com.netscape.cms.realm

Class PKIRealm

java.lang.Object

org.apache.catalina.util.LifecycleBase

org.apache.catalina.util.LifecycleMBeanBase

org.apache.catalina.realm.RealmBase

com.netscape.cms.realm.PKIRealm

All Implemented Interfaces:

javax.management.MBeanRegistration, org.apache.catalina.Lifecycle, org.apache.catalina.Realm

public class PKIRealm
extends org.apache.catalina.realm.RealmBase

PKI Realm This realm provides an authentication service against PKI user database. The realm also provides an authorization service that validates request URL's against the access control list defined in the internal database.

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase

org.apache.catalina.realm.RealmBase.AllRolesMode

Field Summary

Fields

Modifier and Type	Field and Description
protected ILogger	signedAuditLogger

Fields inherited from class org.apache.catalina.realm.RealmBase

allRolesMode, container, containerLog, digest, digestEncoding, info, md, md5Encoder, md5Helper, realmPath, sm, stripRealmForGss, support, validate, x509UsernameRetriever, x509UsernameRetrieverClassName

Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase

mserver

Fields inherited from interface org.apache.catalina.Lifecycle

AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT

Constructor Summary

Constructors

Constructor and Description
PKIRealm()

Method Summary

Modifier and Type	Method and Description
protected void	audit(java.lang.String msg) Signed Audit Log This method is called to store messages to the signed audit log.
java.security.Principal	authenticate(java.lang.String username, java.lang.String password)
java.security.Principal	authenticate(java.security.cert.X509Certificate[] certs)
protected java.lang.String	getName()
protected java.lang.String	getPassword(java.lang.String username)
protected java.security.Principal	getPrincipal(IUser user, IAuthToken authToken)
protected java.security.Principal	getPrincipal(java.lang.String username)
protected java.security.Principal	getPrincipal(java.lang.String username, IAuthToken authToken)
protected java.util.List<java.lang.String>	getRoles(IUser user)
protected IUser	getUser(java.lang.String username)
void	logDebug(java.lang.String msg)
void	logErr(java.lang.String msg)

Methods inherited from class org.apache.catalina.realm.RealmBase

addPropertyChangeListener, authenticate, authenticate, backgroundProcess, compareCredentials, digest, Digest, findSecurityConstraints, getAllRolesMode, getContainer, getDigest, getDigest, getDigestCharset, getDigestEncoding, getDomainInternal, getInfo, getObjectNameKeyProperties, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getServer, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasUserDataPermission, initInternal, isStripRealmForGss, main, removePropertyChangeListener, setAllRolesMode, setContainer, setDigest, setDigestEncoding, setRealmPath, setStripRealmForGss, setValidate, setX509UsernameRetrieverClassName, startInternal, stopInternal, toString

Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase

destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister

Methods inherited from class org.apache.catalina.util.LifecycleBase

addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, init, removeLifecycleListener, setState, setState, start, stop

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

signedAuditLogger

protected ILogger signedAuditLogger

Constructor Detail

PKIRealm

public PKIRealm()

Method Detail

getName

protected java.lang.String getName()

Specified by:

getName in class org.apache.catalina.realm.RealmBase

authenticate

public java.security.Principal authenticate(java.lang.String username,
                                            java.lang.String password)

Specified by:

authenticate in interface org.apache.catalina.Realm

Overrides:

authenticate in class org.apache.catalina.realm.RealmBase

authenticate

public java.security.Principal authenticate(java.security.cert.X509Certificate[] certs)

Specified by:

authenticate in interface org.apache.catalina.Realm

Overrides:

authenticate in class org.apache.catalina.realm.RealmBase

getPrincipal

protected java.security.Principal getPrincipal(java.lang.String username)

Specified by:

getPrincipal in class org.apache.catalina.realm.RealmBase

getPrincipal

protected java.security.Principal getPrincipal(java.lang.String username,
                                               IAuthToken authToken)

getPrincipal

protected java.security.Principal getPrincipal(IUser user,
                                               IAuthToken authToken)
                                        throws EUsrGrpException

Throws:

EUsrGrpException

getUser

protected IUser getUser(java.lang.String username)
                 throws EUsrGrpException

Throws:

EUsrGrpException

getRoles

protected java.util.List<java.lang.String> getRoles(IUser user)
                                             throws EUsrGrpException

Throws:

EUsrGrpException

getPassword

protected java.lang.String getPassword(java.lang.String username)

Specified by:

getPassword in class org.apache.catalina.realm.RealmBase

logErr

public void logErr(java.lang.String msg)

logDebug

public void logDebug(java.lang.String msg)

audit

protected void audit(java.lang.String msg)

Signed Audit Log This method is called to store messages to the signed audit log.

Parameters:

msg - signed audit log message