org.norther.tammi.core.realm
Class DefaultJndiRealm

java.lang.Object
  org.norther.tammi.core.base.Adaptee
      org.norther.tammi.core.config.DefaultConfigurable
          org.norther.tammi.core.realm.AbstractRealm
              org.norther.tammi.core.realm.DefaultJndiRealm

All Implemented Interfaces:

Serializable, EventListener, NotificationBroadcaster, NotificationEmitter, TraceListener, Manageable, MBeanDelegate, Configurable, JndiRealm, Realm

public class DefaultJndiRealm
extends AbstractRealm
implements JndiRealm

A default implementation of JndiRealm.

Based on JNDIRealm in the Apache Jakarta Tomcat project.

Author:

John Holman, Craig R. McClanahan, Marketta Priha

See Also:

Serialized Form

Field Summary

static String	DEFAULT_LOCALE_ATTRIBUTE_PROPERTY The default locale attribute property.
static String	PASSWORD_ATTRIBUTE_PROPERTY The password attribute property.
static String	ROLE_BASE_PROPERTY The role base property.
static String	ROLE_NAME_ATTRIBUTE_PROPERTY The role name attribute property.
static String	ROLE_SEARCH_PATTERN_PROPERTY The role search pattern property.
static String	ROLE_SEARCH_SCOPE_PROPERTY The role search scope property.
static String	USER_BASE_PROPERTY The user base property.
static String	USER_ROLE_NAME_ATTRIBUTE_PROPERTY The user role name attribute property.
static String	USER_SEARCH_PATTERN_PROPERTY The user search pattern property.
static String	USER_SEARCH_SCOPE_PROPERTY The user search scope property.
static String	USERNAME_PATTERN_PROPERTY The username pattern property.

Fields inherited from class org.norther.tammi.core.config.DefaultConfigurable

MODIFIED, SYNCHRONIZED, UNMODIFIED

Fields inherited from class org.norther.tammi.core.base.Adaptee

ADAPTEE_NOTIF_DESCRIPTION, ADAPTEE_NOTIFICATIONS

Fields inherited from interface org.norther.tammi.core.realm.Realm

ANONYMOUS_USER_PROPERTY, CACHED_PASSWORDS_PROPERTY, DEFAULT_ROLE_PROPERTY, DIGEST_ALGORITHM_PROPERTY, MEMBER_PROPERTY, PUBLIC_NAME_PROPERTY

Fields inherited from interface org.norther.tammi.core.base.MBeanDelegate

ARRAY_TYPE, OBJECT_TYPE, PRIMITIVE_TYPE, STRING_TYPE

Constructor Summary

DefaultJndiRealm()
Constructs a new realm.

DefaultJndiRealm(String digest)
Constructs a new realm with a digest.

