Package org.apache.catalina.realm
Class JDBCRealm
- java.lang.Object
-
- org.apache.catalina.util.LifecycleBase
-
- org.apache.catalina.util.LifecycleMBeanBase
-
- org.apache.catalina.realm.RealmBase
-
- org.apache.catalina.realm.JDBCRealm
-
- All Implemented Interfaces:
MBeanRegistration,Contained,GSSRealm,JmxEnabled,Lifecycle,Realm
@Deprecated public class JDBCRealm extends RealmBase
Deprecated.Will be removed in Tomcat 10 onwards. Use the DataSourceRealm instead.Implementation of Realm that works with any JDBC supported database. See the JDBCRealm.howto for more details on how to set up the database and for configuration options.For a Realm implementation that supports connection pooling and doesn't require synchronisation of
authenticate(),getPassword(),roles()andgetPrincipal()or the ugly connection logic use theDataSourceRealm.- Author:
- Craig R. McClanahan, Carson McDonald, Ignacio Ortega
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase
RealmBase.AllRolesMode
-
Nested classes/interfaces inherited from interface org.apache.catalina.Lifecycle
Lifecycle.SingleUse
-
-
Field Summary
Fields Modifier and Type Field Description protected StringconnectionNameDeprecated.The connection username to use when trying to connect to the database.protected StringconnectionPasswordDeprecated.The connection URL to use when trying to connect to the database.protected StringconnectionURLDeprecated.The connection URL to use when trying to connect to the database.protected ConnectiondbConnectionDeprecated.The connection to the database.protected DriverdriverDeprecated.Instance of the JDBC Driver class we use as a connection factory.protected StringdriverNameDeprecated.The JDBC driver to use.protected static StringnameDeprecated.This will be removed in Tomcat 9 onwards.protected PreparedStatementpreparedCredentialsDeprecated.The PreparedStatement to use for authenticating users.protected PreparedStatementpreparedRolesDeprecated.The PreparedStatement to use for identifying the roles for a specified user.protected StringroleNameColDeprecated.The column in the user role table that names a roleprotected StringuserCredColDeprecated.The column in the user table that holds the user's credentialsprotected StringuserNameColDeprecated.The column in the user table that holds the user's nameprotected StringuserRoleTableDeprecated.The table that holds the relation between user's and rolesprotected StringuserTableDeprecated.The table that holds user data.-
Fields inherited from class org.apache.catalina.realm.RealmBase
allRolesMode, container, containerLog, realmPath, sm, stripRealmForGss, support, validate, x509UsernameRetriever, x509UsernameRetrieverClassName
-
Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase
mserver
-
Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
-
-
Constructor Summary
Constructors Constructor Description JDBCRealm()Deprecated.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description Principalauthenticate(String username, String credentials)Deprecated.Return the Principal associated with the specified username and credentials, if there is one; otherwise returnnull.Principalauthenticate(Connection dbConnection, String username, String credentials)Deprecated.Attempt to authenticate the user with the provided credentials.protected voidclose(Connection dbConnection)Deprecated.Close the specified database connection.protected PreparedStatementcredentials(Connection dbConnection, String username)Deprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.StringgetConnectionName()Deprecated.StringgetConnectionPassword()Deprecated.StringgetConnectionURL()Deprecated.StringgetDriverName()Deprecated.protected StringgetName()Deprecated.protected StringgetPassword(String username)Deprecated.Get the password for the specified user.protected PrincipalgetPrincipal(String username)Deprecated.Get the principal associated with the specified user.StringgetRoleNameCol()Deprecated.protected ArrayList<String>getRoles(String username)Deprecated.Return the roles associated with the given user name.StringgetUserCredCol()Deprecated.StringgetUserNameCol()Deprecated.StringgetUserRoleTable()Deprecated.StringgetUserTable()Deprecated.booleanisAvailable()Deprecated.Return the availability of the realm for authentication.protected Connectionopen()Deprecated.Open (if necessary) and return a database connection for use by this Realm.protected PreparedStatementroles(Connection dbConnection, String username)Deprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.voidsetConnectionName(String connectionName)Deprecated.Set the username to use to connect to the database.voidsetConnectionPassword(String connectionPassword)Deprecated.Set the password to use to connect to the database.voidsetConnectionURL(String connectionURL)Deprecated.Set the URL to use to connect to the database.voidsetDriverName(String driverName)Deprecated.Set the JDBC driver that will be used.voidsetRoleNameCol(String roleNameCol)Deprecated.Set the column