Prev Class | Next Class | Frames | No Frames |
Summary: Nested | Field | Method | Constr | Detail: Nested | Field | Method | Constr |
java.lang.Object
org.apache.catalina.valves.ValveBase
org.apache.catalina.authenticator.AuthenticatorBase
<security-constraint>
elements in the web application
deployment descriptor. This functionality is implemented as a Valve
so that it can be ommitted in environments that do not require these
features. Individual implementations of each supported authentication
method can subclass this base class as required.
USAGE CONSTRAINT: When this class is utilized, the Context to
which it is attached (or a parent Container in a hierarchy) must have an
associated Realm that can be used for authenticating users and enumerating
the roles to which they have been assigned.
USAGE CONSTRAINT: This Valve is only useful when processing HTTP
requests. Requests of any other type will simply be passed through.
Field Summary | |
protected static String |
|
protected static int |
|
protected String |
|
protected boolean |
|
protected Context |
|
protected int |
|
protected MessageDigest |
|
protected boolean |
|
protected String |
|
protected static String |
|
protected LifecycleSupport |
|
protected Random |
|
protected String |
|
protected static StringManager |
|
protected SingleSignOn |
|
protected boolean |
|
Fields inherited from class org.apache.catalina.valves.ValveBase | |
container , controller , debug , domain , info , mserver , oname , sm |
Fields inherited from interface org.apache.catalina.Lifecycle | |
AFTER_START_EVENT , AFTER_STOP_EVENT , BEFORE_START_EVENT , BEFORE_STOP_EVENT , START_EVENT , STOP_EVENT |
Method Summary | |
void |
|
protected void | |
protected boolean |
|
LifecycleListener[] |
|
protected String |
|
String |
|
boolean |
|
Container |
|
int |
|
protected MessageDigest |
|
boolean |
|
String |
|
String |
|
protected Random |
|
String |
|
protected Session |
|
protected Session |
|
void |
|
protected void |
|
protected void |
|
protected boolean |
|
protected void |
|
void |
|
void |
|
void |
|
void |
|
void |
|
void |
|
void |
|
void |
|
void |
|
void |
|
Methods inherited from class org.apache.catalina.valves.ValveBase | |
createObjectName , getContainer , getContainerName , getController , getDebug , getDomain , getInfo , getObjectName , getParentName , invoke , postDeregister , postRegister , preDeregister , preRegister , setContainer , setController , setDebug , setObjectName |
protected static final String DEFAULT_ALGORITHM
The default message digest algorithm to use if we cannot use the requested one.
protected static final int SESSION_ID_BYTES
The number of random bytes to include when generating a session identifier.
- Field Value:
- 16
protected String algorithm
The message digest algorithm to be used when generating session identifiers. This must be an algorithm supported by thejava.security.MessageDigest
class on your platform.
protected boolean cache
Should we cache authenticated Principals if the request is part of an HTTP session?
protected int debug
The debugging detail level for this component.
protected MessageDigest digest
Return the MessageDigest implementation to be used when creating session identifiers.
protected boolean disableProxyCaching
Flag to determine if we disable proxy caching, or leave the issue up to the webapp developer.
protected String entropy
A String initialization parameter used to increase the entropy of the initialization of our random number generator.
protected static final String info
Descriptive information about this implementation.
protected Random random
A random number generator to use when generating session identifiers.
protected String randomClass
The Java class name of the random number generator class to be used when generating session identifiers.
protected SingleSignOn sso
The SingleSignOn implementation in our request processing chain, if there is one.
protected boolean started
Has this component been started?
public void addLifecycleListener(LifecycleListener listener)
Add a lifecycle event listener to this component.
- Specified by:
- addLifecycleListener in interface Lifecycle
- Parameters:
listener
- The listener to add
protected void associate(String ssoId, Session session)
Associate the specified single sign on identifier with the specified Session.
- Parameters:
ssoId
- Single sign on identifiersession
- Session to be associated
protected boolean authenticate(HttpRequest request, HttpResponse response, LoginConfig config) throws IOException
Authenticate the user making this request, based on the specified login configuration. Returntrue
if any specified constraint has been satisfied, orfalse
if we have created a response challenge already.
- Parameters:
request
- Request we are processingresponse
- Response we are creatingconfig
- Login configuration describing how authentication should be performed
public LifecycleListener[] findLifecycleListeners()
Get the lifecycle listeners associated with this lifecycle. If this Lifecycle has no listeners registered, a zero-length array is returned.
- Specified by:
- findLifecycleListeners in interface Lifecycle
protected String generateSessionId()
Generate and return a new session identifier for the cookie that identifies an SSO principal.
public String getAlgorithm()
Return the message digest algorithm for this Manager.
public boolean getCache()
Return the cache authenticated Principals flag.
public Container getContainer()
Return the Container to which this Valve is attached.
