Package org.apache.catalina.realm
package org.apache.catalina.realm
This package contains Realm
implementations for the
various supported realm technologies for authenticating users and
identifying their associated roles. The Realm
that is
associated with a web application's Context
(or a hierarchically
superior Container) is used to resolve authentication and role presence
questions when a web application uses container managed security as described
in the Servlet API Specification.
The implementations share a common base class that supports basic
functionality for all of the standard Realm
implementations.
-
ClassDescriptionThis Realm is intended for use with Authenticator implementations (
SSLAuthenticator
,SpnegoAuthenticator
) that authenticate the user as well as obtain the user credentials.Realm implementation that contains one or more realms.Implementation of Realm that works with any JDBC JNDI DataSource.Base implementation for the Tomcat providedCredentialHandler
s.Generic implementation of java.security.Principal that is available for use byRealm
implementations.Implementation of the JAASCallbackHandler
interface, used to negotiate delivery of the username and credentials that were specified to our constructor.Implementation of the JAAS LoginModule interface, primarily for use in testingJAASRealm
.Implementation of Realm that authenticates users via the Java Authentication and Authorization Service (JAAS).Deprecated.Will be removed in Tomcat 10 onwards.Implementation of Realm that works with a directory server accessed via the Java Naming and Directory Interface (JNDI) APIs.Class holding the connection to the directory plus the associated non thread safe message formats.A protected class representing a UserThis class extends the CombinedRealm (hence it can wrap other Realms) to provide a user lock out mechanism if there are too many failed authentication attempts in a given period of time.Simple implementation of Realm that reads an XML file to configure the valid users, passwords, and roles.RuleSet for recognizing the users defined in the XML file processed byMemoryRealm
.This credential handler supports the following forms of stored passwords: encodedCredential - a hex encoded digest of the password digested using the configured digest {MD5}encodedCredential - a Base64 encoded MD5 digest of the password {SHA}encodedCredential - a Base64 encoded SHA1 digest of the password {SSHA}encodedCredential - 20 byte Base64 encoded SHA1 digest followed by variable length salt.Minimal Realm implementation that always returns null when an attempt is made to validate a user name and password.Simple implementation of Realm that reads an XML file to configure the valid users, passwords, and roles.Implementation ofRealm
that is based on an implementation ofUserDatabase
made available through the JNDI resources configured for this instance of Catalina.An X509UsernameRetriever that returns a certificate's entire SubjectDN as the username.Provides an interface for retrieving a user name from an X509Certificate.