Package net.sf.michaelo.tomcat.realm
Class Krb5AuthzDataDumpingActiveDirectoryRealm
- java.lang.Object
-
- org.apache.catalina.util.LifecycleBase
-
- org.apache.catalina.util.LifecycleMBeanBase
-
- org.apache.catalina.realm.RealmBase
-
- net.sf.michaelo.tomcat.realm.ActiveDirectoryRealmBase
-
- net.sf.michaelo.tomcat.realm.Krb5AuthzDataDumpingActiveDirectoryRealm
-
- All Implemented Interfaces:
MBeanRegistration
,Contained
,JmxEnabled
,Lifecycle
,Realm
public class Krb5AuthzDataDumpingActiveDirectoryRealm extends ActiveDirectoryRealmBase
A realm which extracts and dumps KerberosAuthorizationData
and always returns anull
. Use theCombinedRealm
to authenticate against this one first and then against the actual one next.This realm requires your JVM to provide an
ExtendedGSSContext
implementation. It will useInquireType.KRB5_GET_AUTHZ_DATA
to extractAuthorizationData
according to RFC 4120, section 5.2.6 from an established security context, dump to{catalina.base}/work/KRB5_AUTHZ_DATA/{gssName}/{yyyyMMdd'T'HHmmss.SSS}{#n?}
and continue as described.Note: Use this realm for testing/analysis purposes only along with the
Krb5AuthzDataDumpPrinter
.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase
RealmBase.AllRolesMode
-
Nested classes/interfaces inherited from interface org.apache.catalina.Lifecycle
Lifecycle.SingleUse
-
-
Field Summary
-
Fields inherited from class net.sf.michaelo.tomcat.realm.ActiveDirectoryRealmBase
logger, sm
-
Fields inherited from class org.apache.catalina.realm.RealmBase
allRolesMode, container, containerLog, realmPath, stripRealmForGss, support, USER_ATTRIBUTES_DELIMITER, USER_ATTRIBUTES_WILDCARD, userAttributes, userAttributesList, validate, x509UsernameRetriever, x509UsernameRetrieverClassName
-
Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase
mserver
-
Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
-
-
Constructor Summary
Constructors Constructor Description Krb5AuthzDataDumpingActiveDirectoryRealm()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected Principal
getPrincipal(GSSName gssName, GSSCredential gssCredential, GSSContext gssContext)
-
Methods inherited from class net.sf.michaelo.tomcat.realm.ActiveDirectoryRealmBase
getPassword, getPrincipal, getRoles, hasRoleInternal
-
Methods inherited from class org.apache.catalina.realm.RealmBase
addPropertyChangeListener, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, backgroundProcess, findSecurityConstraints, getAllRolesMode, getContainer, getCredentialHandler, getDigest, getDigest, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getServer, getTransportGuaranteeRedirectStatus, getUserAttributes, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasUserDataPermission, initInternal, isStripRealmForGss, main, parseUserAttributes, removePropertyChangeListener, setAllRolesMode, setContainer, setCredentialHandler, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setUserAttributes, setValidate, setX509UsernameRetrieverClassName, startInternal, stopInternal, toString
-
Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregister
-
Methods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface org.apache.catalina.Realm
isAvailable
-
-
-
-
Method Detail
-
getPrincipal
protected Principal getPrincipal(GSSName gssName, GSSCredential gssCredential, GSSContext gssContext)
- Overrides:
getPrincipal
in classRealmBase
-
-