java.lang.Object
- org.apache.catalina.util.LifecycleBase
- - org.apache.catalina.util.LifecycleMBeanBase
  - - org.apache.catalina.realm.RealmBase
    - - net.sf.michaelo.tomcat.realm.ActiveDirectoryRealmBase
      - net.sf.michaelo.tomcat.realm.Krb5AuthzDataDumpingActiveDirectoryRealm

All Implemented Interfaces:

MBeanRegistration, Contained, JmxEnabled, Lifecycle, Realm
```
public class Krb5AuthzDataDumpingActiveDirectoryRealm
extends ActiveDirectoryRealmBase
```
A realm which extracts and dumps Kerberos AuthorizationData and always returns a null. Use the CombinedRealm to authenticate against this one first and then against the actual one next.
This realm requires your JVM to provide an ExtendedGSSContext implementation. It will use InquireType.KRB5_GET_AUTHZ_DATA to extract AuthorizationData according to RFC 4120, section 5.2.6 from an established security context, dump to {catalina.base}/work/KRB5_AUTHZ_DATA/{gssName}/{yyyyMMdd'T'HHmmss.SSS}{#n?} and continue as described.
Note: Use this realm for testing/analysis purposes only along with the Krb5AuthzDataDumpPrinter.

Nested Class Summary
- Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase
  RealmBase.AllRolesMode
- Nested classes/interfaces inherited from interface org.apache.catalina.Lifecycle
  Lifecycle.SingleUse

Field Summary
- Fields inherited from class net.sf.michaelo.tomcat.realm.ActiveDirectoryRealmBase
  logger, sm
- Fields inherited from class org.apache.catalina.realm.RealmBase
  allRolesMode, container, containerLog, realmPath, stripRealmForGss, support, USER_ATTRIBUTES_DELIMITER, USER_ATTRIBUTES_WILDCARD, userAttributes, userAttributesList, validate, x509UsernameRetriever, x509UsernameRetrieverClassName
- Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase
  mserver
- Fields inherited from interface org.apache.catalina.Lifecycle
  AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT

Constructor Summary

Constructors
Constructor Description

Krb5AuthzDataDumpingActiveDirectoryRealm()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`protected Principal`	`getPrincipal(GSSName gssName, GSSCredential gssCredential, GSSContext gssContext)`

Methods inherited from class net.sf.michaelo.tomcat.realm.ActiveDirectoryRealmBase
getPassword, getPrincipal, getRoles, hasRoleInternal

Methods inherited from class org.apache.catalina.realm.RealmBase
addPropertyChangeListener, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, backgroundProcess, findSecurityConstraints, getAllRolesMode, getContainer, getCredentialHandler, getDigest, getDigest, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getServer, getTransportGuaranteeRedirectStatus, getUserAttributes, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasUserDataPermission, initInternal, isStripRealmForGss, main, parseUserAttributes, removePropertyChangeListener, setAllRolesMode, setContainer, setCredentialHandler, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setUserAttributes, setValidate, setX509UsernameRetrieverClassName, startInternal, stopInternal, toString

Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregister

Methods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.apache.catalina.Realm
isAvailable

Constructor Detail
- Krb5AuthzDataDumpingActiveDirectoryRealm
```
public Krb5AuthzDataDumpingActiveDirectoryRealm()
```

Method Detail

getPrincipal

protected Principal getPrincipal(GSSName gssName,
                                 GSSCredential gssCredential,
                                 GSSContext gssContext)

Overrides:: getPrincipal in class RealmBase

Class Krb5AuthzDataDumpingActiveDirectoryRealm

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase

Nested classes/interfaces inherited from interface org.apache.catalina.Lifecycle

Field Summary

Fields inherited from class net.sf.michaelo.tomcat.realm.ActiveDirectoryRealmBase

Fields inherited from class org.apache.catalina.realm.RealmBase

Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase

Fields inherited from interface org.apache.catalina.Lifecycle

Constructor Summary

Method Summary

Methods inherited from class net.sf.michaelo.tomcat.realm.ActiveDirectoryRealmBase

Methods inherited from class org.apache.catalina.realm.RealmBase

Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase

Methods inherited from class org.apache.catalina.util.LifecycleBase

Methods inherited from class java.lang.Object

Methods inherited from interface org.apache.catalina.Realm

Constructor Detail

Krb5AuthzDataDumpingActiveDirectoryRealm

Method Detail

getPrincipal