Save This Page
Home » glassfish-v2ur2-b04-src » org.apache » catalina » [javadoc | source]
org.apache.catalina
public interface: Realm [javadoc | source]

All Known Implementing Classes:
    JNDIRealm, MemoryRealm, JDBCRealm, RealmAdapter, UserDatabaseRealm, DataSourceRealm, JAASMemoryLoginModule, RealmBase, JAASRealm

A Realm is a read-only facade for an underlying security realm used to authenticate individual users, and identify the security roles associated with those users. Realms can be attached at any Container level, but will typically only be attached to a Context, or higher level, Container.
Field Summary
public static final  int AUTHENTICATE_NEEDED    Flag indicating authentication is needed for current request. Used by preAuthenticateCheck method. 
public static final  int AUTHENTICATE_NOT_NEEDED    Flag indicating authentication is not needed for current request. Used by preAuthenticateCheck method. 
public static final  int AUTHENTICATED_NOT_AUTHORIZED    Flag indicating the user has been authenticated but been denied access to the requested resource. 
Method from org.apache.catalina.Realm Summary:
addPropertyChangeListener,   authenticate,   authenticate,   authenticate,   authenticate,   findSecurityConstraints,   getAlternateAuthType,   getAlternatePrincipal,   getContainer,   getInfo,   getRealmName,   hasResourcePermission,   hasRole,   hasRole,   hasUserDataPermission,   invokeAuthenticateDelegate,   invokePostAuthenticateDelegate,   preAuthenticateCheck,   removePropertyChangeListener,   setContainer,   setRealmName
Method from org.apache.catalina.Realm Detail:
 public  void addPropertyChangeListener(PropertyChangeListener listener)
    Add a property change listener to this component.
 public Principal authenticate(X509Certificate[] certs)
    Return the Principal associated with the specified chain of X509
client certificates. If there is none, return null.
 public Principal authenticate(String username,
    String credentials)
    Return the Principal associated with the specified username and
credentials, if there is one; otherwise return null.
 public Principal authenticate(String username,
    byte[] credentials)
    Return the Principal associated with the specified username and
credentials, if there is one; otherwise return null.
 public Principal authenticate(String username,
    String digest,
    String nonce,
    String nc,
    String cnonce,
    String qop,
    String realm,
    String md5a2)
    Return the Principal associated with the specified username, which
matches the digest calculated using the given parameters using the
method described in RFC 2069; otherwise return null.
 public SecurityConstraint[] findSecurityConstraints(HttpRequest request,
    Context context)
    Return the SecurityConstraints configured to guard the request URI for
this request, or null if there is no such constraint.
 public String getAlternateAuthType(HttpRequest req)
    Return an alternate auth type from the request if available.
 public Principal getAlternatePrincipal(HttpRequest req)
    Return an alternate principal from the request if available.
 public Container getContainer()
    Return the Container with which this Realm has been associated.
 public String getInfo()
    Return descriptive information about this Realm implementation and
the corresponding version number, in the format
<description>/<version>.
 public String getRealmName()
    Returns the name of the associated realm.
 public boolean hasResourcePermission(HttpRequest request,
    HttpResponse response,
    SecurityConstraint[] constraint,
    Context context) throws IOException
    Perform access control based on the specified authorization constraint.
Return true if this constraint is satisfied and processing
should continue, or false otherwise.
 public boolean hasRole(Principal principal,
    String role)
    Return true if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false.
 public boolean hasRole(HttpRequest request,
    HttpResponse response,
    Principal principal,
    String role)
    Return true if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false.
 public boolean hasUserDataPermission(HttpRequest request,
    HttpResponse response,
    SecurityConstraint[] constraint) throws IOException
    Enforce any user data constraint required by the security constraint
guarding this request URI. Return true if this constraint
was not violated and processing should continue, or false
if we have created a response already.
 public boolean invokeAuthenticateDelegate(HttpRequest request,
    HttpResponse response,
    Context context,
    Authenticator authenticator) throws IOException
    Authenticates the user making this request, based on the specified
login configuration. Return true if any specified
requirements have been satisfied, or false if we have
created a response challenge already.
 public boolean invokePostAuthenticateDelegate(HttpRequest request,
    HttpResponse response,
    Context context) throws IOException
    Post authentication for given request and response.
 public int preAuthenticateCheck(HttpRequest request,
    HttpResponse response,
    SecurityConstraint[] constraints,
    boolean disableProxyCaching,
    boolean securePagesWithPragma,
    boolean ssoEnabled) throws IOException
    Checks whether or not authentication is needed.
Returns an int, one of AUTHENTICATE_NOT_NEEDED, AUTHENTICATE_NEEDED,
or AUTHENTICATED_NOT_AUTHORIZED.
 public  void removePropertyChangeListener(PropertyChangeListener listener)
    Remove a property change listener from this component.
 public  void setContainer(Container container)
    Set the Container with which this Realm has been associated.
 public  void setRealmName(String name,
    String authMethod)
    Set the name of the associated realm.