Package org.apache.catalina

Examples of org.apache.catalina.Realm

213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
          return (AuthStatus.SEND_CONTINUE);
      }

      // Yes -- Validate the specified credentials and redirect
      // to the error page if they are not correct
      Realm realm = context.getRealm();
      String characterEncoding = request.getCharacterEncoding();
      if (characterEncoding != null) {
          try
         {
            request.setCharacterEncoding(characterEncoding);
         }
         catch (UnsupportedEncodingException e)
         {
            log.error(e.getLocalizedMessage(), e);
         }
      }
      String username = request.getParameter(Constants.FORM_USERNAME);
      String password = request.getParameter(Constants.FORM_PASSWORD);
      log.trace("Authenticating username '" + username + "'");
      principal = realm.authenticate(username, password);
      if (principal == null) {
          forwardToErrorPage(request, response, config);
          return (AuthStatus.FAILURE);
      }
View Full Code Here
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
           return (false);
        }

        // Yes -- Validate the specified credentials and redirect
        // to the error page if they are not correct
        Realm realm = context.getRealm();
        if (characterEncoding != null) {
            request.setCharacterEncoding(characterEncoding);
        }
        String username = request.getParameter(Constants.FORM_USERNAME);
        String password = request.getParameter(Constants.FORM_PASSWORD);
        if (log.isDebugEnabled())
            log.debug("Authenticating username '" + username + "'");
        principal = realm.authenticate(username, password);
        if (principal == null) {
           forwardToErrorPage(request, response, config);
           return (false);
        }
View Full Code Here
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
         if (trace)
            log.trace("Already authenticated '" + principal.getName() + "'");
         return true;
      }

      Realm realm = context.getRealm();
      Session session = request.getSessionInternal(true);

      String username = getUserId(request);
      String password = getSessionCookie(request);

      //Check if there is sso id as well as sessionkey
      if (username == null || password == null)
      {
         log.trace("Username is null or password(sessionkey) is null:fallback to form auth");
         return super.authenticate(request, response, config);
      }
      principal = realm.authenticate(username, password);

      if (principal == null)
      {
         forwardToErrorPage(request, response, config);
         return false;
View Full Code Here
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
   protected boolean authenticate(Request request,
                                           HttpServletResponse response,
                                           LoginConfig config)
       throws IOException
  
      Realm realm = context.getRealm();
      /**
       * You can get the userid/credential from the header
       */
      Session session = request.getSessionInternal(true);
      String username = request.getHeader("JBOSS_TEST_USER_NAME");
      String password = request.getHeader("JBOSS_TEST_CREDENTIAL");
      log.debug("Test UserName =" + username);
      log.debug("Test cred present?:" + (password != null));
      Principal principal = realm.authenticate(username,password);
      if(principal == null)
      {
         response.sendError(HttpServletResponse.SC_FORBIDDEN);
         return false;
      }
View Full Code Here
225
226
227
228
229
230
231
232
233
234
235
            org.jboss.resteasy.auth.oauth.OAuthConsumer consumer,
            OAuthToken accessToken)
    {
       
        Set<String> roles = oauthProvider.convertPermissionsToRoles(accessToken.getPermissions());
        Realm realm = new OAuthRealm(roles);
        context.setRealm(realm);
       
        final Principal principal = new GenericPrincipal(realm, consumer.getKey(), "", new ArrayList<String>(roles));
        ((Request)request).setUserPrincipal(principal);
        ((Request)request).setAuthType("OAuth");
View Full Code Here
266
267
268
269
270
271
272
273
274
275
     *
     * @param realm The new default realm
     */
    public void setRealm(Realm realm) {

        Realm oldRealm = this.realm;
        this.realm = realm;
        support.firePropertyChange("realm", oldRealm, this.realm);

    }
View Full Code Here
130
131
132
133
134
135
136
137
138
139
140
    /** Provide a default in case no explicit configuration is set
     *
     * @return configured realm, or a JAAS realm by default
     */
    public Realm getRealm() {
        Realm configured=super.getRealm();
        // If no set realm has been called - default to JAAS
        // This can be overriden at engine, context and host level 
        if( configured==null ) {
            configured=new JAASRealm();
            this.setRealm( configured );
View Full Code Here
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
        if (secHolder != null)
            securityRealmName = secHolder.getSecurityRealm();

        //Did we declare a GBean at the context level?
        if (ctx.getRealm() != null) {
            Realm realm = ctx.getRealm();

            //Allow for the <security-realm-name> override from the
            //geronimo-web.xml file to be used if our Realm is a JAAS type
            if (securityRealmName != null) {
                if (realm instanceof JAASRealm) {
                    ((JAASRealm) realm).setAppName(securityRealmName);
                }
            }
            anotherCtxObj.setRealm(realm);
        } else {
            Realm realm = host.getRealm();
            //Check and see if we have a declared realm name and no match to a parent name
            if (securityRealmName != null) {
                String parentRealmName = null;
                if (realm instanceof JAASRealm) {
                    parentRealmName = ((JAASRealm) realm).getAppName();
                }

                //Do we have a match to a parent?
                if (!securityRealmName.equals(parentRealmName)) {
                    //No...we need to create a default adapter