Method Summary

Attributes	getAttributes(String name) Gets all attributes associated with the named directory object.
String	getDefaultLocaleAttribute() Gets the default locale attribute used to retrieve user locale from the result of of user search.
String	getInitialContextFactory() Gets the JNDI initial context factory to apply.
String	getPasswordAttribute() Gets the password attribute used to retrieve the user password.
protected Principal	getPrincipal(String domain, String username, String password) Gets the user principal representing the authenticated user.
String	getProviderURL() Gets the provider URL to the directory of this realm.
String	getReferral() Gets the referrals processing instruction.
String	getRoleBase() Gets the base name for role searches.
String	getRoleNameAttribute() Gets the role name attribute used to retrieve user roles from the result of the role search.
String	getRoleSearchPattern() Gets the message format used to select roles for a user, with "{0}" marking the spot where the distinguished name of the user goes, and/or "{1}" marking the spot for the username of the principal.
int	getRoleSearchScope() Gets the scope for role searches.
String	getSecurityAuthentication() Gets the authentication level of the connection to the directory.
String	getSecurityPrincipal() Gets the principal for authenticating the connection to the directory.
String	getSecurityProtocol() Gets the protocol of the connection to the directory.
String	getUserBase() Gets the base name for user searches.
String	getUsernamePattern() Gets the message format pattern used to form the distinguished name of a user with "{0}" marking the spot where the specified username goes.
String	getUserRoleNameAttribute() Gets the user role name attribute used to retrieve user roles from the result of of user search.
String	getUserSearchPattern() Gets the message format pattern for searching users in this realm with "{0}" marking the spot where the username goes.
int	getUserSearchScope() Gets the scope for user searches.
DirContext	lookup() Returns a new connection to the directory that can be accessed concurrently.
void	postmanaged() This method is called when the implementing adaptee has been managed either during post-registration of the corresponding adapter MBean or just after it is explicitly added to the adapter MBean during run-time.
List	search(String name, String filter, int scope) Searches in the named context or object for entries that satisfy the given search filter and within the given scope.
void	setDefaultLocaleAttribute(String name) Sets the default locale attribute used to retrieve user locale from the result of of user search.
void	setInitialContextFactory(String factory) Sets the JNDI initial context factory to apply.
void	setPasswordAttribute(String name) Sets the password attribute used to retrieve the user password.
void	setProviderURL(String URL) Sets the provider URL to the directory of this realm.
void	setReferral(String instruction) Sets the referrals processing instruction as specified by the javax.naming.Context inteface, e.g.
void	setRoleBase(String base) Sets the base name for role searches.
void	setRoleNameAttribute(String name) Sets the role name attribute used to retrieve user roles from the result of the role search.
void	setRoleSearchPattern(String pattern) Sets the message format used to select roles for a user, with "{0}" marking the spot where the distinguished name of the user goes, and/or "{1}" marking the spot for the username of the principal.
void	setRoleSearchScope(int scope) Sets the role search scope as specified by javax.naming.directory.SearchControls.
void	setSecurityAuthentication(String authentication) Sets the authentication level of the connection to the directory as specified by the javax.naming.Context interface, e.g.
void	setSecurityCredentials(String password) Sets the credentials for authenticating the connection to the directory.
void	setSecurityPrincipal(String username) Sets the principal for authenticating the connection to the directory.
void	setSecurityProtocol(String protocol) Sets the protocol of the connection to the directory, e.g.
void	setUserBase(String base) Sets the base name for user searches.
void	setUsernamePattern(String pattern) Sets the message format pattern used to form the distinguished name of a user with "{0}" marking the spot where the specified username goes.
void	setUserRoleNameAttribute(String name) Sets the user role name attribute used to retrieve user roles from the result of of user search.
void	setUserSearchPattern(String pattern) Sets the message format pattern for searching users in this realm with "{0}" marking the spot where the username goes.
void	setUserSearchScope(int scope) Sets the user search scope as specified by javax.naming.directory.SearchControls.
void	unmanaged() This method is called when the implementing adaptee is unmanaged either during pre-deregistration of the corresponding adapter MBean or just before it is explicitly removed from the adapter MBean during run-time.
protected void	updateProperties() Updates properties.

Methods inherited from class org.norther.tammi.core.realm.AbstractRealm

addRoles, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, checkProperties, createPrincipal, createPrincipal, digest, generateAuthenticate, getAnonymousUser, getAuthType, getDefaultRole, getDigestAlgorithm, getMemberMap, getMessageDigest, getPublicName, identify, identify, isAuthenticated, isAuthenticated, isCachedPasswords, isUserInRole, setAnonymousUser, setCachedPasswords, setDefaultRole, setDigestAlgorithm, setPublicName

Methods inherited from class org.norther.tammi.core.config.DefaultConfigurable

addProperty, addProperty, clearProperties, containsProperty, getConfigKey, getConfiguration, getModifiedState, getProperties, getProperty, getPropertyFilePath, indexOfProperty, loadConfiguration, loadConfiguration, loadConfiguration, modified, propertyMap, propertyMap, removeProperty, removeProperty, setConfigKey, setModifiedState, setProperties, setProperty, setPropertyFilePath, setPropertyFilePath, storeProperties

