org.apache.catalina.realm
Class JDBCRealm

java.lang.Object
  extended byorg.apache.catalina.realm.RealmBase
      extended byorg.apache.catalina.realm.JDBCRealm
All Implemented Interfaces:
Lifecycle, Realm

public class JDBCRealm
extends RealmBase

Implmentation of Realm that works with any JDBC supported database. See the JDBCRealm.howto for more details on how to set up the database and for configuration options.

TODO - Support connection pooling (including message format objects) so that authenticate() does not have to be synchronized and would fix the ugly connection logic.

Version:
$Revision: 781382 $ $Date: 2009-06-03 15:02:06 +0100 (Wed, 03 Jun 2009) $
Author:
Craig R. McClanahan, Carson McDonald, Ignacio Ortega

Field Summary
protected  java.lang.String connectionName
          The connection username to use when trying to connect to the database.
protected  java.lang.String connectionPassword
          The connection URL to use when trying to connect to the database.
protected  java.lang.String connectionURL
          The connection URL to use when trying to connect to the database.
protected  java.sql.Connection dbConnection
          The connection to the database.
protected  java.sql.Driver driver
          Instance of the JDBC Driver class we use as a connection factory.
protected  java.lang.String driverName
          The JDBC driver to use.
protected static java.lang.String info
          Descriptive information about this Realm implementation.
protected static java.lang.String name
          Descriptive information about this Realm implementation.
protected  java.sql.PreparedStatement preparedCredentials
          The PreparedStatement to use for authenticating users.
protected  java.sql.PreparedStatement preparedRoles
          The PreparedStatement to use for identifying the roles for a specified user.
protected  java.lang.String roleNameCol
          The column in the user role table that names a role
protected static StringManager sm
          The string manager for this package.
protected  java.lang.String userCredCol
          The column in the user table that holds the user's credintials
protected  java.lang.String userNameCol
          The column in the user table that holds the user's name
protected  java.lang.String userRoleTable
          The table that holds the relation between user's and roles
protected  java.lang.String userTable
          The table that holds user data.
 
Fields inherited from class org.apache.catalina.realm.RealmBase
container, debug, digest, digestEncoding, lifecycle, md, md5Encoder, md5Helper, started, support, validate
 
Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, START_EVENT, STOP_EVENT
 
Constructor Summary
JDBCRealm()
           
 
Method Summary
 java.security.Principal authenticate(java.sql.Connection dbConnection, java.lang.String username, java.lang.String credentials)
          Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.
 java.security.Principal authenticate(java.lang.String username, java.lang.String credentials)
          Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.
protected  void close(java.sql.Connection dbConnection)
          Close the specified database connection.
protected  java.sql.PreparedStatement credentials(java.sql.Connection dbConnection, java.lang.String username)
          Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.
 java.lang.String getConnectionName()
          Return the username to use to connect to the database.
 java.lang.String getConnectionPassword()
          Return the password to use to connect to the database.
 java.lang.String getConnectionURL()
          Return the URL to use to connect to the database.
 java.lang.String getDriverName()
          Return the JDBC driver that will be used.
protected  java.lang.String getName()
          Return a short name for this Realm implementation.
protected  java.lang.String getPassword(java.lang.String username)
          Return the password associated with the given principal's user name.
protected  java.security.Principal getPrincipal(java.lang.String username)
          Return the Principal associated with the given user name.
 java.lang.String getRoleNameCol()
          Return the column in the user role table that names a role.
protected  java.util.ArrayList getRoles(java.lang.String username)
          Return the roles associated with the gven user name.
 java.lang.String getUserCredCol()
          Return the column in the user table that holds the user's credentials.
 java.lang.String getUserNameCol()
          Return the column in the user table that holds the user's name.
 java.lang.String getUserRoleTable()
          Return the table that holds the relation between user's and roles.
 java.lang.String getUserTable()
          Return the table that holds user data..
protected  java.sql.Connection open()
          Open (if necessary) and return a database connection for use by this Realm.
protected  void release(java.sql.Connection dbConnection)
          Release our use of this connection so that it can be recycled.
protected  java.sql.PreparedStatement roles(java.sql.Connection dbConnection, java.lang.String username)
          Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.
 void setConnectionName(java.lang.String connectionName)
          Set the username to use to connect to the database.
 void setConnectionPassword(java.lang.String connectionPassword)
          Set the password to use to connect to the database.
 void setConnectionURL(java.lang.String connectionURL)
          Set the URL to use to connect to the database.
 void setDriverName(java.lang.String driverName)
          Set the JDBC driver that will be used.
 void setRoleNameCol(java.lang.String roleNameCol)
          Set the column in the user role table that names a role.
 void setUserCredCol(java.lang.String userCredCol)
          Set the column in the user table that holds the user's credentials.
 void setUserNameCol(java.lang.String userNameCol)
          Set the column in the user table that holds the user's name.
 void setUserRoleTable(java.lang.String userRoleTable)
          Set the table that holds the relation between user's and roles.
 void setUserTable(java.lang.String userTable)
          Set the table that holds user data.
 void start()
          Prepare for active use of the public methods of this Component.
 void stop()
          Gracefully shut down active use of the public methods of this Component.
 
Methods inherited from class org.apache.catalina.realm.RealmBase
addLifecycleListener, addPropertyChangeListener, authenticate, authenticate, authenticate, digest, Digest, findLifecycleListeners, getContainer, getDebug, getDigest, getDigest, getDigestEncoding, getInfo, getPrincipal, getValidate, hasMessageDigest, hasRole, log, log, main, removeLifecycleListener, removePropertyChangeListener, setContainer, setDebug, setDigest, setDigestEncoding, setValidate
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

connectionName

protected java.lang.String connectionName
The connection username to use when trying to connect to the database.


connectionPassword

protected java.lang.String connectionPassword
The connection URL to use when trying to connect to the database.


connectionURL

protected java.lang.String connectionURL
The connection URL to use when trying to connect to the database.


dbConnection

protected java.sql.Connection dbConnection
The connection to the database.


driver

protected java.sql.Driver driver
Instance of the JDBC Driver class we use as a connection factory.


driverName

protected java.lang.String driverName
The JDBC driver to use.


info

protected static final java.lang.String info
Descriptive information about this Realm implementation.

See Also:
Constant Field Values

name

protected static final java.lang.String name
Descriptive information about this Realm implementation.

See Also:
Constant Field Values

preparedCredentials

protected java.sql.PreparedStatement preparedCredentials
The PreparedStatement to use for authenticating users.


preparedRoles

protected java.sql.PreparedStatement preparedRoles
The PreparedStatement to use for identifying the roles for a specified user.


roleNameCol

protected java.lang.String roleNameCol
The column in the user role table that names a role


sm

protected static final StringManager sm
The string manager for this package.


userCredCol

protected java.lang.String userCredCol
The column in the user table that holds the user's credintials


userNameCol

protected java.lang.String userNameCol
The column in the user table that holds the user's name


userRoleTable

protected java.lang.String userRoleTable
The table that holds the relation between user's and roles


userTable

protected java.lang.String userTable
The table that holds user data.

Constructor Detail

JDBCRealm

public JDBCRealm()
Method Detail

getConnectionName

public java.lang.String getConnectionName()
Return the username to use to connect to the database.


setConnectionName

public void setConnectionName(java.lang.String connectionName)
Set the username to use to connect to the database.

Parameters:
connectionName - Username

getConnectionPassword

public java.lang.String getConnectionPassword()
Return the password to use to connect to the database.


setConnectionPassword

public void setConnectionPassword(java.lang.String connectionPassword)
Set the password to use to connect to the database.

