FileDocCategorySizeDatePackage
UserDatabaseRealm.javaAPI DocApache Tomcat 6.0.148470Fri Jul 20 04:20:34 BST 2007org.apache.catalina.realm

UserDatabaseRealm

public class UserDatabaseRealm extends RealmBase

Implementation of {@link org.apache.catalina.Realm} that is based on an implementation of {@link UserDatabase} made available through the global JNDI resources configured for this instance of Catalina. Set the resourceName parameter to the global JNDI resources name for the configured instance of UserDatabase that we should consult.

author
Craig R. McClanahan
version
$Revision: 543691 $ $Date: 2007-06-02 03:37:08 +0200 (sam., 02 juin 2007) $
since
4.1

Fields Summary
protected org.apache.catalina.UserDatabase
database
The UserDatabase we will use to authenticate users and identify associated roles.
protected final String
info
Descriptive information about this Realm implementation.
protected static final String
name
Descriptive information about this Realm implementation.
protected String
resourceName
The global JNDI name of the UserDatabase resource we will be utilizing.
private static org.apache.catalina.util.StringManager
sm
The string manager for this package.
Constructors Summary
Methods Summary
public java.lang.StringgetInfo()
Return descriptive information about this Realm implementation and the corresponding version number, in the format <description>/<version>.



    // ------------------------------------------------------------- Properties


                         
       

        return info;

    
protected java.lang.StringgetName()
Return a short name for this Realm implementation.


        return (name);

    
protected java.lang.StringgetPassword(java.lang.String username)
Return the password associated with the given principal's user name.


        User user = database.findUser(username);

        if (user == null) {
            return null;
        } 

        return (user.getPassword());

    
protected java.security.PrincipalgetPrincipal(java.lang.String username)
Return the Principal associated with the given user name.


        User user = database.findUser(username);
        if(user == null) {
            return null;
        }

        List<String> roles = new ArrayList<String>();
        Iterator uroles = user.getRoles();
        while(uroles.hasNext()) {
            Role role = (Role)uroles.next();
            roles.add(role.getName());
        }
        Iterator groups = user.getGroups();
        while(groups.hasNext()) {
            Group group = (Group)groups.next();
            uroles = group.getRoles();
            while(uroles.hasNext()) {
                Role role = (Role)uroles.next();
                roles.add(role.getName());
            }
        }
        return new GenericPrincipal(this, username, user.getPassword(), roles, user);
    
public java.lang.StringgetResourceName()
Return the global JNDI name of the UserDatabase resource we will be using.


        return resourceName;

    
public booleanhasRole(java.security.Principal principal, java.lang.String role)
Return true if the specified Principal has the specified security role, within the context of this Realm; otherwise return false. This implementation returns true if the User has the role, or if any Group that the User is a member of has the role.

param
principal Principal for whom the role is to be checked
param
role Security role to be checked

        if( principal instanceof GenericPrincipal) {
            GenericPrincipal gp = (GenericPrincipal)principal;
            if(gp.getUserPrincipal() instanceof User) {
                principal = gp.getUserPrincipal();
            }
        }
        if(! (principal instanceof User) ) {
            //Play nice with SSO and mixed Realms
            return super.hasRole(principal, role);
        }
        if("*".equals(role)) {
            return true;
        } else if(role == null) {
            return false;
        }
        User user = (User)principal;
        Role dbrole = database.findRole(role);
        if(dbrole == null) {
            return false; 
        }
        if(user.isInRole(dbrole)) {
            return true;
        }
        Iterator groups = user.getGroups();
        while(groups.hasNext()) {
            Group group = (Group)groups.next();
            if(group.isInRole(dbrole)) {
                return true;
            }
        }
        return false;
    
public voidsetResourceName(java.lang.String resourceName)
Set the global JNDI name of the UserDatabase resource we will be using.

param
resourceName The new global JNDI name


        this.resourceName = resourceName;

    
public synchronized voidstart()
Prepare for active use of the public methods of this Component.

exception
LifecycleException if this component detects a fatal error that prevents it from being started


        // Perform normal superclass initialization
        super.start();

        try {
            StandardServer server = (StandardServer) ServerFactory.getServer();
            Context context = server.getGlobalNamingContext();
            database = (UserDatabase) context.lookup(resourceName);
        } catch (Throwable e) {
            containerLog.error(sm.getString("userDatabaseRealm.lookup",
                                            resourceName),
                               e);
            database = null;
        }
        if (database == null) {
            throw new LifecycleException
                (sm.getString("userDatabaseRealm.noDatabase", resourceName));
        }

    
public synchronized voidstop()
Gracefully shut down active use of the public methods of this Component.

exception
LifecycleException if this component detects a fatal error that needs to be reported


        // Perform normal superclass finalization
        super.stop();

        // Release reference to our user database
        database = null;