                    //Is the context requiring JACC?
                    if (secHolder.isSecurity()) {
                        //JACC
                        realm = new TomcatGeronimoRealm();
                    } else {
                        //JAAS
                        realm = new TomcatJAASRealm();
                    }

                    log.debug("The security-realm-name '" + securityRealmName +
                            "' was specified and a parent (Engine/Host) is not named the same or no RealmGBean was configured for this context. " +
                            "Creating a default " + realm.getClass().getName() +
                            " adapter for this context.");

                    ((JAASRealm) realm).setUserClassNames("org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
                    ((JAASRealm) realm).setRoleClassNames("org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal");
                    ((JAASRealm) realm).setAppName(securityRealmName);
View Full Code Here
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
        Wrapper wrapper = request.getMappingData().wrapper;
        if (wrapper != null) {
            wrapper.servletSecurityAnnotationScan();
        }

        Realm realm = this.context.getRealm();
        // Is this request URI subject to a security constraint?
        SecurityConstraint [] constraints
            = realm.findSecurityConstraints(request, this.context);

        if (constraints == null && !context.getPreemptiveAuthentication()) {
            if (log.isDebugEnabled()) {
                log.debug(" Not subject to any constraint");
            }
            getNext().invoke(request, response);
            return;
        }

        // Make sure that constrained resources are not cached by web proxies
        // or browsers as caching can provide a security hole
        if (constraints != null && disableProxyCaching &&
            !"POST".equalsIgnoreCase(request.getMethod())) {
            if (securePagesWithPragma) {
                // Note: These can cause problems with downloading files with IE
                response.setHeader("Pragma", "No-cache");
                response.setHeader("Cache-Control", "no-cache");
            } else {
                response.setHeader("Cache-Control", "private");
            }
            response.setHeader("Expires", DATE_ONE);
        }

        int i;
        if (constraints != null) {
            // Enforce any user data constraint for this security constraint
            if (log.isDebugEnabled()) {
                log.debug(" Calling hasUserDataPermission()");
            }
            if (!realm.hasUserDataPermission(request, response,
                                             constraints)) {
                if (log.isDebugEnabled()) {
                    log.debug(" Failed hasUserDataPermission() test");
                }
                /*
                 * ASSERT: Authenticator already set the appropriate
                 * HTTP status code, so we do not have to do anything special
                 */
                return;
            }
        }

        // Since authenticate modifies the response on failure,
        // we have to check for allow-from-all first.
        boolean authRequired;
        if (constraints == null) {
            authRequired = false;
        } else {
            authRequired = true;
            for(i=0; i < constraints.length && authRequired; i++) {
                if(!constraints[i].getAuthConstraint()) {
                    authRequired = false;
                    break;
                } else if(!constraints[i].getAllRoles() &&
                        !constraints[i].getAuthenticatedUsers()) {
                    String [] roles = constraints[i].findAuthRoles();
                    if(roles == null || roles.length == 0) {
                        authRequired = false;
                        break;
                    }
                }
            }
        }

        if (!authRequired && context.getPreemptiveAuthentication()) {
            authRequired =
                request.getCoyoteRequest().getMimeHeaders().getValue(
                        "authorization") != null;
        }

        if (!authRequired && context.getPreemptiveAuthentication()) {
            X509Certificate[] certs = (X509Certificate[]) request.getAttribute(
                    Globals.CERTIFICATES_ATTR);
            authRequired = certs != null && certs.length > 0;
        }

        if(authRequired) {
            if (log.isDebugEnabled()) {
                log.debug(" Calling authenticate()");
            }
            if (!authenticate(request, response)) {
                if (log.isDebugEnabled()) {
                    log.debug(" Failed authenticate() test");
                }
                /*
                 * ASSERT: Authenticator already set the appropriate
                 * HTTP status code, so we do not have to do anything
                 * special
                 */
                return;
            }

        }

        if (constraints != null) {
            if (log.isDebugEnabled()) {
                log.debug(" Calling accessControl()");
            }
            if (!realm.hasResourcePermission(request, response,
                                             constraints,
                                             this.context)) {
                if (log.isDebugEnabled()) {
                    log.debug(" Failed accessControl() test");
                }
View Full Code Here
671
672
673
674
675
676
677
678
679
680
681
        boolean reauthenticated = false;

        Container parent = getContainer();
        if (parent != null) {
            Realm realm = parent.getRealm();
            if (realm != null) {
                reauthenticated = sso.reauthenticate(ssoId, realm, request);
            }
        }
View Full Code Here
TOP

Related Classes of org.apache.catalina.Realm

  • com.sun.enterprise.ee.web.authenticator.HASingleSignOn
  • com.sun.enterprise.security.web.SingleSignOn
  • com.sun.enterprise.util.InvocationManagerImpl
  • com.sun.enterprise.web.WebContainer
  • com.sun.enterprise.web.WebModuleContextConfig
  • com.sun.enterprise.web.WebPipeline
  • com.sun.enterprise.webservice.WebServiceContextImpl
  • com.sun.web.server.J2EEInstanceListener
  • flex.messaging.security.TomcatValve$TomcatLoginImpl
  • flex.messaging.security.TomcatValve4150$TomcatLoginImpl
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.