Class JDBCRealm

All Implemented Interfaces:
MBeanRegistration, Contained, JmxEnabled, Lifecycle, Realm

@Deprecated public class JDBCRealm extends RealmBase
Deprecated.
Will be removed in Tomcat 10 onwards. Use the DataSourceRealm instead.
Implementation of Realm that works with any JDBC supported database. See the JDBCRealm.howto for more details on how to set up the database and for configuration options.

For a Realm implementation that supports connection pooling and doesn't require synchronisation of authenticate(), getPassword(), roles() and getPrincipal() or the ugly connection logic use the DataSourceRealm.

Author:
Craig R. McClanahan, Carson McDonald, Ignacio Ortega
  • Field Details

    • connectionName

      protected String connectionName
      Deprecated.
      The connection username to use when trying to connect to the database.
    • connectionPassword

      protected String connectionPassword
      Deprecated.
      The connection URL to use when trying to connect to the database.
    • connectionURL

      protected String connectionURL
      Deprecated.
      The connection URL to use when trying to connect to the database.
    • dbConnection

      protected Connection dbConnection
      Deprecated.
      The connection to the database.
    • driver

      protected Driver driver
      Deprecated.
      Instance of the JDBC Driver class we use as a connection factory.
    • driverName

      protected String driverName
      Deprecated.
      The JDBC driver to use.
    • preparedCredentials

      protected PreparedStatement preparedCredentials
      Deprecated.
      The PreparedStatement to use for authenticating users.
    • preparedRoles

      protected PreparedStatement preparedRoles
      Deprecated.
      The PreparedStatement to use for identifying the roles for a specified user.
    • roleNameCol

      protected String roleNameCol
      Deprecated.
      The column in the user role table that names a role
    • userCredCol

      protected String userCredCol
      Deprecated.
      The column in the user table that holds the user's credentials
    • userNameCol

      protected String userNameCol
      Deprecated.
      The column in the user table that holds the user's name
    • userRoleTable

      protected String userRoleTable
      Deprecated.
      The table that holds the relation between user's and roles
    • userTable

      protected String userTable
      Deprecated.
      The table that holds user data.
  • Constructor Details

    • JDBCRealm

      public JDBCRealm()
      Deprecated.
  • Method Details

    • getConnectionName

      public String getConnectionName()
      Deprecated.
      Returns:
      the username to use to connect to the database.
    • setConnectionName

      public void setConnectionName(String connectionName)
      Deprecated.
      Set the username to use to connect to the database.
      Parameters:
      connectionName - Username
    • getConnectionPassword

      public String getConnectionPassword()
      Deprecated.
      Returns:
      the password to use to connect to the database.
    • setConnectionPassword

      public void setConnectionPassword(String connectionPassword)
      Deprecated.
      Set the password to use to connect to the database.
      Parameters:
      connectionPassword - User password
    • getConnectionURL

      public String getConnectionURL()
      Deprecated.
      Returns:
      the URL to use to connect to the database.
    • setConnectionURL

      public void setConnectionURL(String connectionURL)
      Deprecated.
      Set the URL to use to connect to the database.
      Parameters:
      connectionURL - The new connection URL
    • getDriverName

      public String getDriverName()
      Deprecated.
      Returns:
      the JDBC driver that will be used.
    • setDriverName

      public void setDriverName(String driverName)
      Deprecated.
      Set the JDBC driver that will be used.
      Parameters:
      driverName - The driver name
    • getRoleNameCol

      public String getRoleNameCol()
      Deprecated.
      Returns:
      the column in the user role table that names a role.
    • setRoleNameCol

      public void setRoleNameCol(String roleNameCol)
      Deprecated.
      Set the column in the user role table that names a role.
      Parameters:
      roleNameCol - The column name
    • getUserCredCol

      public String getUserCredCol()
      Deprecated.
      Returns:
      the column in the user table that holds the user's credentials.
    • setUserCredCol

      public void setUserCredCol(String userCredCol)
      Deprecated.
      Set the column in the user table that holds the user's credentials.
      Parameters:
      userCredCol - The column name
    • getUserNameCol

      public String getUserNameCol()
      Deprecated.
      Returns:
      the column in the user table that holds the user's name.
    • setUserNameCol

