.lang.String userCredCol
        Deprecated.
        The column in the user table that holds the user's credentials
      • userNameCol

        protected java.lang.String userNameCol
        Deprecated.
        The column in the user table that holds the user's name
      • userRoleTable

        protected java.lang.String userRoleTable
        Deprecated.
        The table that holds the relation between user's and roles
      • userTable

        protected java.lang.String userTable
        Deprecated.
        The table that holds user data.
    • Constructor Detail

      • JDBCRealm

        public JDBCRealm()
        Deprecated.
    • Method Detail

      • getConnectionName

        public java.lang.String getConnectionName()
        Deprecated.
        Returns:
        the username to use to connect to the database.
      • setConnectionName

        public void setConnectionName​(java.lang.String connectionName)
        Deprecated.
        Set the username to use to connect to the database.
        Parameters:
        connectionName - Username
      • getConnectionPassword

        public java.lang.String getConnectionPassword()
        Deprecated.
        Returns:
        the password to use to connect to the database.
      • setConnectionPassword

        public void setConnectionPassword​(java.lang.String connectionPassword)
        Deprecated.
        Set the password to use to connect to the database.
        Parameters:
        connectionPassword - User password
      • getConnectionURL

        public java.lang.String getConnectionURL()
        Deprecated.
        Returns:
        the URL to use to connect to the database.
      • setConnectionURL

        public void setConnectionURL​(java.lang.String connectionURL)
        Deprecated.
        Set the URL to use to connect to the database.
        Parameters:
        connectionURL - The new connection URL
      • getDriverName

        public java.lang.String getDriverName()
        Deprecated.
        Returns:
        the JDBC driver that will be used.
      • setDriverName

        public void setDriverName​(java.lang.String driverName)
        Deprecated.
        Set the JDBC driver that will be used.
        Parameters:
        driverName - The driver name
      • getRoleNameCol

        public java.lang.String getRoleNameCol()
        Deprecated.
        Returns:
        the column in the user role table that names a role.
      • setRoleNameCol

        public void setRoleNameCol​(java.lang.String roleNameCol)
        Deprecated.
        Set the column in the user role table that names a role.
        Parameters:
        roleNameCol - The column name
      • getUserCredCol

        public java.lang.String getUserCredCol()
        Deprecated.
        Returns:
        the column in the user table that holds the user's credentials.
      • setUserCredCol

        public void setUserCredCol​(java.lang.String userCredCol)
        Deprecated.
        Set the column in the user table that holds the user's credentials.
        Parameters:
        userCredCol - The column name
      • getUserNameCol

        public java.lang.String getUserNameCol()
        Deprecated.
        Returns:
        the column in the user table that holds the user's name.
      • setUserNameCol

        public void setUserNameCol​(java.lang.String userNameCol)
        Deprecated.
        Set the column in the user table that holds the user's name.
        Parameters:
        userNameCol - The column name
      • getUserRoleTable

        public java.lang.String getUserRoleTable()
        Deprecated.
        Returns:
        the table that holds the relation between user's and roles.
      • setUserRoleTable

        public void setUserRoleTable​(java.lang.String userRoleTable)
        Deprecated.
        Set the table that holds the relation between user's and roles.
        Parameters:
        userRoleTable - The table name
      • getUserTable

        public java.lang.String getUserTable()
        Deprecated.
        Returns:
        the table that holds user data..
      • setUserTable

        public void setUserTable​(java.lang.String userTable)
        Deprecated.
        Set the table that holds user data.
        Parameters:
        userTable - The table name
      • authenticate

        public java.security.Principal authenticate​(java.lang.String username,
                                                    java.lang.String credentials)
        Deprecated.
        Return the Principal associated with the specified username and credentials, if there is one; otherwise return null. If there are any errors with the JDBC connection, executing the query or anything we return null (don't authenticate). This event is also logged, and the connection will be closed so that a subsequent request will automatically re-open it.
        Specified by:
        authenticate in interface Realm
        Overrides:
        authenticate in class RealmBase
        Parameters:
        username - Username of the Principal to look up
        credentials - Password or other credentials to use in authenticating this username
        Returns:
        the associated principal, or null if there is none.
      • authenticate

        public java.security.Principal authenticate​(java.sql.Connection dbConnection,
                                                    java.lang.String username,
                                                    java.lang.String credentials)
        Deprecated.
        Attempt to authenticate the user with the provided credentials.
        Parameters:
        dbConnection - The database connection to be used
        username - Username of the Principal to look up
        credentials - Password or other credentials to use in authenticating this username
        Returns:
        Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.
      • isAvailable

        public boolean isAvailable()
        Deprecated.
        Description copied from interface: Realm
        Return the availability of the realm for authentication.
        Returns:
        true if the realm is able to perform authentication
      • close

        protected void close​(java.sql.Connection dbConnection)
        Deprecated.
        Close the specified database connection.
        Parameters:
        dbConnection - The connection to be closed
      • credentials

        protected java.sql.PreparedStatement credentials​(java.sql.Connection dbConnection,
                                                         java.lang.String username)
                                                  throws java.sql.SQLException
        Deprecated.
        Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.
        Parameters:
        dbConnection - The database connection to be used
        username - Username for which credentials should be retrieved
        Returns:
        the prepared statement
        Throws:
        java.sql.SQLException - if a database error occurs
      • getPassword

        protected java.lang.String getPassword​(java.lang.String username)
        Deprecated.
        Get the password for the specified user.
        Specified by:
        getPassword in class RealmBase
        Parameters:
        username - The user name
        Returns:
        the password associated with the given principal's user name.
      • getPrincipal

        protected java.security.Principal getPrincipal​(java.lang.String username)
        Deprecated.
        Get the principal associated with the specified user.
        Specified by:
        getPrincipal in class RealmBase
        Parameters:
        username - The user name
        Returns:
        the Principal associated with the given user name.
      • getRoles

        protected java.util.ArrayList<java.lang.String> getRoles​(java.lang.String username)
        Deprecated.
        Return the roles associated with the given user name.
        Parameters:
        username - The user name
        Returns:
        an array list of the role names
      • open

        protected java.sql.Connection open()
                                    throws java.sql.SQLException
        Deprecated.
        Open (if necessary) and return a database connection for use by this Realm.
        Returns:
        the opened connection
        Throws:
        java.sql.SQLException - if a database error occurs
      • roles

        protected java.sql.PreparedStatement roles​(java.sql.Connection dbConnection,
                                                   java.lang.String username)
                                            throws java.sql.SQLException
        Deprecated.
        Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.
        Parameters:
        dbConnection - The database connection to be used
        username - Username for which roles should be retrieved
        Returns:
        the prepared statement
        Throws:
        java.sql.SQLException - if a database error occurs