Methods inherited from class org.norther.tammi.core.base.Adaptee

addAdaptee, addNotificationListener, getAttributeSupport, getBroker, getCanonicalName, getDomain, getFactory, getLoader, getLog, getLog, getMBean, getMBeanServer, getNotificationInfo, getObjectName, getRegistrationTime, getSequenceNumber, hasListeners, isRegistered, premanaged, removeNotificationListener, removeNotificationListener, sendNotification, sendNotification, sendNotification, sendNotification, unregister

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.norther.tammi.core.realm.Realm

authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, authenticate, digest, generateAuthenticate, getAnonymousUser, getAuthType, getDefaultRole, getDigestAlgorithm, getPublicName, identify, identify, isAuthenticated, isAuthenticated, isCachedPasswords, isUserInRole, setAnonymousUser, setCachedPasswords, setDefaultRole, setDigestAlgorithm, setPublicName

Methods inherited from interface org.norther.tammi.core.config.Configurable

addProperty, addProperty, clearProperties, containsProperty, getConfigKey, getProperties, getProperty, getPropertyFilePath, indexOfProperty, propertyMap, propertyMap, removeProperty, removeProperty, setConfigKey, setProperties, setProperty, setPropertyFilePath, setPropertyFilePath, storeProperties

Field Detail

USER_BASE_PROPERTY

public static final String USER_BASE_PROPERTY

The user base property.

See Also:

Constant Field Values

USER_SEARCH_SCOPE_PROPERTY

public static final String USER_SEARCH_SCOPE_PROPERTY

The user search scope property.

See Also:

Constant Field Values

USER_SEARCH_PATTERN_PROPERTY

public static final String USER_SEARCH_PATTERN_PROPERTY

The user search pattern property.

See Also:

Constant Field Values

USERNAME_PATTERN_PROPERTY

public static final String USERNAME_PATTERN_PROPERTY

The username pattern property.

See Also:

Constant Field Values

PASSWORD_ATTRIBUTE_PROPERTY

public static final String PASSWORD_ATTRIBUTE_PROPERTY

The password attribute property.

See Also:

Constant Field Values

ROLE_BASE_PROPERTY

public static final String ROLE_BASE_PROPERTY

The role base property.

See Also:

Constant Field Values

ROLE_SEARCH_SCOPE_PROPERTY

public static final String ROLE_SEARCH_SCOPE_PROPERTY

The role search scope property.

See Also:

Constant Field Values

ROLE_SEARCH_PATTERN_PROPERTY

public static final String ROLE_SEARCH_PATTERN_PROPERTY

The role search pattern property.

See Also:

Constant Field Values

ROLE_NAME_ATTRIBUTE_PROPERTY

public static final String ROLE_NAME_ATTRIBUTE_PROPERTY

The role name attribute property.

See Also:

Constant Field Values

USER_ROLE_NAME_ATTRIBUTE_PROPERTY

public static final String USER_ROLE_NAME_ATTRIBUTE_PROPERTY

The user role name attribute property.

See Also:

Constant Field Values

DEFAULT_LOCALE_ATTRIBUTE_PROPERTY

public static final String DEFAULT_LOCALE_ATTRIBUTE_PROPERTY

The default locale attribute property.

See Also:

Constant Field Values

Constructor Detail

DefaultJndiRealm

public DefaultJndiRealm()

Constructs a new realm.

DefaultJndiRealm

public DefaultJndiRealm(String digest)

Constructs a new realm with a digest.

Parameters:

digest - the digest algorithm.

Method Detail

postmanaged

public void postmanaged()

Description copied from interface: Manageable

This method is called when the implementing adaptee has been managed either during post-registration of the corresponding adapter MBean or just after it is explicitly added to the adapter MBean during run-time.