      public void setUserNameCol(String userNameCol)
      Deprecated.
      Set the column in the user table that holds the user's name.
      Parameters:
      userNameCol - The column name
    • getUserRoleTable

      public String getUserRoleTable()
      Deprecated.
      Returns:
      the table that holds the relation between user's and roles.
    • setUserRoleTable

      public void setUserRoleTable(String userRoleTable)
      Deprecated.
      Set the table that holds the relation between user's and roles.
      Parameters:
      userRoleTable - The table name
    • getUserTable

      public String getUserTable()
      Deprecated.
      Returns:
      the table that holds user data..
    • setUserTable

      public void setUserTable(String userTable)
      Deprecated.
      Set the table that holds user data.
      Parameters:
      userTable - The table name
    • authenticate

      public Principal authenticate(String username, String credentials)
      Deprecated.
      Return the Principal associated with the specified username and credentials, if there is one; otherwise return null. If there are any errors with the JDBC connection, executing the query or anything we return null (don't authenticate). This event is also logged, and the connection will be closed so that a subsequent request will automatically re-open it.
      Specified by:
      authenticate in interface Realm
      Overrides:
      authenticate in class RealmBase
      Parameters:
      username - Username of the Principal to look up
      credentials - Password or other credentials to use in authenticating this username
      Returns:
      the associated principal, or null if there is none.
    • authenticate

      public Principal authenticate(Connection dbConnection, String username, String credentials)
      Deprecated.
      Attempt to authenticate the user with the provided credentials.
      Parameters:
      dbConnection - The database connection to be used
      username - Username of the Principal to look up
      credentials - Password or other credentials to use in authenticating this username
      Returns:
      Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.
    • isAvailable

      public boolean isAvailable()
      Deprecated.
      Description copied from interface: Realm
      Return the availability of the realm for authentication.
      Returns:
      true if the realm is able to perform authentication
    • close

      protected void close(Connection dbConnection)
      Deprecated.
      Close the specified database connection.
      Parameters:
      dbConnection - The connection to be closed
    • credentials

      protected PreparedStatement credentials(Connection dbConnection, String username) throws SQLException
      Deprecated.
      Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.
      Parameters:
      dbConnection - The database connection to be used
      username - Username for which credentials should be retrieved
      Returns:
      the prepared statement
      Throws:
      SQLException - if a database error occurs
    • getPassword

      protected String getPassword(String username)
      Deprecated.
      Get the password for the specified user.
      Specified by:
      getPassword in class RealmBase
      Parameters:
      username - The user name
      Returns:
      the password associated with the given principal's user name.
    • getPrincipal

      protected Principal getPrincipal(String username)
      Deprecated.
      Get the principal associated with the specified user.
      Specified by:
      getPrincipal in class RealmBase
      Parameters:
      username - The user name
      Returns:
      the Principal associated with the given user name.
    • getRoles

      protected ArrayList<String> getRoles(String username)
      Deprecated.
      Return the roles associated with the given user name.
      Parameters:
      username - The user name
      Returns:
      an array list of the role names
    • open

      protected Connection open() throws SQLException
      Deprecated.
      Open (if necessary) and return a database connection for use by this Realm.
      Returns:
      the opened connection
      Throws:
      SQLException - if a database error occurs
    • roles

      protected PreparedStatement roles(Connection dbConnection, String username) throws SQLException
      Deprecated.
      Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.
      Parameters:
      dbConnection - The database connection to be used
      username - Username for which roles should be retrieved
      Returns:
      the prepared statement
      Throws:
      SQLException - if a database error occurs
    • startInternal

      protected void startInternal() throws LifecycleException
      Deprecated.
      Prepare for the beginning of active use of the public methods of this component and implement the requirements of LifecycleBase.startInternal().
      Overrides:
      startInternal in class RealmBase
      Throws:
      LifecycleException - if this component detects a fatal error that prevents this component from being used
    • stopInternal

      protected void stopInternal() throws LifecycleException
      Deprecated.
      Gracefully terminate the active use of the public methods of this component and implement the requirements of LifecycleBase.stopInternal().
      Overrides:
      stopInternal in class RealmBase
      Throws:
      LifecycleException - if this component detects a fatal error that needs to be reported