| Package | Description |
|---|---|
| com.sun.enterprise.web.connector.coyote | |
| com.sun.web.security | |
| org.apache.catalina | |
| org.apache.catalina.authenticator |
This package contains
Authenticator implementations for the
various supported authentication methods (BASIC, DIGEST, and FORM). |
| org.apache.catalina.connector | |
| org.apache.catalina.core | |
| org.apache.catalina.realm |
This package contains
Realm implementations for the
various supported realm technologies for authenticating users and
identifying their associated roles. |
| Modifier and Type | Class and Description |
|---|---|
class |
PECoyoteResponse
Customized version of the Tomcat 5 CoyoteResponse
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
RealmAdapter.hasResourcePermission(HttpRequest request,
HttpResponse response,
SecurityConstraint[] constraints,
Context context)
Perform access control based on the specified authorization constraint.
|
boolean |
RealmAdapter.hasRole(HttpRequest request,
HttpResponse response,
Principal principal,
String role)
Check if the given principal has the provided role.
|
boolean |
RealmAdapter.hasUserDataPermission(HttpRequest request,
HttpResponse response,
SecurityConstraint[] constraints)
Enforce any user data constraint required by the security constraint
guarding this request URI.
|
boolean |
RealmAdapter.hasUserDataPermission(HttpRequest request,
HttpResponse response,
SecurityConstraint[] constraints,
String uri,
String method)
Checks if the given request URI and method are the target of any
user-data-constraint with a transport-guarantee of CONFIDENTIAL,
and whether any such constraint is already satisfied.
|
boolean |
RealmAdapter.invokeAuthenticateDelegate(HttpRequest request,
HttpResponse response,
Context context,
Authenticator authenticator,
boolean calledFromAuthenticate)
Authenticates the user making this request, based on the specified
login configuration.
|
boolean |
RealmAdapter.invokePostAuthenticateDelegate(HttpRequest request,
HttpResponse response,
Context context)
Post authentication for given request and response.
|
int |
RealmAdapter.preAuthenticateCheck(HttpRequest request,
HttpResponse response,
SecurityConstraint[] constraints,
boolean disableProxyCaching,
boolean securePagesWithPragma,
boolean ssoEnabled)
Checks whether or not authentication is needed.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
Realm.hasResourcePermission(HttpRequest request,
HttpResponse response,
SecurityConstraint[] constraint,
Context context)
Perform access control based on the specified authorization constraint.
|
boolean |
Realm.hasRole(HttpRequest request,
HttpResponse response,
Principal principal,
String role)
Return
true if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false. |
boolean |
Realm.hasUserDataPermission(HttpRequest request,
HttpResponse response,
SecurityConstraint[] constraint)
Enforce any user data constraint required by the security constraint
guarding this request URI.
|
boolean |
Realm.hasUserDataPermission(HttpRequest request,
HttpResponse response,
SecurityConstraint[] constraints,
String uri,
String method)
Checks if the given request URI and method are the target of any
user-data-constraint with a transport-guarantee of CONFIDENTIAL,
and whether any such constraint is already satisfied.
|
boolean |
Realm.invokeAuthenticateDelegate(HttpRequest request,
HttpResponse response,
Context context,
Authenticator authenticator,
boolean calledFromAuthenticate)
Authenticates the user making this request, based on the specified
login configuration.
|
boolean |
Realm.invokePostAuthenticateDelegate(HttpRequest request,
HttpResponse response,
Context context)
Post authentication for given request and response.
|
int |
Realm.preAuthenticateCheck(HttpRequest request,
HttpResponse response,
SecurityConstraint[] constraints,
boolean disableProxyCaching,
boolean securePagesWithPragma,
boolean ssoEnabled)
Checks whether or not authentication is needed.
|
| Modifier and Type | Method and Description |
|---|---|
abstract boolean |
AuthenticatorBase.authenticate(HttpRequest request,
HttpResponse response,
LoginConfig config)
Authenticate the user making this request, based on the specified
login configuration.
|
boolean |
NonLoginAuthenticator.authenticate(HttpRequest request,
HttpResponse response,
LoginConfig config)
Authenticate the user making this request, based on the specified
login configuration.
|
boolean |
DigestAuthenticator.authenticate(HttpRequest request,
HttpResponse response,
LoginConfig config)
Authenticate the user making this request, based on the specified
login configuration.
|
boolean |
SSLAuthenticator.authenticate(HttpRequest request,
HttpResponse response,
LoginConfig config)
Authenticate the user by checking for the existence of a certificate
chain, and optionally asking a trust manager to validate that we trust
this user.
|
boolean |
FormAuthenticator.authenticate(HttpRequest request,
HttpResponse response,
LoginConfig config)
Authenticate the user making this request, based on the specified
login configuration.
|
boolean |
BasicAuthenticator.authenticate(HttpRequest request,
HttpResponse response,
LoginConfig config)
Authenticate the user making this request, based on the specified
login configuration.
|
protected void |
FormAuthenticator.forwardToErrorPage(HttpRequest request,
HttpResponse response,
LoginConfig config)
Called to forward to the error page.
|
protected void |
FormAuthenticator.forwardToLoginPage(HttpRequest request,
HttpResponse response,
LoginConfig config)
Called to forward to the login page.
|
protected void |
AuthenticatorBase.register(HttpRequest request,
HttpResponse response,
Principal principal,
String authType,
String username,
char[] password)
Register an authenticated Principal and authentication type in our
request, in the current session (if there is one), and with our
SingleSignOn valve, if there is one.
|
| Modifier and Type | Class and Description |
|---|---|
class |
Response
Wrapper object for the Coyote response.
|
| Modifier and Type | Class and Description |
|---|---|
class |
DummyResponse
Dummy response object, used for JSP precompilation.
|
| Modifier and Type | Method and Description |
|---|---|
protected void |
RealmBase.disableProxyCaching(HttpRequest request,
HttpResponse response,
boolean disableProxyCaching,
boolean securePagesWithPragma) |
boolean |
RealmBase.hasResourcePermission(HttpRequest request,
HttpResponse response,
SecurityConstraint[] constraints,
Context context)
Perform access control based on the specified authorization constraint.
|
boolean |
RealmBase.hasRole(HttpRequest request,
HttpResponse response,
Principal principal,
String role)
Return
true if the specified Principal has the specified
security role, within the context of this Realm; otherwise return
false. |
boolean |
RealmBase.hasUserDataPermission(HttpRequest request,
HttpResponse response,
SecurityConstraint[] constraints)
Enforce any user data constraint required by the security constraint
guarding this request URI.
|
boolean |
RealmBase.hasUserDataPermission(HttpRequest request,
HttpResponse response,
SecurityConstraint[] constraints,
String uri,
String method)
Checks if the given request URI and method are the target of any
user-data-constraint with a transport-guarantee of CONFIDENTIAL,
and whether any such constraint is already satisfied.
|
boolean |
RealmBase.invokeAuthenticateDelegate(HttpRequest request,
HttpResponse response,
Context context,
Authenticator authenticator,
boolean calledFromAuthenticate)
Authenticates the user making this request, based on the specified
login configuration.
|
boolean |
RealmBase.invokePostAuthenticateDelegate(HttpRequest request,
HttpResponse response,
Context context)
Post authentication for given request and response.
|
int |
RealmBase.preAuthenticateCheck(HttpRequest request,
HttpResponse response,
SecurityConstraint[] constraints,
boolean disableProxyCaching,
boolean securePagesWithPragma,
boolean ssoEnabled)
Checks whether or not authentication is needed.
|
Copyright © 2017. All rights reserved.