Specified by:

postmanaged in interface Manageable

Overrides:

postmanaged in class Adaptee

unmanaged

public void unmanaged()
               throws Exception

Description copied from interface: Manageable

This method is called when the implementing adaptee is unmanaged either during pre-deregistration of the corresponding adapter MBean or just before it is explicitly removed from the adapter MBean during run-time.

Specified by:

unmanaged in interface Manageable

Overrides:

unmanaged in class Adaptee

Throws:

Exception - if the adaptee refused to be unmanaged.

getInitialContextFactory

public String getInitialContextFactory()

Description copied from interface: JndiRealm

Gets the JNDI initial context factory to apply.

Specified by:

getInitialContextFactory in interface JndiRealm

Returns:

the JNDI initial context factory.

setInitialContextFactory

public void setInitialContextFactory(String factory)

Description copied from interface: JndiRealm

Sets the JNDI initial context factory to apply.

Specified by:

setInitialContextFactory in interface JndiRealm

Parameters:

factory - the initial context factory.

getProviderURL

public String getProviderURL()

Description copied from interface: JndiRealm

Gets the provider URL to the directory of this realm.

Specified by:

getProviderURL in interface JndiRealm

Returns:

the provider URL.

setProviderURL

public void setProviderURL(String URL)

Description copied from interface: JndiRealm

Sets the provider URL to the directory of this realm.

Specified by:

setProviderURL in interface JndiRealm

Parameters:

URL - the provider URL.

getSecurityPrincipal

public String getSecurityPrincipal()

Description copied from interface: JndiRealm

Gets the principal for authenticating the connection to the directory.

Specified by:

getSecurityPrincipal in interface JndiRealm

Returns:

the security principal.

setSecurityPrincipal

public void setSecurityPrincipal(String username)

Description copied from interface: JndiRealm

Sets the principal for authenticating the connection to the directory.

Specified by:

setSecurityPrincipal in interface JndiRealm

Parameters:

username - the security principal.

setSecurityCredentials

public void setSecurityCredentials(String password)

Description copied from interface: JndiRealm

Sets the credentials for authenticating the connection to the directory.

Specified by:

setSecurityCredentials in interface JndiRealm

Parameters:

password - the security credentials.

getSecurityAuthentication

public String getSecurityAuthentication()

Description copied from interface: JndiRealm

Gets the authentication level of the connection to the directory.

Specified by:

getSecurityAuthentication in interface JndiRealm

Returns:

the security authentication.

setSecurityAuthentication

public void setSecurityAuthentication(String authentication)

Description copied from interface: JndiRealm

Sets the authentication level of the connection to the directory as specified by the javax.naming.Context interface, e.g. "none", "simple" or a SASL mechanism like "DIGEST-MD5".

Specified by:

setSecurityAuthentication in interface JndiRealm

Parameters:

authentication - the security authentication.

getSecurityProtocol

public String getSecurityProtocol()

Description copied from interface: JndiRealm

Gets the protocol of the connection to the directory.

Specified by:

getSecurityProtocol in interface JndiRealm

Returns:

the security protocol.

setSecurityProtocol

public void setSecurityProtocol(String protocol)

Description copied from interface: JndiRealm

Sets the protocol of the connection to the directory, e.g. "ssl".

Specified by:

setSecurityProtocol in interface JndiRealm

Parameters:

protocol - the security protocol.

getReferral

public String getReferral()

Description copied from interface: JndiRealm

Gets the referrals processing instruction.

Specified by:

getReferral in interface JndiRealm

Returns:

the referral processing instruction.

setReferral

public void setReferral(String instruction)

Description copied from interface: JndiRealm

Sets the referrals processing instruction as specified by the javax.naming.Context inteface, e.g. "follow", "ignore" or "throw".

