org.apache.catalina.realm
Class CombinedRealm

java.lang.Object
  org.apache.catalina.realm.RealmBase
      org.apache.catalina.realm.CombinedRealm

All Implemented Interfaces:

javax.management.MBeanRegistration, Lifecycle, Realm

Direct Known Subclasses:

LockOutRealm

public class CombinedRealm
extends RealmBase

Realm implementation that contains one or more realms. Authentication is attempted for each realm in the order they were configured. If any realm authenticates the user then the authentication succeeds. When combining realms usernames should be unique across all combined realms.

sm

protected static StringManager sm

The string manager for this package.

realms

protected java.util.List<Realm> realms

The list of Realms contained by this Realm.

CombinedRealm

public CombinedRealm()

addRealm

public void addRealm(Realm theRealm)

Add a realm to the list of realms that will be used to authenticate users.

getRealms

public javax.management.ObjectName[] getRealms()

Return the set of Realms that this Realm is wrapping

authenticate

public java.security.Principal authenticate(java.lang.String username,
                                            byte[] credentials)

Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.

Specified by:

authenticate in interface Realm

Overrides:

authenticate in class RealmBase

Parameters:

username - Username of the Principal to look up

credentials - Password or other credentials to use in authenticating this username

authenticate

public java.security.Principal authenticate(java.lang.String username,
                                            java.lang.String clientDigest,
                                            java.lang.String once,
                                            java.lang.String nc,
                                            java.lang.String cnonce,
                                            java.lang.String qop,
                                            java.lang.String realmName,
                                            java.lang.String md5a2)

Return the Principal associated with the specified username, which matches the digest calculated using the given parameters using the method described in RFC 2069; otherwise return null.

Specified by:

authenticate in interface Realm

Overrides:

authenticate in class RealmBase

Parameters:

username - Username of the Principal to look up

clientDigest - Digest which has been submitted by the client

once - Unique (or supposedly unique) token which has been used for this request

realmName - Realm name

md5a2 - Second MD5 digest used to calculate the digest : MD5(Method + ":" + uri)

authenticate

public java.security.Principal authenticate(java.lang.String username,
                                            java.lang.String credentials)

Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.

Specified by:

authenticate in interface Realm

Overrides:

authenticate in class RealmBase

Parameters:

username - Username of the Principal to look up

credentials - Password or other credentials to use in authenticating this username

setContainer

public void setContainer(Container container)

Set the Container with which this Realm has been associated.

Specified by:

setContainer in interface Realm

Overrides:

setContainer in class RealmBase

Parameters:

container - The associated Container

start

public void start()
           throws LifecycleException

Prepare for the beginning of active use of the public methods of this component. This method should be called before any of the public methods of this component are utilized. It should also send a LifecycleEvent of type START_EVENT to any registered listeners.

Specified by:

start in interface Lifecycle

Overrides:

start in class RealmBase

Throws:

LifecycleException - if this component detects a fatal error that prevents this component from being used

stop

public void stop()
          throws LifecycleException

Gracefully terminate the active use of the public methods of this component. This method should be the last one called on a given instance of this component. It should also send a LifecycleEvent of type STOP_EVENT to any registered listeners.

Specified by:

stop in interface Lifecycle

Overrides:

stop in class RealmBase

Throws:

LifecycleException - if this component detects a fatal error that needs to be reported

backgroundProcess

public void backgroundProcess()

Delegate the backgroundProcess call to all sub-realms.

Specified by:

backgroundProcess in interface Realm

Overrides:

backgroundProcess in class RealmBase

authenticate

public java.security.Principal authenticate(java.security.cert.X509Certificate[] certs)

Return the Principal associated with the specified chain of X509 client certificates. If there is none, return null.

Specified by:

authenticate in interface Realm

Overrides:

authenticate in class RealmBase

Parameters:

certs - Array of client certificates, with the first one in the array being the certificate of the client itself.

getName

protected java.lang.String getName()

Description copied from class: RealmBase

Return a short name for this Realm implementation, for use in log messages.

Specified by:

getName in class RealmBase

getPassword

protected java.lang.String getPassword(java.lang.String username)

Description copied from class: RealmBase

Return the password associated with the given principal's user name.

Specified by:

getPassword in class RealmBase

getPrincipal

protected java.security.Principal getPrincipal(java.lang.String username)

Description copied from class: RealmBase

Return the Principal associated with the given user name.

Specified by:

getPrincipal in class RealmBase