All Packages Class Hierarchy This Package Previous Next Index
Class org.apache.tomcat.core.SimpleRequestSecurityProviderImpl
java.lang.Object
|
+----org.apache.tomcat.core.SimpleRequestSecurityProviderImpl
- public class SimpleRequestSecurityProviderImpl
- extends Object
- implements RequestSecurityProvider
Experimental implementation of a RequestSecurityProvider, based
on the org.apache.tomcat.request.SecurityCheck.MemoryRealm class.
An instance of this class is set as the RequestSecurityProvider for
a Context by the SecurityCheck interceptor if the Context doesn't
have a RequestSecurityProvider.
Since the whole security implementation is still experimental,
and the RequestSecurityProvider interface has been deprecated, this
class will likely be replaced soon.
- Author:
- Hans Bergsten
-
SimpleRequestSecurityProviderImpl(Hashtable)
-
-
getUserPrincipal(Context, HttpServletRequest)
- Returns a java.security.Principal object containing the name of
the current authenticated user.
-
isSecure(Context, HttpServletRequest)
- Returns a boolean indicating whether this request was made
using a secure channel, such as HTTPS
-
isUserInRole(Context, HttpServletRequest, String)
- Returns a boolean indicating whether the authenticated user
is included in the specified logical "role".
SimpleRequestSecurityProviderImpl
public SimpleRequestSecurityProviderImpl(Hashtable roles)
isUserInRole
public boolean isUserInRole(Context context,
HttpServletRequest req,
String role)
- Returns a boolean indicating whether the authenticated user
is included in the specified logical "role". Roles and role
membership can be defined using deployment descriptors. If
the user has not been authenticated, the method returns false.
- Parameters:
- context - not used. One instance of this class is associated
with one Context. The parameter is left over from a J2EE impl.
- req - the request to get the current user from
- role - the role name to check
- Returns:
- true if the user is in the role, false if not or if the
request user is not authenticated
getUserPrincipal
public Principal getUserPrincipal(Context context,
HttpServletRequest req)
- Returns a java.security.Principal object containing the name of
the current authenticated user.
- Parameters:
- context - not used. One instance of this class is associated
with one Context. The parameter is left over from a J2EE impl.
- req - the request to get the current user from
- Returns:
- a java.security.Principal containing the name of the
user making this request; null if the user has not been
authenticated
isSecure
public boolean isSecure(Context context,
HttpServletRequest req)
- Returns a boolean indicating whether this request was made
using a secure channel, such as HTTPS
- Parameters:
- context - not used. One instance of this class is associated
with one Context. The parameter is left over from a J2EE impl.
- req - the request
- Returns:
- a boolean indicating if the request was made using
a secure channel
All Packages Class Hierarchy This Package Previous Next Index