All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.catalina.realm.UserDatabaseRealm Maven / Gradle / Ivy

There is a newer version: 7.0.39.2
Show newest version
/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 * 
 *      http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */


package org.apache.catalina.realm;


import java.security.Principal;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

import javax.naming.Context;

import org.apache.catalina.Group;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.Role;
import org.apache.catalina.ServerFactory;
import org.apache.catalina.User;
import org.apache.catalina.UserDatabase;
import org.apache.catalina.core.StandardServer;
import org.apache.catalina.util.StringManager;


/**
 * 

Implementation of {@link org.apache.catalina.Realm} that is based on an implementation of * {@link UserDatabase} made available through the global JNDI resources * configured for this instance of Catalina. Set the resourceName * parameter to the global JNDI resources name for the configured instance * of UserDatabase that we should consult.

* * @author Craig R. McClanahan * @version $Revision: 543691 $ $Date: 2007-06-02 09:37:08 +0800 (Sat, 02 Jun 2007) $ * @since 4.1 */ public class UserDatabaseRealm extends RealmBase { // ----------------------------------------------------- Instance Variables /** * The UserDatabase we will use to authenticate users * and identify associated roles. */ protected UserDatabase database = null; /** * Descriptive information about this Realm implementation. */ protected final String info = "org.apache.catalina.realm.UserDatabaseRealm/1.0"; /** * Descriptive information about this Realm implementation. */ protected static final String name = "UserDatabaseRealm"; /** * The global JNDI name of the UserDatabase resource * we will be utilizing. */ protected String resourceName = "UserDatabase"; /** * The string manager for this package. */ private static StringManager sm = StringManager.getManager(Constants.Package); // ------------------------------------------------------------- Properties /** * Return descriptive information about this Realm implementation and * the corresponding version number, in the format * <description>/<version>. */ public String getInfo() { return info; } /** * Return the global JNDI name of the UserDatabase resource * we will be using. */ public String getResourceName() { return resourceName; } /** * Set the global JNDI name of the UserDatabase resource * we will be using. * * @param resourceName The new global JNDI name */ public void setResourceName(String resourceName) { this.resourceName = resourceName; } // --------------------------------------------------------- Public Methods /** * Return true if the specified Principal has the specified * security role, within the context of this Realm; otherwise return * false. This implementation returns true * if the User has the role, or if any Group * that the User is a member of has the role. * * @param principal Principal for whom the role is to be checked * @param role Security role to be checked */ public boolean hasRole(Principal principal, String role) { if( principal instanceof GenericPrincipal) { GenericPrincipal gp = (GenericPrincipal)principal; if(gp.getUserPrincipal() instanceof User) { principal = gp.getUserPrincipal(); } } if(! (principal instanceof User) ) { //Play nice with SSO and mixed Realms return super.hasRole(principal, role); } if("*".equals(role)) { return true; } else if(role == null) { return false; } User user = (User)principal; Role dbrole = database.findRole(role); if(dbrole == null) { return false; } if(user.isInRole(dbrole)) { return true; } Iterator groups = user.getGroups(); while(groups.hasNext()) { Group group = (Group)groups.next(); if(group.isInRole(dbrole)) { return true; } } return false; } // ------------------------------------------------------ Protected Methods /** * Return a short name for this Realm implementation. */ protected String getName() { return (name); } /** * Return the password associated with the given principal's user name. */ protected String getPassword(String username) { User user = database.findUser(username); if (user == null) { return null; } return (user.getPassword()); } /** * Return the Principal associated with the given user name. */ protected Principal getPrincipal(String username) { User user = database.findUser(username); if(user == null) { return null; } List roles = new ArrayList(); Iterator uroles = user.getRoles(); while(uroles.hasNext()) { Role role = (Role)uroles.next(); roles.add(role.getName()); } Iterator groups = user.getGroups(); while(groups.hasNext()) { Group group = (Group)groups.next(); uroles = group.getRoles(); while(uroles.hasNext()) { Role role = (Role)uroles.next(); roles.add(role.getName()); } } return new GenericPrincipal(this, username, user.getPassword(), roles, user); } // ------------------------------------------------------ Lifecycle Methods /** * Prepare for active use of the public methods of this Component. * * @exception LifecycleException if this component detects a fatal error * that prevents it from being started */ public synchronized void start() throws LifecycleException { // Perform normal superclass initialization super.start(); try { StandardServer server = (StandardServer) ServerFactory.getServer(); Context context = server.getGlobalNamingContext(); database = (UserDatabase) context.lookup(resourceName); } catch (Throwable e) { containerLog.error(sm.getString("userDatabaseRealm.lookup", resourceName), e); database = null; } if (database == null) { throw new LifecycleException (sm.getString("userDatabaseRealm.noDatabase", resourceName)); } } /** * Gracefully shut down active use of the public methods of this Component. * * @exception LifecycleException if this component detects a fatal error * that needs to be reported */ public synchronized void stop() throws LifecycleException { // Perform normal superclass finalization super.stop(); // Release reference to our user database database = null; } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy