Package org.apache.catalina.realm
Class JDBCRealm
- java.lang.Object
- 
- org.apache.catalina.util.LifecycleBase
- 
- org.apache.catalina.util.LifecycleMBeanBase
- 
- org.apache.catalina.realm.RealmBase
- 
- org.apache.catalina.realm.JDBCRealm
 
 
 
 
- 
- All Implemented Interfaces:
- javax.management.MBeanRegistration,- Contained,- GSSRealm,- JmxEnabled,- Lifecycle,- Realm
 
 @Deprecated public class JDBCRealm extends RealmBase Deprecated.Will be removed in Tomcat 10 onwards. Use the DataSourceRealm instead.Implementation of Realm that works with any JDBC supported database. See the JDBCRealm.howto for more details on how to set up the database and for configuration options.For a Realm implementation that supports connection pooling and doesn't require synchronisation of authenticate(),getPassword(),roles()andgetPrincipal()or the ugly connection logic use theDataSourceRealm.- Author:
- Craig R. McClanahan, Carson McDonald, Ignacio Ortega
 
- 
- 
Nested Class Summary- 
Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBaseRealmBase.AllRolesMode
 - 
Nested classes/interfaces inherited from interface org.apache.catalina.LifecycleLifecycle.SingleUse
 
- 
 - 
Field SummaryFields Modifier and Type Field Description protected java.lang.StringconnectionNameDeprecated.The connection username to use when trying to connect to the database.protected java.lang.StringconnectionPasswordDeprecated.The connection URL to use when trying to connect to the database.protected java.lang.StringconnectionURLDeprecated.The connection URL to use when trying to connect to the database.protected java.sql.ConnectiondbConnectionDeprecated.The connection to the database.protected java.sql.DriverdriverDeprecated.Instance of the JDBC Driver class we use as a connection factory.protected java.lang.StringdriverNameDeprecated.The JDBC driver to use.protected static java.lang.StringnameDeprecated.This will be removed in Tomcat 9 onwards.protected java.sql.PreparedStatementpreparedCredentialsDeprecated.The PreparedStatement to use for authenticating users.protected java.sql.PreparedStatementpreparedRolesDeprecated.The PreparedStatement to use for identifying the roles for a specified user.protected java.lang.StringroleNameColDeprecated.The column in the user role table that names a roleprotected java.lang.StringuserCredColDeprecated.The column in the user table that holds the user's credentialsprotected java.lang.StringuserNameColDeprecated.The column in the user table that holds the user's nameprotected java.lang.StringuserRoleTableDeprecated.The table that holds the relation between user's and rolesprotected java.lang.StringuserTableDeprecated.The table that holds user data.- 
Fields inherited from class org.apache.catalina.realm.RealmBaseallRolesMode, container, containerLog, realmPath, sm, stripRealmForGss, support, validate, x509UsernameRetriever, x509UsernameRetrieverClassName
 - 
Fields inherited from class org.apache.catalina.util.LifecycleMBeanBasemserver
 - 
Fields inherited from interface org.apache.catalina.LifecycleAFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
 
- 
 - 
Constructor SummaryConstructors Constructor Description JDBCRealm()Deprecated.
 - 
Method SummaryAll Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description java.security.Principalauthenticate(java.lang.String username, java.lang.String credentials)Deprecated.Return the Principal associated with the specified username and credentials, if there is one; otherwise returnnull.java.security.Principalauthenticate(java.sql.Connection dbConnection, java.lang.String username, java.lang.String credentials)Deprecated.Attempt to authenticate the user with the provided credentials.protected voidclose(java.sql.Connection dbConnection)Deprecated.Close the specified database connection.protected java.sql.PreparedStatementcredentials(java.sql.Connection dbConnection, java.lang.String username)Deprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.java.lang.StringgetConnectionName()Deprecated.java.lang.StringgetConnectionPassword()Deprecated.java.lang.StringgetConnectionURL()Deprecated.java.lang.StringgetDriverName()Deprecated.protected java.lang.StringgetName()Deprecated.protected java.lang.StringgetPassword(java.lang.String username)Deprecated.Get the password for the specified user.protected java.security.PrincipalgetPrincipal(java.lang.String username)Deprecated.Get the principal associated with the specified user.java.lang.StringgetRoleNameCol()Deprecated.protected java.util.ArrayList<java.lang.String>getRoles(java.lang.String username)Deprecated.Return the roles associated with the given user name.java.lang.StringgetUserCredCol()Deprecated.java.lang.StringgetUserNameCol()Deprecated.java.lang.StringgetUserRoleTable()Deprecated.java.lang.StringgetUserTable()Deprecated.booleanisAvailable()Deprecated.Return the availability of the realm for authentication.protected java.sql.Connectionopen()Deprecated.Open (if necessary) and return a database connection for use by this Realm.protected java.sql.PreparedStatementroles(java.sql.Connection dbConnection, java.lang.String username)Deprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.voidsetConnectionName(java.lang.String connectionName)Deprecated.Set the username to use to connect to the database.voidsetConnectionPassword(java.lang.String connectionPassword)Deprecated.Set the password to use to connect to the database.voidsetConnectionURL(java.lang.String connectionURL)Deprecated.Set the URL to use to connect to the database.voidsetDriverName(java.lang.String driverName)Deprecated.Set the JDBC driver that will be used.voidsetRoleNameCol(java.lang.String roleNameCol)Deprecated.Set the column in the user role table that names a role.voidsetUserCredCol(java.lang.String userCredCol)Deprecated.Set the column in the user table that holds the user's credentials.voidsetUserNameCol(java.lang.String userNameCol)Deprecated.Set the column in the user table that holds the user's name.voidsetUserRoleTable(java.lang.String userRoleTable)Deprecated.Set the table that holds the relation between user's and roles.voidsetUserTable(java.lang.String userTable)Deprecated.Set the table that holds user data.protected voidstartInternal()Deprecated.Prepare for the beginning of active use of the public methods of this component and implement the requirements ofLifecycleBase.startInternal().protected voidstopInternal()Deprecated.Gracefully terminate the active use of the public methods of this component and implement the requirements ofLifecycleBase.stopInternal().- 
Methods inherited from class org.apache.catalina.realm.RealmBaseaddPropertyChangeListener, authenticate, authenticate, authenticate, authenticate, authenticate, backgroundProcess, Digest, findSecurityConstraints, getAllRolesMode, getContainer, getCredentialHandler, getDigest, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getRoles, getServer, getTransportGuaranteeRedirectStatus, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasRoleInternal, hasUserDataPermission, initInternal, isStripRealmForGss, main, removePropertyChangeListener, setAllRolesMode, setContainer, setCredentialHandler, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setValidate, setX509UsernameRetrieverClassName, toString
 - 
Methods inherited from class org.apache.catalina.util.LifecycleMBeanBasedestroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister
 - 
Methods inherited from class org.apache.catalina.util.LifecycleBaseaddLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
 
- 
 
- 
- 
- 
Field Detail- 
connectionNameprotected java.lang.String connectionName Deprecated.The connection username to use when trying to connect to the database.
 - 
connectionPasswordprotected java.lang.String connectionPassword Deprecated.The connection URL to use when trying to connect to the database.
 - 
connectionURLprotected java.lang.String connectionURL Deprecated.The connection URL to use when trying to connect to the database.
 - 
dbConnectionprotected java.sql.Connection dbConnection Deprecated.The connection to the database.
 - 
driverprotected java.sql.Driver driver Deprecated.Instance of the JDBC Driver class we use as a connection factory.
 - 
driverNameprotected java.lang.String driverName Deprecated.The JDBC driver to use.
 - 
name@Deprecated protected static final java.lang.String name Deprecated.This will be removed in Tomcat 9 onwards.Descriptive information about this Realm implementation.- See Also:
- Constant Field Values
 