Specified by:

setReferral in interface JndiRealm

Parameters:

instruction - the referrals processing instruction.

getUserBase

public String getUserBase()

Description copied from interface: JndiRealm

Gets the base name for user searches.

Specified by:

getUserBase in interface JndiRealm

Returns:

the user base name.

setUserBase

public void setUserBase(String base)

Description copied from interface: JndiRealm

Sets the base name for user searches.

Specified by:

setUserBase in interface JndiRealm

Parameters:

base - the user base name.

getUserSearchScope

public int getUserSearchScope()

Description copied from interface: JndiRealm

Gets the scope for user searches.

Specified by:

getUserSearchScope in interface JndiRealm

Returns:

the user search scope.

setUserSearchScope

public void setUserSearchScope(int scope)

Description copied from interface: JndiRealm

Sets the user search scope as specified by javax.naming.directory.SearchControls.

Specified by:

setUserSearchScope in interface JndiRealm

Parameters:

scope - the user search scope.

getUserSearchPattern

public String getUserSearchPattern()

Description copied from interface: JndiRealm

Gets the message format pattern for searching users in this realm with "{0}" marking the spot where the username goes.

Specified by:

getUserSearchPattern in interface JndiRealm

Returns:

the user search pattern.

setUserSearchPattern

public void setUserSearchPattern(String pattern)

Description copied from interface: JndiRealm

Sets the message format pattern for searching users in this realm with "{0}" marking the spot where the username goes.

Specified by:

setUserSearchPattern in interface JndiRealm

Parameters:

pattern - the user search pattern.

getUsernamePattern

public String getUsernamePattern()

Description copied from interface: JndiRealm

Gets the message format pattern used to form the distinguished name of a user with "{0}" marking the spot where the specified username goes.

Specified by:

getUsernamePattern in interface JndiRealm

Returns:

the username pattern.

setUsernamePattern

public void setUsernamePattern(String pattern)

Description copied from interface: JndiRealm

Sets the message format pattern used to form the distinguished name of a user with "{0}" marking the spot where the specified username goes.

Specified by:

setUsernamePattern in interface JndiRealm

Parameters:

pattern - the username pattern.

getRoleBase

public String getRoleBase()

Description copied from interface: JndiRealm

Gets the base name for role searches.

Specified by:

getRoleBase in interface JndiRealm

Returns:

the role base name.

setRoleBase

public void setRoleBase(String base)

Description copied from interface: JndiRealm

Sets the base name for role searches.

Specified by:

setRoleBase in interface JndiRealm

Parameters:

base - the role base name.

getRoleSearchScope

public int getRoleSearchScope()

Description copied from interface: JndiRealm

Gets the scope for role searches.

Specified by:

getRoleSearchScope in interface JndiRealm

Returns:

the role search scope.

setRoleSearchScope

public void setRoleSearchScope(int scope)

Description copied from interface: JndiRealm

Sets the role search scope as specified by javax.naming.directory.SearchControls.

Specified by:

setRoleSearchScope in interface JndiRealm

Parameters:

scope - the role search scope.

getRoleSearchPattern

public String getRoleSearchPattern()

Description copied from interface: JndiRealm

Gets the message format used to select roles for a user, with "{0}" marking the spot where the distinguished name of the user goes, and/or "{1}" marking the spot for the username of the principal.

Specified by:

getRoleSearchPattern in interface JndiRealm

Returns:

the role search pattern.

setRoleSearchPattern

public void setRoleSearchPattern(String pattern)

Description copied from interface: JndiRealm

Sets the message format used to select roles for a user, with "{0}" marking the spot where the distinguished name of the user goes, and/or "{1}" marking the spot for the username of the principal.

Specified by:

setRoleSearchPattern in interface JndiRealm

Parameters:

pattern - the new role search pattern.

getPasswordAttribute

public String getPasswordAttribute()

Description copied from interface: JndiRealm

Gets the password attribute used to retrieve the user password.

