Home » apache-tomcat-6.0.26-src » org.apache » catalina » authenticator » [javadoc | source]
org.apache.catalina.authenticator
abstract public class: AuthenticatorBase [javadoc | source]
java.lang.Object
   org.apache.catalina.valves.ValveBase
      org.apache.catalina.authenticator.AuthenticatorBase

All Implemented Interfaces:
    Authenticator, Lifecycle, Valve, MBeanRegistration, Contained

Direct Known Subclasses:
    BasicAuthenticator, SSLAuthenticator, FormAuthenticator, DigestAuthenticator, NonLoginAuthenticator

Basic implementation of the Valve interface that enforces the <security-constraint> elements in the web application deployment descriptor. This functionality is implemented as a Valve so that it can be ommitted in environments that do not require these features. Individual implementations of each supported authentication method can subclass this base class as required.

USAGE CONSTRAINT: When this class is utilized, the Context to which it is attached (or a parent Container in a hierarchy) must have an associated Realm that can be used for authenticating users and enumerating the roles to which they have been assigned.

USAGE CONSTRAINT: This Valve is only useful when processing HTTP requests. Requests of any other type will simply be passed through.

Field Summary
protected static final  String DEFAULT_ALGORITHM    The default message digest algorithm to use if we cannot use the requested one. 
protected static final  int SESSION_ID_BYTES    The number of random bytes to include when generating a session identifier. 
protected  String algorithm    The message digest algorithm to be used when generating session identifiers. This must be an algorithm supported by the java.security.MessageDigest class on your platform. 
protected  boolean cache    Should we cache authenticated Principals if the request is part of an HTTP session? 
protected  boolean changeSessionIdOnAuthentication    Should the session ID, if any, be changed upon a successful authentication to prevent a session fixation attack? 
protected  Context context    The Context to which this Valve is attached. 
protected  MessageDigest digest    Return the MessageDigest implementation to be used when creating session identifiers. 
protected  String entropy    A String initialization parameter used to increase the entropy of the initialization of our random number generator. 
protected static final  String info    Descriptive information about this implementation. 
protected  boolean disableProxyCaching    Flag to determine if we disable proxy caching, or leave the issue up to the webapp developer. 
protected  boolean securePagesWithPragma    Flag to determine if we disable proxy caching with headers incompatible with IE 
protected  LifecycleSupport lifecycle    The lifecycle event support for this component. 
protected  Random random    A random number generator to use when generating session identifiers. 
protected  String randomClass    The Java class name of the random number generator class to be used when generating session identifiers. 
protected static final  StringManager sm    The string manager for this package. 
protected  SingleSignOn sso    The SingleSignOn implementation in our request processing chain, if there is one. 
protected  boolean started    Has this component been started? 
Fields inherited from org.apache.catalina.valves.ValveBase:
container,  containerLog,  info,  next,  sm,  domain,  oname,  mserver,  controller
Method from org.apache.catalina.authenticator.AuthenticatorBase Summary:
addLifecycleListener,   associate,   authenticate,   findLifecycleListeners,   generateSessionId,   getAlgorithm,   getCache,   getChangeSessionIdOnAuthentication,   getContainer,   getDigest,   getDisableProxyCaching,   getEntropy,   getInfo,   getRandom,   getRandomClass,   getSecurePagesWithPragma,   invoke,   reauthenticateFromSSO,   register,   removeLifecycleListener,   setAlgorithm,   setCache,   setChangeSessionIdOnAuthentication,   setContainer,   setDisableProxyCaching,   setEntropy,   setRandomClass,   setSecurePagesWithPragma,   start,   stop
Methods from org.apache.catalina.valves.ValveBase:
backgroundProcess,   createObjectName,   event,   getContainer,   getContainerName,   getController,   getDomain,   getInfo,   getNext,   getObjectName,   getParentName,   invoke,   postDeregister,   postRegister,   preDeregister,   preRegister,   setContainer,   setController,   setNext,   setObjectName,   toString
Methods from java.lang.Object:
clone,   equals,   finalize,   getClass,   hashCode,   notify,   notifyAll,   toString,   wait,   wait,   wait
Method from org.apache.catalina.authenticator.AuthenticatorBase Detail:
 public  void addLifecycleListener(LifecycleListener listener) 
    Add a lifecycle event listener to this component.
 protected  void associate(String ssoId,
    Session session) 
    Associate the specified single sign on identifier with the specified Session.
 abstract protected boolean authenticate(Request request,
    Response response,
    LoginConfig config) throws IOException
    Authenticate the user making this request, based on the specified login configuration. Return true if any specified constraint has been satisfied, or false if we have created a response challenge already.
 public LifecycleListener[] findLifecycleListeners() 
    Get the lifecycle listeners associated with this lifecycle. If this Lifecycle has no listeners registered, a zero-length array is returned.
 protected synchronized String generateSessionId() 
    Generate and return a new session identifier for the cookie that identifies an SSO principal.
 public String getAlgorithm() 
    Return the message digest algorithm for this Manager.
 public boolean getCache() 
    Return the cache authenticated Principals flag.
 public boolean getChangeSessionIdOnAuthentication() 
    Return the flag that states if we should change the session ID of an existing session upon successful authentication.
 public Container getContainer() 
    Return the Container to which this Valve is attached.
 protected synchronized MessageDigest getDigest() 
    Return the MessageDigest object to be used for calculating session identifiers. If none has been created yet, initialize one the first time this method is called.
 public boolean getDisableProxyCaching() 
    Return the flag that states if we add headers to disable caching by proxies.
 public String getEntropy() 
    Return the entropy increaser value, or compute a semi-useful value if this String has not yet been set.
 public String getInfo() 
    Return descriptive information about this Valve implementation.
 protected synchronized Random getRandom() 
    Return the random number generator instance we should use for generating session identifiers. If there is no such generator currently defined, construct and seed a new one.
 public String getRandomClass() 
    Return the random number generator class name.
 public boolean getSecurePagesWithPragma() 
    Return the flag that states, if proxy caching is disabled, what headers we add to disable the caching.
 public  void invoke(Request request,
    Response response) throws IOException, ServletException 
    Enforce the security restrictions in the web application deployment descriptor of our associated Context.
 protected boolean reauthenticateFromSSO(String ssoId,
    Request request) 
    Attempts reauthentication to the Realm using the credentials included in argument entry.
 protected  void register(Request request,
    Response response,
    Principal principal,
    String authType,
    String username,
    String password) 
    Register an authenticated Principal and authentication type in our request, in the current session (if there is one), and with our SingleSignOn valve, if there is one. Set the appropriate cookie to be returned.
 public  void removeLifecycleListener(LifecycleListener listener) 
    Remove a lifecycle event listener from this component.
 public  void setAlgorithm(String algorithm) 
    Set the message digest algorithm for this Manager.
 public  void setCache(boolean cache) 
    Set the cache authenticated Principals flag.
 public  void setChangeSessionIdOnAuthentication(boolean changeSessionIdOnAuthentication) 
    Set the value of the flag that states if we should change the session ID of an existing session upon successful authentication.
 public  void setContainer(Container container) 
    Set the Container to which this Valve is attached.
 public  void setDisableProxyCaching(boolean nocache) 
    Set the value of the flag that states if we add headers to disable caching by proxies.
 public  void setEntropy(String entropy) 
    Set the entropy increaser value.
 public  void setRandomClass(String randomClass) 
    Set the random number generator class name.
 public  void setSecurePagesWithPragma(boolean securePagesWithPragma) 
    Set the value of the flag that states what headers we add to disable proxy caching.
 public  void start() throws LifecycleException 
    Prepare for the beginning of active use of the public methods of this component. This method should be called after configure(), and before any of the public methods of the component are utilized.
 public  void stop() throws LifecycleException 
    Gracefully terminate the active use of the public methods of this component. This method should be the last one called on a given instance of this component.