 - 
preparedCredentialsprotected java.sql.PreparedStatement preparedCredentials Deprecated.The PreparedStatement to use for authenticating users.
 - 
preparedRolesprotected java.sql.PreparedStatement preparedRoles Deprecated.The PreparedStatement to use for identifying the roles for a specified user.
 - 
roleNameColprotected java.lang.String roleNameCol Deprecated.The column in the user role table that names a role
 - 
userCredColprotected java.lang.String userCredCol Deprecated.The column in the user table that holds the user's credentials
 - 
userNameColprotected java.lang.String userNameCol Deprecated.The column in the user table that holds the user's name
 - 
userRoleTableprotected java.lang.String userRoleTable Deprecated.The table that holds the relation between user's and roles
 - 
userTableprotected java.lang.String userTable Deprecated.The table that holds user data.
 
- 
 - 
Method Detail- 
getConnectionNamepublic java.lang.String getConnectionName() Deprecated.- Returns:
- the username to use to connect to the database.
 
 - 
setConnectionNamepublic void setConnectionName(java.lang.String connectionName) Deprecated.Set the username to use to connect to the database.- Parameters:
- connectionName- Username
 
 - 
getConnectionPasswordpublic java.lang.String getConnectionPassword() Deprecated.- Returns:
- the password to use to connect to the database.
 
 - 
setConnectionPasswordpublic void setConnectionPassword(java.lang.String connectionPassword) Deprecated.Set the password to use to connect to the database.- Parameters:
- connectionPassword- User password
 
 - 
getConnectionURLpublic java.lang.String getConnectionURL() Deprecated.- Returns:
- the URL to use to connect to the database.
 
 - 
setConnectionURLpublic void setConnectionURL(java.lang.String connectionURL) Deprecated.Set the URL to use to connect to the database.- Parameters:
- connectionURL- The new connection URL
 
 - 
getDriverNamepublic java.lang.String getDriverName() Deprecated.- Returns:
- the JDBC driver that will be used.
 
 - 
setDriverNamepublic void setDriverName(java.lang.String driverName) Deprecated.Set the JDBC driver that will be used.- Parameters:
- driverName- The driver name
 
 - 
getRoleNameColpublic java.lang.String getRoleNameCol() Deprecated.- Returns:
- the column in the user role table that names a role.
 
 - 
setRoleNameColpublic void setRoleNameCol(java.lang.String roleNameCol) Deprecated.Set the column in the user role table that names a role.- Parameters:
- roleNameCol- The column name
 
 - 
getUserCredColpublic java.lang.String getUserCredCol() Deprecated.- Returns:
- the column in the user table that holds the user's credentials.
 
 - 
setUserCredColpublic void setUserCredCol(java.lang.String userCredCol) Deprecated.Set the column in the user table that holds the user's credentials.- Parameters:
- userCredCol- The column name
 
 - 
getUserNameColpublic java.lang.String getUserNameCol() Deprecated.- Returns:
- the column in the user table that holds the user's name.
 
 - 
setUserNameColpublic void setUserNameCol(java.lang.String userNameCol) Deprecated.Set the column in the user table that holds the user's name.- Parameters:
- userNameCol- The column name
 
 - 
getUserRoleTablepublic java.lang.String getUserRoleTable() Deprecated.- Returns:
- the table that holds the relation between user's and roles.
 
 - 
setUserRoleTablepublic void setUserRoleTable(java.lang.String userRoleTable) Deprecated.Set the table that holds the relation between user's and roles.- Parameters:
- userRoleTable- The table name
 
 - 
getUserTablepublic java.lang.String getUserTable() Deprecated.- Returns:
- the table that holds user data..
 
