Package org.apache.catalina.security

Class SecurityListener

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected void checkOsUser()  
      protected void checkServerBuildAge()  
      protected void checkUmask()  
      protected void doChecks()
      Execute the security checks.
      int getBuildDateWarningAgeDays()
      Gets the number of days that may pass between the build-date of this Tomcat instance before warnings are printed.
      java.lang.String getCheckedOsUsers()
      Returns the current list of operating system users not permitted to run Tomcat.
      java.lang.String getMinimumUmask()
      Get the minimum umask that must be configured before Tomcat will start.
      void lifecycleEvent​(LifecycleEvent event)
      Acknowledge the occurrence of the specified event.
      void setBuildDateWarningAgeDays​(java.lang.String ageDays)
      Sets the number of days that may pass between the build-date of this Tomcat instance before warnings are printed.
      void setCheckedOsUsers​(java.lang.String userNameList)
      Set the list of operating system users not permitted to run Tomcat.
      void setMinimumUmask​(java.lang.String umask)
      Set the minimum umask that must be configured before Tomcat will start.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • SecurityListener

        public SecurityListener()

    • Method Detail

      • setCheckedOsUsers

        public void setCheckedOsUsers​(java.lang.String userNameList)
        Set the list of operating system users not permitted to run Tomcat. By default, only root is prevented from running Tomcat. Calling this method with null or the empty string will clear the list of users and effectively disables this check. Usernames will always be checked in a case-insensitive manner using the system default Locale.
        Parameters:
        userNameList - A comma separated list of operating system users not permitted to run Tomcat

      • getCheckedOsUsers

        public java.lang.String getCheckedOsUsers()
        Returns the current list of operating system users not permitted to run Tomcat.
        Returns:
        A comma separated list of operating system usernames.

      • setMinimumUmask

        public void setMinimumUmask​(java.lang.String umask)
        Set the minimum umask that must be configured before Tomcat will start.
        Parameters:
        umask - The 4-digit umask as returned by the OS command umask

      • getMinimumUmask

        public java.lang.String getMinimumUmask()
        Get the minimum umask that must be configured before Tomcat will start.
        Returns:
        The 4-digit umask as used by the OS command umask

      • setBuildDateWarningAgeDays

        public void setBuildDateWarningAgeDays​(java.lang.String ageDays)
        Sets the number of days that may pass between the build-date of this Tomcat instance before warnings are printed.
        Parameters:
        ageDays - The number of days a Tomcat build is allowed to age before logging warnings.

      • getBuildDateWarningAgeDays

        public int getBuildDateWarningAgeDays()
        Gets the number of days that may pass between the build-date of this Tomcat instance before warnings are printed.
        Returns:
        The number of days a Tomcat build is allowed to age before logging warnings.

      • doChecks

        protected void doChecks()
        Execute the security checks. Each check should be in a separate method.

      • checkOsUser

        protected void checkOsUser()

      • checkUmask

        protected void checkUmask()

      • checkServerBuildAge

        protected void checkServerBuildAge()