public class LockOutRealm extends CombinedRealm
| Modifier and Type | Class and Description | 
|---|---|
| protected static class  | LockOutRealm.LockRecord | 
RealmBase.AllRolesModeLifecycle.SingleUse| Modifier and Type | Field and Description | 
|---|---|
| protected int | cacheRemovalWarningTimeIf a failed user is removed from the cache because the cache is too big
 before it has been in the cache for at least this period of time (in
 seconds) a warning message will be logged. | 
| protected int | cacheSizeNumber of users that have failed authentication to keep in cache. | 
| protected Map<String,LockOutRealm.LockRecord> | failedUsersUsers whose last authentication attempt failed. | 
| protected int | failureCountThe number of times in a row a user has to fail authentication to be
 locked out. | 
| protected int | lockOutTimeThe time (in seconds) a user is locked out for after too many
 authentication failures. | 
| protected static String | nameDescriptive information about this Realm implementation. | 
realmsallRolesMode, container, containerLog, digest, digestEncoding, info, md, md5Encoder, md5Helper, realmPath, sm, stripRealmForGss, support, validate, x509UsernameRetriever, x509UsernameRetrieverClassNamemserverAFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT| Constructor and Description | 
|---|
| LockOutRealm() | 
| Modifier and Type | Method and Description | 
|---|---|
| Principal | authenticate(GSSContext gssContext,
            boolean storeCreds)Try to authenticate using a  GSSContext | 
| Principal | authenticate(GSSName gssName,
            GSSCredential gssCredential)Try to authenticate using a  GSSName | 
| Principal | authenticate(String username,
            String credentials)Return the Principal associated with the specified username and
 credentials, if there is one; otherwise return  null. | 
| Principal | authenticate(String username,
            String clientDigest,
            String nonce,
            String nc,
            String cnonce,
            String qop,
            String realmName,
            String md5a2)Return the Principal associated with the specified username, which
 matches the digest calculated using the given parameters using the
 method described in RFC 2069; otherwise return  null. | 
| Principal | authenticate(X509Certificate[] certs)Return the Principal associated with the specified chain of X509
 client certificates. | 
| int | getCacheRemovalWarningTime()Get the minimum period a failed authentication must remain in the cache
 to avoid generating a warning if it is removed from the cache to make
 space for a new entry. | 
| int | getCacheSize()Get the maximum number of users for which authentication failure will be
 kept in the cache. | 
| int | getFailureCount()Get the number of failed authentication attempts required to lock the
 user account. | 
| int | getLockOutTime()Get the period for which an account will be locked. | 
| protected String | getName()Return a short name for this Realm implementation, for use in
 log messages. | 
| void | setCacheRemovalWarningTime(int cacheRemovalWarningTime)Set the minimum period a failed authentication must remain in the cache
 to avoid generating a warning if it is removed from the cache to make
 space for a new entry. | 
| void | setCacheSize(int cacheSize)Set the maximum number of users for which authentication failure will be
 kept in the cache. | 
| void | setFailureCount(int failureCount)Set the number of failed authentication attempts required to lock the
 user account. | 
| void | setLockOutTime(int lockOutTime)Set the period for which an account will be locked. | 
| protected void | startInternal()Prepare for the beginning of active use of the public methods of this
 component and implement the requirements of
  LifecycleBase.startInternal(). | 
| void | unlock(String username)Unlock the specified username. | 
addRealm, authenticate, backgroundProcess, destroyInternal, getPassword, getPrincipal, getRealms, hasRole, setContainer, stopInternaladdPropertyChangeListener, compareCredentials, digest, Digest, findSecurityConstraints, getAllRolesMode, getContainer, getDigest, getDigest, getDigestCharset, getDigestEncoding, getDomainInternal, getInfo, getObjectNameKeyProperties, getPrincipal, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getServer, getTransportGuaranteeRedirectStatus, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasUserDataPermission, initInternal, isStripRealmForGss, main, removePropertyChangeListener, setAllRolesMode, setDigest, setDigestEncoding, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setValidate, setX509UsernameRetrieverClassName, toStringgetDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregisteraddLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stopprotected static final String name
protected int failureCount
protected int lockOutTime
protected int cacheSize
protected int cacheRemovalWarningTime
protected Map<String,LockOutRealm.LockRecord> failedUsers
protected void startInternal()
                      throws LifecycleException
LifecycleBase.startInternal().startInternal in class CombinedRealmLifecycleException - if this component detects a fatal error
  that prevents this component from being usedpublic Principal authenticate(String username, String clientDigest, String nonce, String nc, String cnonce, String qop, String realmName, String md5a2)
null.authenticate in interface Realmauthenticate in class CombinedRealmusername - Username of the Principal to look upclientDigest - Digest which has been submitted by the clientnonce - Unique (or supposedly unique) token which has been used
 for this requestrealmName - Realm namemd5a2 - Second MD5 digest used to calculate the digest :
 MD5(Method + ":" + uri)nc - the nonce countercnonce - the client chosen nonceqop - the "quality of protection" (nc and cnonce
        will only be used, if qop is not null).null if there is none.public Principal authenticate(String username, String credentials)
null.authenticate in interface Realmauthenticate in class CombinedRealmusername - Username of the Principal to look upcredentials - Password or other credentials to use in
  authenticating this usernamenull if there is none.public Principal authenticate(X509Certificate[] certs)
null.authenticate in interface Realmauthenticate in class CombinedRealmcerts - Array of client certificates, with the first one in
  the array being the certificate of the client itself.null if there is nonepublic Principal authenticate(GSSContext gssContext, boolean storeCreds)
GSSContextauthenticate in interface Realmauthenticate in class CombinedRealmgssContext - The gssContext processed by the Authenticator.storeCreds - Should the realm attempt to store the delegated
                   credentials in the returned Principal?null if there is nonepublic Principal authenticate(GSSName gssName, GSSCredential gssCredential)
GSSNameauthenticate in interface GSSRealmauthenticate in class CombinedRealmgssName - The GSSName of the principal to look upgssCredential - The GSSCredential of the principal, may be
                      nullnull if there is nonepublic void unlock(String username)
username - The user to unlockpublic int getFailureCount()
public void setFailureCount(int failureCount)
failureCount - the failureCount to setpublic int getLockOutTime()
protected String getName()
RealmBasegetName in class CombinedRealmpublic void setLockOutTime(int lockOutTime)
lockOutTime - the lockOutTime to setpublic int getCacheSize()
public void setCacheSize(int cacheSize)
cacheSize - the cacheSize to setpublic int getCacheRemovalWarningTime()
public void setCacheRemovalWarningTime(int cacheRemovalWarningTime)
cacheRemovalWarningTime - the cacheRemovalWarningTime to setCopyright © 2000-2020 Apache Software Foundation. All Rights Reserved.