 - 
setUserTablepublic void setUserTable(java.lang.String userTable) Deprecated.Set the table that holds user data.- Parameters:
- userTable- The table name
 
 - 
authenticatepublic java.security.Principal authenticate(java.lang.String username, java.lang.String credentials)Deprecated.Return the Principal associated with the specified username and credentials, if there is one; otherwise returnnull. If there are any errors with the JDBC connection, executing the query or anything we return null (don't authenticate). This event is also logged, and the connection will be closed so that a subsequent request will automatically re-open it.- Specified by:
- authenticatein interface- Realm
- Overrides:
- authenticatein class- RealmBase
- Parameters:
- username- Username of the Principal to look up
- credentials- Password or other credentials to use in authenticating this username
- Returns:
- the associated principal, or nullif there is none.
 
 - 
authenticatepublic java.security.Principal authenticate(java.sql.Connection dbConnection, java.lang.String username, java.lang.String credentials)Deprecated.Attempt to authenticate the user with the provided credentials.- Parameters:
- dbConnection- The database connection to be used
- username- Username of the Principal to look up
- credentials- Password or other credentials to use in authenticating this username
- Returns:
- Return the Principal associated with the specified username and
         credentials, if there is one; otherwise return null.
 
 - 
isAvailablepublic boolean isAvailable() Deprecated.Description copied from interface:RealmReturn the availability of the realm for authentication.- Specified by:
- isAvailablein interface- Realm
- Overrides:
- isAvailablein class- RealmBase
- Returns:
- trueif the realm is able to perform authentication
 
 - 
closeprotected void close(java.sql.Connection dbConnection) Deprecated.Close the specified database connection.- Parameters:
- dbConnection- The connection to be closed
 
 - 
credentialsprotected java.sql.PreparedStatement credentials(java.sql.Connection dbConnection, java.lang.String username) throws java.sql.SQLExceptionDeprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.- Parameters:
- dbConnection- The database connection to be used
- username- Username for which credentials should be retrieved
- Returns:
- the prepared statement
- Throws:
- java.sql.SQLException- if a database error occurs
 
 - 
getName@Deprecated protected java.lang.String getName() Deprecated.
 - 
getPasswordprotected java.lang.String getPassword(java.lang.String username) Deprecated.Get the password for the specified user.- Specified by:
- getPasswordin class- RealmBase
- Parameters:
- username- The user name
- Returns:
- the password associated with the given principal's user name.
 
 - 
getPrincipalprotected java.security.Principal getPrincipal(java.lang.String username) Deprecated.Get the principal associated with the specified user.- Specified by:
- getPrincipalin class- RealmBase
- Parameters:
- username- The user name
- Returns:
- the Principal associated with the given user name.
 
 - 
getRolesprotected java.util.ArrayList<java.lang.String> getRoles(java.lang.String username) Deprecated.Return the roles associated with the given user name.- Parameters:
- username- The user name
- Returns:
- an array list of the role names
 
 - 
openprotected java.sql.Connection open() throws java.sql.SQLExceptionDeprecated.Open (if necessary) and return a database connection for use by this Realm.- Returns:
- the opened connection
- Throws:
- java.sql.SQLException- if a database error occurs
 
 - 
rolesprotected java.sql.PreparedStatement roles(java.sql.Connection dbConnection, java.lang.String username) throws java.sql.SQLExceptionDeprecated.Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.- Parameters:
- dbConnection- The database connection to be used
- username- Username for which roles should be retrieved
- Returns:
- the prepared statement
- Throws:
- java.sql.SQLException- if a database error occurs
 
 - 
startInternalprotected void startInternal() throws LifecycleExceptionDeprecated.Prepare for the beginning of active use of the public methods of this component and implement the requirements ofLifecycleBase.startInternal().- Overrides:
- startInternalin class- RealmBase
- Throws:
- LifecycleException- if this component detects a fatal error that prevents this component from being used
 
 - 
stopInternalprotected void stopInternal() throws LifecycleExceptionDeprecated.Gracefully terminate the active use of the public methods of this component and implement the requirements ofLifecycleBase.stopInternal().- Overrides:
- stopInternalin class- RealmBase
- Throws:
- LifecycleException- if this component detects a fatal error that needs to be reported
 
 
- 
 
-