in the user role table that names a role.voidsetUserCredCol(String userCredCol)Deprecated.Set the column in the user table that holds the user's credentials.voidsetUserNameCol(String userNameCol)Deprecated.Set the column in the user table that holds the user's name.voidsetUserRoleTable(String userRoleTable)Deprecated.Set the table that holds the relation between user's and roles.voidsetUserTable(String userTable)Deprecated.Set the table that holds user data.protected voidstartInternal()Deprecated.Prepare for the beginning of active use of the public methods of this component and implement the requirements ofLifecycleBase.startInternal().protected voidstopInternal()Deprecated.Gracefully terminate the active use of the public methods of this component and implement the requirements ofLifecycleBase.stopInternal().-
Methods inherited from class org.apache.catalina.realm.RealmBase
addPropertyChangeListener, authenticate, authenticate, authenticate, authenticate, authenticate, backgroundProcess, Digest, findSecurityConstraints, getAllRolesMode, getContainer, getCredentialHandler, getDigest, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getRoles, getServer, getTransportGuaranteeRedirectStatus, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasRoleInternal, hasUserDataPermission, initInternal, isStripRealmForGss, main, removePropertyChangeListener, setAllRolesMode, setContainer, setCredentialHandler, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setValidate, setX509UsernameRetrieverClassName, toString
-
Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister
-
Methods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
-
-
-
-
Field Detail
-
connectionName
protected String connectionName
Deprecated.The connection username to use when trying to connect to the database.
-
connectionPassword
protected String connectionPassword
Deprecated.The connection URL to use when trying to connect to the database.
-
connectionURL
protected String connectionURL
Deprecated.The connection URL to use when trying to connect to the database.
-
dbConnection
protected Connection dbConnection
Deprecated.The connection to the database.
-
driver
protected Driver driver
Deprecated.Instance of the JDBC Driver class we use as a connection factory.
-
driverName
protected String driverName
Deprecated.The JDBC driver to use.
-
name
@Deprecated protected static final String name
Deprecated.This will be removed in Tomcat 9 onwards.Descriptive information about this Realm implementation.- See Also:
- Constant Field Values
-
preparedCredentials
protected PreparedStatement preparedCredentials
Deprecated.The PreparedStatement to use for authenticating users.
-
preparedRoles
protected PreparedStatement preparedRoles
Deprecated.The PreparedStatement to use for identifying the roles for a specified user.
-
roleNameCol
protected String roleNameCol
Deprecated.The column in the user role table that names a role
-
userCredCol
protected String userCredCol
Deprecated.The column in the user table that holds the user's credentials
-
userNameCol
protected String userNameCol
Deprecated.The column in the user table that holds the user's name
-
userRoleTable
protected String userRoleTable
Deprecated.The table that holds the relation between user's and roles
-
userTable
protected String userTable
Deprecated.The table that holds user data.
-
-
Method Detail
-
getConnectionName
public String getConnectionName()
Deprecated.- Returns:
- the username to use to connect to the database.
-
setConnectionName
public void setConnectionName(String connectionName)
Deprecated.Set the username to use to connect to the database.- Parameters:
connectionName- Username
-
getConnectionPassword
public String getConnectionPassword()
Deprecated.- Returns:
- the password to use to connect to the database.
-
setConnectionPassword
public void setConnectionPassword(String connectionPassword)
Deprecated.Set the password to use to connect to the database.- Parameters:
connectionPassword- User password
-
getConnectionURL
public String getConnectionURL()
Deprecated.- Returns:
- the URL to use to connect to the database.
-
setConnectionURL
public void setConnectionURL(String connectionURL)
Deprecated.Set the URL to use to connect to the database.- Parameters:
connectionURL- The new connection URL
-
getDriverName
public String getDriverName()
Deprecated.- Returns:
- the JDBC driver that will be used.
-
setDriverName
public void setDriverName(String driverName)
Deprecated.Set the JDBC driver that will be used.- Parameters:
driverName- The driver name
-
getRoleNameCol
public String getRoleNameCol()
Deprecated.- Returns:
- the column in the user role table that names a role.
-
setRoleNameCol
public void setRoleNameCol(String roleNameCol)
Deprecated.Set the column in the user role table that names a role.- Parameters:
roleNameCol- The column name
-
getUserCredCol
public String getUserCredCol()
Deprecated.- Returns:
- the column in the user table that holds the user's credentials.
