Tomcat security realm with MongoDB
Security Realms is a Tomcat's build in feature for protecting web application resoureces.Amongthe many types of security realms there's one that uses a normal realtional database for userauthentication (JDBCRealm).In this tutorial we will see how to make a realm that uses mongoDBinstead of a relational database.
As a first step we must define the realm class.for further information on DAO objects see Integrate MongoDB into java web applications.
import com.javaonlymongoDB.daos.DaoFactory;
import com.javaonlymongoDB.daos.RoleDao;
import com.javaonlymongoDB.daos.UserDao;
import com.mongodb.DBCursor;
import com.mongodb.DBObject;
import java.security.Principal;
import java.util.ArrayList;
import java.util.List;
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.realm.RealmBase;
public class MongoRealm extends RealmBase {
@Override
protected String getName() {
return this.getClass().getSimpleName();
}
@Override
protected String getPassword(final String username) {
String password="";
UserDao userDao = DaoFactory.getUserDao();
DBCursor all = userDao.getPassword(username);
while (all.hasNext()) {
DBObject bject = all.next();
password= (String) object.get("password");
System.out.println("NAAMEEE:" + password);
}
return password;
}
@Override
protected Principal getPrincipal(final String username) {
String name = "";
final List roles = new ArrayList();
RoleDao roleDao = DaoFactory.getRoleDao();
DBCursor all = roleDao.getRole(username);
while (all.hasNext()) {
DBObject bject = all.next();
name = (String) object.get("role_name");
}
String password = "";
UserDao userDao = DaoFactory.getUserDao();
DBCursor al = userDao.getPassword(username);
while (al.hasNext()) {
DBObject bject = al.next();
password= (String) object.get("password");
}
roles.add(name);
return new GenericPrincipal(this, username, password, roles);
}
}
As a first step we must define the realm class.for further information on DAO objects see Integrate MongoDB into java web applications.
CODE:
package com.javaonlymongoDB.realm;import com.javaonlymongoDB.daos.DaoFactory;
import com.javaonlymongoDB.daos.RoleDao;
import com.javaonlymongoDB.daos.UserDao;
import com.mongodb.DBCursor;
import com.mongodb.DBObject;
import java.security.Principal;
import java.util.ArrayList;
import java.util.List;
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.realm.RealmBase;
public class MongoRealm extends RealmBase {
@Override
protected String getName() {
return this.getClass().getSimpleName();
}
@Override
protected String getPassword(final String username) {
String password="";
UserDao userDao = DaoFactory.getUserDao();
DBCursor all = userDao.getPassword(username);
while (all.hasNext()) {
DBObject bject = all.next();
password= (String) object.get("password");
System.out.println("NAAMEEE:" + password);
}
return password;
}
@Override
protected Principal getPrincipal(final String username) {
String name = "";
final List roles = new ArrayList();
RoleDao roleDao = DaoFactory.getRoleDao();
DBCursor all = roleDao.getRole(username);
while (all.hasNext()) {
DBObject bject = all.next();
name = (String) object.get("role_name");
}
String password = "";
UserDao userDao = DaoFactory.getUserDao();
DBCursor al = userDao.getPassword(username);
while (al.hasNext()) {
DBObject bject = al.next();
password= (String) object.get("password");
}
roles.add(name);
return new GenericPrincipal(this, username, password, roles);
}
}
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/301743/viewspace-731263/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- Realm for SwiftSwift
- realm 之於 iOSiOS
- Realm的入門使用
- 蘋果推新AI:ReALM蘋果AI
- 放置遊戲大成之作 — Realm Grinder遊戲
- Realm ios踩坑筆記iOS筆記
- iOS開發swift -- Realm入門iOSSwift
- Realm for Android快速入門教程Android
- Security
- 移動端資料庫新王者:realm資料庫
- Realm資料庫 從入門到“放棄”資料庫
- shiro多realm配置免密碼登陸密碼
- Realm 資料庫 從入門到“放棄”資料庫
- Oracle SecurityOracle
- DB SECURITY
- 基於iOS 10、realm封裝的下載器iOS封裝
- Rails Security (上)AI
- Spring SecuritySpring
- SDN security papers
- WS-Security
- oracle audit and securityOracle
- Security Authorizations (247)
- Spring Security原始碼分析八:Spring Security 退出Spring原始碼
- Realm:一個基於 Rust 的全新流量轉發工具Rust
- SpringBoot+Shiro學習(四):Realm授權Spring Boot
- Spring Security原始碼分析九:Spring Security Session管理Spring原始碼Session
- WCF Security:Silverlight authentication for WCF service based on security token
- 1.1.2 Security Officers
- 41. The Security Namespacenamespace
- Android Service SecurityAndroid
- A Security Analysis Of Browser Extensions
- Spring Security 上Spring
- 初探Spring SecuritySpring
- Spring Security(二)Spring
- Shrio(Simple,Java,Security)Java
- spring security(一)Spring
- Content Security Policy
- Spring Security(6)Spring