Authenticator implementations for the
various supported authentication methods (BASIC, DIGEST, and FORM).See: Description
| Class | Description |
|---|---|
| AuthenticatorBase |
Basic implementation of the Valve interface that enforces the
<security-constraint>
elements in the web application deployment descriptor. |
| BasicAuthenticator |
An Authenticator and Valve implementation of HTTP BASIC Authentication, as outlined in RFC 7617: "The
'Basic' HTTP Authentication Scheme"
|
| BasicAuthenticator.BasicCredentials |
Parser for an HTTP Authorization header for BASIC authentication as per RFC 2617 section 2, and the Base64
encoded credentials as per RFC 2045 section 6.8.
|
| Constants | |
| DigestAuthenticator |
An Authenticator and Valve implementation of HTTP DIGEST Authentication, as outlined in RFC 7616: "HTTP
Digest Authentication"
|
| DigestAuthenticator.DigestInfo | |
| DigestAuthenticator.NonceInfo | |
| FormAuthenticator |
An Authenticator and Valve implementation of FORM BASED Authentication, as described in the Servlet API
Specification.
|
| NonLoginAuthenticator |
An Authenticator and Valve implementation that checks only security constraints not involving user
authentication.
|
| SavedRequest |
Object that saves the critical information from a request so that form-based authentication can reproduce it once the
user has been authenticated.
|
| SingleSignOn |
A Valve that supports a "single sign on" user experience, where the security identity of a user who
successfully authenticates to one web application is propagated to other web applications in the same security
domain.
|
| SingleSignOnEntry |
A class that represents entries in the cache of authenticated users.
|
| SingleSignOnListener | |
| SingleSignOnSessionKey |
Key used by SSO to identify a session.
|
| SpnegoAuthenticator |
A SPNEGO authenticator that uses the SPNEGO/Kerberos support built in to Java 6.
|
| SpnegoAuthenticator.AcceptAction |
This class gets a gss credential via a privileged action.
|
| SpnegoAuthenticator.AuthenticateAction | |
| SpnegoAuthenticator.SpnegoTokenFixer |
This class implements a hack around an incompatibility between the SPNEGO implementation in Windows and the
SPNEGO implementation in Java 8 update 40 onwards.
|
| SSLAuthenticator |
An Authenticator and Valve implementation of authentication that utilizes SSL certificates to identify
client users.
|
| Enum | Description |
|---|---|
| AuthenticatorBase.AllowCorsPreflight | |
| DigestAuthenticator.AuthDigest |
This enum exists because RFC 7616 and Java use different names for some digests.
|
This package contains Authenticator implementations for the
various supported authentication methods (BASIC, DIGEST, and FORM). In
addition, there is a convenience base class,
AuthenticatorBase, for customized Authenticator
implementations.
If you are using the standard context configuration class
(org.apache.catalina.startup.ContextConfig) to configure the
Authenticator associated with a particular context, you can register the Java
class to be used for each possible authentication method by modifying the
following Properties file:
src/share/org/apache/catalina/startup/Authenticators.properties
Each of the standard implementations extends a common base class
(AuthenticatorBase), which is configured by setting the
following JavaBeans properties (with default values in square brackets):
Realm) if this request
is part of an HTTP session? [true]The standard authentication methods that are currently provided include:
Copyright © 2000-2024 Apache Software Foundation.
Apache Tomcat, Tomcat, Apache, the Apache Tomcat logo and the Apache logo are either registered trademarks or trademarks of the Apache Software Foundation.