Specified by:

getPasswordAttribute in interface JndiRealm

Returns:

the password attribute.

setPasswordAttribute

public void setPasswordAttribute(String name)

Description copied from interface: JndiRealm

Sets the password attribute used to retrieve the user password.

Specified by:

setPasswordAttribute in interface JndiRealm

Parameters:

name - the password attribute

getRoleNameAttribute

public String getRoleNameAttribute()

Description copied from interface: JndiRealm

Gets the role name attribute used to retrieve user roles from the result of the role search.

Specified by:

getRoleNameAttribute in interface JndiRealm

Returns:

the role name attribute.

setRoleNameAttribute

public void setRoleNameAttribute(String name)

Description copied from interface: JndiRealm

Sets the role name attribute used to retrieve user roles from the result of the role search.

Specified by:

setRoleNameAttribute in interface JndiRealm

Parameters:

name - the role name attribute.

getUserRoleNameAttribute

public String getUserRoleNameAttribute()

Description copied from interface: JndiRealm

Gets the user role name attribute used to retrieve user roles from the result of of user search.

Specified by:

getUserRoleNameAttribute in interface JndiRealm

Returns:

the user role name attribute.

setUserRoleNameAttribute

public void setUserRoleNameAttribute(String name)

Description copied from interface: JndiRealm

Sets the user role name attribute used to retrieve user roles from the result of of user search.

Specified by:

setUserRoleNameAttribute in interface JndiRealm

Parameters:

name - the user role name attribute.

getDefaultLocaleAttribute

public String getDefaultLocaleAttribute()

Description copied from interface: JndiRealm

Gets the default locale attribute used to retrieve user locale from the result of of user search.

Specified by:

getDefaultLocaleAttribute in interface JndiRealm

Returns:

the default locale attribute.

setDefaultLocaleAttribute

public void setDefaultLocaleAttribute(String name)

Description copied from interface: JndiRealm

Sets the default locale attribute used to retrieve user locale from the result of of user search.

Specified by:

setDefaultLocaleAttribute in interface JndiRealm

Parameters:

name - the deafult locale attribute.

getAttributes

public Attributes getAttributes(String name)
                         throws NamingException

Description copied from interface: JndiRealm

Gets all attributes associated with the named directory object.

Specified by:

getAttributes in interface JndiRealm

Parameters:

name - the name of the object.

Returns:

the found attributes.

Throws:

NamingException - if a naming exception is encountered.

search

public List search(String name,
                   String filter,
                   int scope)
            throws NamingException

Description copied from interface: JndiRealm

Searches in the named context or object for entries that satisfy the given search filter and within the given scope. The scope is given as specfied by javax.naming.directory.SearchControls. A list of javax.naming.directory.SearchResult objects is returned as the result.

Specified by:

search in interface JndiRealm

Parameters:

name - the name of context or object.

filter - the search filter.

scope - the scope of the search.

Returns:

the list of found entries.

Throws:

NamingException - if a naming exception is encountered.

lookup

public DirContext lookup()
                  throws NamingException

Description copied from interface: JndiRealm

Returns a new connection to the directory that can be accessed concurrently. The caller is responsible for closing it.

Specified by:

lookup in interface JndiRealm

Returns:

the connection as a directory context.

Throws:

NamingException - if a naming exception is encountered.

getPrincipal

protected Principal getPrincipal(String domain,
                                 String username,
                                 String password)

Description copied from class: AbstractRealm

Gets the user principal representing the authenticated user. Subclasses may implement this method only and rely on authentication operations provided by this class.

Specified by:

getPrincipal in class AbstractRealm

Parameters:

domain - the domain.

username - the username.

password - the user password.

Returns:

the principal or null.

updateProperties

protected void updateProperties()

Description copied from class: AbstractRealm

Updates properties.

Overrides:

updateProperties in class AbstractRealm