You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by cr...@locus.apache.org on 2000/07/27 01:13:09 UTC
cvs commit: jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/realm package.html JDBCRealm.java MemoryRealm.java RealmBase.java
craigmcc 00/07/26 16:13:07
Modified: proposals/catalina/src/share/org/apache/tomcat/realm
JDBCRealm.java MemoryRealm.java RealmBase.java
Added: proposals/catalina/src/share/org/apache/tomcat/realm
package.html
Log:
Tune the performance of the realm applications by avoiding the use of
collections entirely when possible, and using Java2 collection classes
where necessary.
Add a Javadoc package file describing the classes in this package.
Revision Changes Path
1.4 +14 -8 jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/realm/JDBCRealm.java
Index: JDBCRealm.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/realm/JDBCRealm.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- JDBCRealm.java 2000/06/21 00:04:31 1.3
+++ JDBCRealm.java 2000/07/26 23:13:05 1.4
@@ -63,9 +63,6 @@
import java.beans.PropertyChangeSupport;
import java.security.Principal;
import java.io.File;
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.Vector;
import org.apache.tomcat.Container;
import org.apache.tomcat.Lifecycle;
import org.apache.tomcat.LifecycleEvent;
@@ -699,9 +696,9 @@
/**
- * The set of valid roles for this Principal.
+ * The role names possessed by this Principal.
*/
- private Vector roles = new Vector();
+ private String roles[] = new String[0];
/**
@@ -727,7 +724,16 @@
* @param role The new role to be assigned
*/
void addRole(String role) {
- roles.addElement(role);
+ if (role == null)
+ return;
+ for (int i = 0; i < roles.length; i++) {
+ if (role.equals(roles[i]))
+ return;
+ }
+ String results[] = new String[roles.length + 1];
+ for (int i = 0; i < roles.length; i++)
+ results[i] = roles[i];
+ results[roles.length] = role;
}
@@ -754,8 +760,8 @@
boolean hasRole(String role) {
if (role == null)
return (false);
- for (int i = 0; i < roles.size(); i++) {
- if (role.equals((String) roles.elementAt(i)))
+ for (int i = 0; i < roles.length; i++) {
+ if (role.equals(roles[i]))
return (true);
}
return (false);
1.7 +75 -52 jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/realm/MemoryRealm.java
Index: MemoryRealm.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/realm/MemoryRealm.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- MemoryRealm.java 2000/05/31 01:33:31 1.6
+++ MemoryRealm.java 2000/07/26 23:13:06 1.7
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/realm/MemoryRealm.java,v 1.6 2000/05/31 01:33:31 remm Exp $
- * $Revision: 1.6 $
- * $Date: 2000/05/31 01:33:31 $
+ * $Header: /home/cvs/jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/realm/MemoryRealm.java,v 1.7 2000/07/26 23:13:06 craigmcc Exp $
+ * $Revision: 1.7 $
+ * $Date: 2000/07/26 23:13:06 $
*
* ====================================================================
*
@@ -69,9 +69,7 @@
import java.beans.PropertyChangeSupport;
import java.security.Principal;
import java.io.File;
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.Vector;
+import java.util.HashMap;
import org.apache.tomcat.Container;
import org.apache.tomcat.Lifecycle;
import org.apache.tomcat.LifecycleEvent;
@@ -91,9 +89,14 @@
* Simple implementation of <b>Realm</b> that reads an XML file to configure
* the valid users, passwords, and roles. The file format (and default file
* location) are identical to those currently supported by Tomcat 3.X.
+ * <p>
+ * <strong>IMPLEMENTATION NOTE</strong>: It is assumed that the in-memory
+ * collection representing our defined users (and their roles) is initialized
+ * at application startup and never modified again. Therefore, no thread
+ * synchronization is performed around accesses to the principals collection.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.6 $ $Date: 2000/05/31 01:33:31 $
+ * @version $Revision: 1.7 $ $Date: 2000/07/26 23:13:06 $
*/
public final class MemoryRealm
@@ -138,16 +141,10 @@
/**
* The set of valid Principals for this Realm, keyed by user name.
*/
- private Hashtable principals = new Hashtable();
+ private HashMap principals = new HashMap();
/**
- * Map role names to Vectors containing the associated Principals.
- */
- private Hashtable roles = new Hashtable();
-
-
- /**
* The string manager for this package.
*/
private static StringManager sm =
@@ -293,36 +290,19 @@
*/
public boolean hasRole(Principal principal, String role) {
- MemoryRealmPrincipal realPrincipal =
- (MemoryRealmPrincipal) principals.get(principal.getName());
- if (realPrincipal == null) {
- if (debug > 1)
- log(sm.getString("memoryRealm.hasRoleUser",
- principal.getName()));
+ if ((principal == null) || (role == null) ||
+ !(principal instanceof MemoryRealmPrincipal))
return (false);
- }
- String name = realPrincipal.getName();
- Vector users = (Vector) roles.get(role);
- if (users == null) {
- if (debug > 1)
- log(sm.getString("memoryRealm.hasRoleNone", role));
- return (false);
- }
-
- Enumeration items = users.elements();
- while (items.hasMoreElements()) {
- String item = (String) items.nextElement();
- if (name.equals(item)) {
- if (debug > 1)
- log(sm.getString("memoryRealm.hasRoleSuccess",
- name, role));
- return (true);
- }
+ boolean result = ((MemoryRealmPrincipal) principal).hasRole(role);
+ if (debug > 1) {
+ String name = principal.getName();
+ if (result)
+ log(sm.getString("memoryRealm.hasRoleSuccess", name, role));
+ else
+ log(sm.getString("memoryRealm.hasRoleFailure", name, role));
}
- if (debug > 1)
- log(sm.getString("memoryRealm.hasRoleFailure", name, role));
- return (false);
+ return (result);
}
@@ -361,13 +341,7 @@
if (comma < 0)
break;
String role = roles.substring(0, comma).trim();
- Vector users = (Vector) this.roles.get(role);
- if (users == null) {
- users = new Vector();
- this.roles.put(role, users);
- }
- users.addElement(username);
- roles = roles.substring(comma + 1);
+ principal.addRole(role);
}
}
@@ -549,16 +523,23 @@
final class MemoryRealmPrincipal implements Principal {
+
/**
- * The username for this Principal.
+ * The password for this Principal.
*/
- private String username = null;
+ private String password = null;
/**
- * The password for this Principal.
+ * The role names possessed by this Principal.
*/
- private String password = null;
+ private String roles[] = new String[0];
+
+
+ /**
+ * The username for this Principal.
+ */
+ private String username = null;
/**
@@ -576,6 +557,29 @@
/**
+ * Add a new role name to the set possessed by this Principal.
+ *
+ * @param role The role to be added
+ */
+ public void addRole(String role) {
+
+ if (role == null)
+ return;
+
+ for (int i = 0; i < roles.length; i++) {
+ if (role.equals(roles[i]))
+ return;
+ }
+
+ String results[] = new String[roles.length + 1];
+ for (int i = 0; i < roles.length; i++)
+ results[i] = roles[i];
+ results[roles.length] = role;
+
+ }
+
+
+ /**
* Return the name of this Principal.
*/
public String getName() {
@@ -591,6 +595,25 @@
public String getPassword() {
return (password);
+
+ }
+
+
+ /**
+ * Does this Principal possess the specified role?
+ *
+ * @param role Role to be checked
+ */
+ public boolean hasRole(String role) {
+
+ if (role == null)
+ return (false);
+
+ for (int i = 0; i < roles.length; i++) {
+ if (role.equals(roles[i]))
+ return (true);
+ }
+ return (false);
}
1.4 +10 -13 jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/realm/RealmBase.java
Index: RealmBase.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/realm/RealmBase.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- RealmBase.java 2000/06/04 23:18:47 1.3
+++ RealmBase.java 2000/07/26 23:13:06 1.4
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/realm/RealmBase.java,v 1.3 2000/06/04 23:18:47 remm Exp $
- * $Revision: 1.3 $
- * $Date: 2000/06/04 23:18:47 $
+ * $Header: /home/cvs/jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/realm/RealmBase.java,v 1.4 2000/07/26 23:13:06 craigmcc Exp $
+ * $Revision: 1.4 $
+ * $Date: 2000/07/26 23:13:06 $
*
* ====================================================================
*
@@ -71,9 +71,6 @@
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.io.File;
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.Vector;
import org.apache.tomcat.Container;
import org.apache.tomcat.Lifecycle;
import org.apache.tomcat.LifecycleEvent;
@@ -96,7 +93,7 @@
* location) are identical to those currently supported by Tomcat 3.X.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.3 $ $Date: 2000/06/04 23:18:47 $
+ * @version $Revision: 1.4 $ $Date: 2000/07/26 23:13:06 $
*/
public abstract class RealmBase
@@ -425,12 +422,6 @@
/**
- * Return the password associated with the given principal's user name.
- */
- protected abstract String getPassword(String username);
-
-
- /**
* Return the digest associated with given principal's user name.
*/
protected String getDigest(String username, String realmName) {
@@ -448,6 +439,12 @@
md5Helper.digest(digestValue.getBytes());
return md5Encoder.encode(digest);
}
+
+
+ /**
+ * Return the password associated with the given principal's user name.
+ */
+ protected abstract String getPassword(String username);
/**
1.1 jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/realm/package.html
Index: package.html
===================================================================
<body>
<p>This package contains <code>Realm</code> implementations for the
various supported realm technologies for authenticating users and
identifying their associated roles. The <code>Realm</code> that is
associated with a web application's <code>Context</code> (or a hierarchically
superior Container) is used to resolve authentication and role presence
questions when a web application uses container managed security as described
in the Servlet API Specification, version 2.2.</p>
<p>The implementations share a common base class that supports basic
functionality for all of the standard <code>Realm</code> implementations,
and can be configured by setting the following properties (default values
are in square brackets):</p>
<ul>
<li><b>debug</b> - Debugging detail level for this component. [0]</li>
</ul>
<p>The standard <code>Realm</code> implementations that are currently
available include the following (with additional configuration properties
as specified):</p>
<ul>
<li><b>JDBCRealm</b> - Implementation of <code>Realm</code> that operates
from data stored in a relational database that is accessed via a JDBC
driver. The name of the driver, database connection information, and
the names of the relevant tables and columns are configured with the
following additional properties:
<ul>
<li><b>connectionURL</b> - The URL to use when connecting to this database.
[REQUIRED - NO DEFAULT]</li>
<li><b>driverName</b> - Fully qualified Java class name of the JDBC driver
to be used. [REQUIRED - NO DEFAULT]</li>
<li><b>roleNameCol</b> - Name of the database column that contains role
names. [REQUIRED - NO DEFAULT]</li>
<li><b>userCredCol</b> - Name of the database column that contains the
user's credentials (i.e. password) in cleartext. [REQUIRED -
NO DEFAULT]</li>
<li><b>userNameCol</b> - Name of the database column that contains the
user's logon username. [REQUIRED - NO DEFAULT]</li>
<li><b>userRoleTable</b> - Name of the database table containing user
role information. This table must include the columns specified by
the <code>userNameCol</code> and <code>roleNameCol</code> properties.
[REQUIRED - NO DEFAULT]</li>
<li><b>userTable</b> - Name of the database table containing user
information. This table must include the columns specified by the
<code>userNameCol</code> and <code>userCredCol</code> properties.
[REQUIRED - NO DEFAULT]</li>
</ul>
</li>
<li><b>MemoryRealm</b> - Implementation of <code>Realm</code> that uses the
contents of a simple XML file (<code>conf/tomcat-users.xml</code>) as the
list of valid users and their roles. This implementation is primarily to
demonstrate that the authentication technology functions correctly, and is
not anticipated as adequate for general purpose use. This component
supports the following additional properties:
<ul>
<li><b>pathname</b> - Pathname of the XML file containing our user and
role information. If a relative pathname is specified, it is resolved
against the pathname specified by the "catalina.home" system property.
[conf/tomcat-users.xml]</li>
</ul>
</ul>
</body>