Package org.apache.catalina.realm

package org.apache.catalina.realm

This package contains Realm implementations for the various supported realm technologies for authenticating users and identifying their associated roles. The Realm that is associated with a web application's Context (or a hierarchically superior Container) is used to resolve authentication and role presence questions when a web application uses container managed security as described in the Servlet API Specification.

The implementations share a common base class that supports basic functionality for all of the standard Realm implementations.

  • Class
    This Realm is intended for use with Authenticator implementations (SSLAuthenticator, SpnegoAuthenticator) that authenticate the user as well as obtain the user credentials.
    Realm implementation that contains one or more realms.
    Implementation of Realm that works with any JDBC JNDI DataSource.
    Base implementation for the Tomcat provided CredentialHandlers.
    Generic implementation of that is available for use by Realm implementations.
    Implementation of the JAAS CallbackHandler interface, used to negotiate delivery of the username and credentials that were specified to our constructor.
    Implementation of the JAAS LoginModule interface, primarily for use in testing JAASRealm.
    Implementation of Realm that authenticates users via the Java Authentication and Authorization Service (JAAS).
    Will be removed in Tomcat 10 onwards.
    Implementation of Realm that works with a directory server accessed via the Java Naming and Directory Interface (JNDI) APIs.
    Class holding the connection to the directory plus the associated non thread safe message formats.
    A protected class representing a User
    This class extends the CombinedRealm (hence it can wrap other Realms) to provide a user lock out mechanism if there are too many failed authentication attempts in a given period of time.
    Simple implementation of Realm that reads an XML file to configure the valid users, passwords, and roles.
    RuleSet for recognizing the users defined in the XML file processed by MemoryRealm.
    This credential handler supports the following forms of stored passwords: encodedCredential - a hex encoded digest of the password digested using the configured digest {MD5}encodedCredential - a Base64 encoded MD5 digest of the password {SHA}encodedCredential - a Base64 encoded SHA1 digest of the password {SSHA}encodedCredential - 20 byte Base64 encoded SHA1 digest followed by variable length salt.
    Minimal Realm implementation that always returns null when an attempt is made to validate a user name and password.
    Simple implementation of Realm that reads an XML file to configure the valid users, passwords, and roles.
    Implementation of Realm that is based on an implementation of UserDatabase made available through the JNDI resources configured for this instance of Catalina.
    An X509UsernameRetriever that returns a certificate's entire SubjectDN as the username.
    Provides an interface for retrieving a user name from an X509Certificate.