- Specified by:
- getContainer in interface Contained
- Overrides:
- getContainer in interface ValveBase
public int getDebug()
Return the debugging detail level for this component.
- Overrides:
- getDebug in interface ValveBase
protected MessageDigest getDigest()
Return the MessageDigest object to be used for calculating session identifiers. If none has been created yet, initialize one the first time this method is called.
public boolean getDisableProxyCaching()
Return the flag that states if we add headers to disable caching by proxies.
public String getEntropy()
Return the entropy increaser value, or compute a semi-useful value if this String has not yet been set.
public String getInfo()
Return descriptive information about this Valve implementation.
- Overrides:
- getInfo in interface ValveBase
protected Random getRandom()
Return the random number generator instance we should use for generating session identifiers. If there is no such generator currently defined, construct and seed a new one.
public String getRandomClass()
Return the random number generator class name.
protected Session getSession(HttpRequest request)
Return the internal Session that is associated with this HttpRequest, ornull
if there is no such Session.
- Parameters:
request
- The HttpRequest we are processing
protected Session getSession(HttpRequest request, boolean create)
Return the internal Session that is associated with this HttpRequest, possibly creating a new one if necessary, ornull
if there is no such session and we did not create one.
- Parameters:
request
- The HttpRequest we are processingcreate
- Should we create a session if needed?
public void invoke(Request request, Response response, ValveContext context) throws IOException, ServletException
Enforce the security restrictions in the web application deployment descriptor of our associated Context.
- Overrides:
- invoke in interface ValveBase
- Parameters:
request
- Request to be processedresponse
- Response to be processedcontext
- The valve context used to invoke the next valve in the current processing pipeline
protected void log(String message)
Log a message on the Logger associated with our Container (if any).
- Parameters:
message
- Message to be logged
protected void log(String message, Throwable throwable)
Log a message on the Logger associated with our Container (if any).
- Parameters:
message
- Message to be loggedthrowable
- Associated exception
protected boolean reauthenticateFromSSO(String ssoId, HttpRequest request)
Attempts reauthentication to theRealm
using the credentials included in argumententry
.
- Parameters:
ssoId
- identifier of SingleSignOn session with which the caller is associatedrequest
- the request that needs to be authenticated
protected void register(HttpRequest request, HttpResponse response, Principal principal, String authType, String username, String password)
Register an authenticated Principal and authentication type in our request, in the current session (if there is one), and with our SingleSignOn valve, if there is one. Set the appropriate cookie to be returned.
- Parameters:
request
- The servlet request we are processingresponse
- The servlet response we are generatingprincipal
- The authenticated Principal to be registeredauthType
- The authentication type to be registeredusername
- Username used to authenticate (if any)password
- Password used to authenticate (if any)
public void removeLifecycleListener(LifecycleListener listener)
Remove a lifecycle event listener from this component.
- Specified by:
- removeLifecycleListener in interface Lifecycle
- Parameters:
listener
- The listener to remove
public void setAlgorithm(String algorithm)
Set the message digest algorithm for this Manager.
- Parameters:
algorithm
- The new message digest algorithm
public void setCache(boolean cache)
Set the cache authenticated Principals flag.
- Parameters:
cache
- The new cache flag
public void setContainer(Container container)
Set the Container to which this Valve is attached.
- Specified by:
- setContainer in interface Contained
- Overrides:
- setContainer in interface ValveBase
- Parameters:
container
- The container to which we are attached
public void setDebug(int debug)
Set the debugging detail level for this component.
- Overrides:
- setDebug in interface ValveBase
- Parameters:
debug
- The new debugging detail level
public void setDisableProxyCaching(boolean nocache)
Set the value of the flag that states if we add headers to disable caching by proxies.
- Parameters:
nocache
-true
if we add headers to disable proxy caching,false
if we leave the headers alone.
public void setEntropy(String entropy)
Set the entropy increaser value.
- Parameters:
entropy
- The new entropy increaser value
public void setRandomClass(String randomClass)
Set the random number generator class name.
- Parameters:
randomClass
- The new random number generator class name
public void start() throws LifecycleException
Prepare for the beginning of active use of the public methods of this component. This method should be called afterconfigure()
, and before any of the public methods of the component are utilized.
- Throws:
LifecycleException
- if this component detects a fatal error that prevents this component from being used
public void stop() throws LifecycleException
Gracefully terminate the active use of the public methods of this component. This method should be the last one called on a given instance of this component.
- Throws:
LifecycleException
- if this component detects a fatal error that needs to be reported