-
setUserCredCol
public void setUserCredCol(String userCredCol)
Deprecated.Set the column in the user table that holds the user's credentials.- Parameters:
userCredCol- The column name
-
getUserNameCol
public String getUserNameCol()
Deprecated.- Returns:
- the column in the user table that holds the user's name.
-
setUserNameCol
public void setUserNameCol(String userNameCol)
Deprecated.Set the column in the user table that holds the user's name.- Parameters:
userNameCol- The column name
-
getUserRoleTable
public String getUserRoleTable()
Deprecated.- Returns:
- the table that holds the relation between user's and roles.
-
setUserRoleTable
public void setUserRoleTable(String userRoleTable)
Deprecated.Set the table that holds the relation between user's and roles.- Parameters:
userRoleTable- The table name
-
getUserTable
public String getUserTable()
Deprecated.- Returns:
- the table that holds user data..
-
setUserTable
public void setUserTable(String userTable)
Deprecated.Set the table that holds user data.- Parameters:
userTable- The table name
-
authenticate
public Principal authenticate(String username, String credentials)
Deprecated.Return the Principal associated with the specified username and credentials, if there is one; otherwise returnnull. If there are any errors with the JDBC connection, executing the query or anything we return null (don't authenticate). This event is also logged, and the connection will be closed so that a subsequent request will automatically re-open it.- Specified by:
authenticatein interfaceRealm- Overrides:
authenticatein classRealmBase- Parameters:
username- Username of the Principal to look upcredentials- Password or other credentials to use in authenticating this username- Returns:
- the associated principal, or
nullif there is none.
-
authenticate
public Principal authenticate(Connection dbConnection, String username, String credentials)
Deprecated.Attempt to authenticate the user with the provided credentials.- Parameters:
dbConnection- The database connection to be usedusername- Username of the Principal to look upcredentials- Password or other credentials to use in authenticating this username- Returns:
- Return the Principal associated with the specified username and
credentials, if there is one; otherwise return
null.
-
isAvailable
public boolean isAvailable()
Deprecated.Description copied from interface:RealmReturn the availability of the realm for authentication.- Specified by:
isAvailablein interfaceRealm- Overrides:
isAvailablein classRealmBase- Returns:
trueif the realm is able to perform authentication
-
close
protected void close(Connection dbConnection)
Deprecated.Close the specified database connection.- Parameters:
dbConnection- The connection to be closed
-
credentials
protected PreparedStatement credentials(Connection dbConnection, String username) throws SQLException
Deprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.- Parameters:
dbConnection- The database connection to be usedusername- Username for which credentials should be retrieved- Returns:
- the prepared statement
- Throws:
SQLException- if a database error occurs
-
getName
@Deprecated protected String getName()
Deprecated.
-
getPassword
protected String getPassword(String username)
Deprecated.Get the password for the specified user.- Specified by:
getPasswordin classRealmBase- Parameters:
username- The user name- Returns:
- the password associated with the given principal's user name.
-
getPrincipal
protected Principal getPrincipal(String username)
Deprecated.Get the principal associated with the specified user.- Specified by:
getPrincipalin classRealmBase- Parameters:
username- The user name- Returns:
- the Principal associated with the given user name.
-
getRoles
protected ArrayList<String> getRoles(String username)
Deprecated.Return the roles associated with the given user name.- Parameters:
username- The user name- Returns:
- an array list of the role names
-
open
protected Connection open() throws SQLException
Deprecated.Open (if necessary) and return a database connection for use by this Realm.- Returns:
- the opened connection
- Throws:
SQLException- if a database error occurs
-
roles
protected PreparedStatement roles(Connection dbConnection, String username) throws SQLException
Deprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.- Parameters:
dbConnection- The database connection to be usedusername- Username for which roles should be retrieved- Returns:
- the prepared statement
- Throws:
SQLException- if a database error occurs
-
startInternal
protected void startInternal() throws LifecycleExceptionDeprecated.Prepare for the beginning of active use of the public methods of this component and implement the requirements ofLifecycleBase.startInternal().- Overrides:
startInternalin classRealmBase- Throws:
LifecycleException- if this component detects a fatal error that prevents this component from being used
-
stopInternal
protected void stopInternal() throws LifecycleExceptionDeprecated.Gracefully terminate the active use of the public methods of this component and implement the requirements ofLifecycleBase.stopInternal().- Overrides:
stopInternalin classRealmBase- Throws:
LifecycleException- if this component detects a fatal error that needs to be reported
-
-