Parameters:
connectionPassword - User password

getConnectionURL

public java.lang.String getConnectionURL()
Return the URL to use to connect to the database.


setConnectionURL

public void setConnectionURL(java.lang.String connectionURL)
Set the URL to use to connect to the database.

Parameters:
connectionURL - The new connection URL

getDriverName

public java.lang.String getDriverName()
Return the JDBC driver that will be used.


setDriverName

public void setDriverName(java.lang.String driverName)
Set the JDBC driver that will be used.

Parameters:
driverName - The driver name

getRoleNameCol

public java.lang.String getRoleNameCol()
Return the column in the user role table that names a role.


setRoleNameCol

public void setRoleNameCol(java.lang.String roleNameCol)
Set the column in the user role table that names a role.

Parameters:
roleNameCol - The column name

getUserCredCol

public java.lang.String getUserCredCol()
Return the column in the user table that holds the user's credentials.


setUserCredCol

public void setUserCredCol(java.lang.String userCredCol)
Set the column in the user table that holds the user's credentials.

Parameters:
userCredCol - The column name

getUserNameCol

public java.lang.String getUserNameCol()
Return the column in the user table that holds the user's name.


setUserNameCol

public void setUserNameCol(java.lang.String userNameCol)
Set the column in the user table that holds the user's name.

Parameters:
userNameCol - The column name

getUserRoleTable

public java.lang.String getUserRoleTable()
Return the table that holds the relation between user's and roles.


setUserRoleTable

public void setUserRoleTable(java.lang.String userRoleTable)
Set the table that holds the relation between user's and roles.

Parameters:
userRoleTable - The table name

getUserTable

public java.lang.String getUserTable()
Return the table that holds user data..


setUserTable

public void setUserTable(java.lang.String userTable)
Set the table that holds user data.

Parameters:
userTable - The table name

authenticate

public java.security.Principal authenticate(java.lang.String username,
                                            java.lang.String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null. If there are any errors with the JDBC connection, executing the query or anything we return null (don't authenticate). This event is also logged, and the connection will be closed so that a subsequent request will automatically re-open it.

Specified by:
authenticate in interface Realm
Overrides:
authenticate in class RealmBase
Parameters:
username - Username of the Principal to look up
credentials - Password or other credentials to use in authenticating this username

authenticate

public java.security.Principal authenticate(java.sql.Connection dbConnection,
                                            java.lang.String username,
                                            java.lang.String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.

Parameters:
dbConnection - The database connection to be used
username - Username of the Principal to look up
credentials - Password or other credentials to use in authenticating this username

close

protected void close(java.sql.Connection dbConnection)
Close the specified database connection.

Parameters:
dbConnection - The connection to be closed

credentials

protected java.sql.PreparedStatement credentials(java.sql.Connection dbConnection,
                                                 java.lang.String username)
                                          throws java.sql.SQLException
Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.

Parameters:
dbConnection - The database connection to be used
username - Username for which credentials should be retrieved
Throws:
java.sql.SQLException - if a database error occurs

getName

protected java.lang.String getName()
Return a short name for this Realm implementation.

Specified by:
getName in class RealmBase

getPassword

protected java.lang.String getPassword(java.lang.String username)
Return the password associated with the given principal's user name.

Specified by:
getPassword in class RealmBase

getPrincipal

protected java.security.Principal getPrincipal(java.lang.String username)
Return the Principal associated with the given user name.

Specified by:
getPrincipal in class RealmBase

getRoles

protected java.util.ArrayList getRoles(java.lang.String username)
Return the roles associated with the gven user name.


open

protected java.sql.Connection open()
                            throws java.sql.SQLException
Open (if necessary) and return a database connection for use by this Realm.

Throws:
java.sql.SQLException - if a database error occurs

release

protected void release(java.sql.Connection dbConnection)
Release our use of this connection so that it can be recycled.

Parameters:
dbConnection - The connection to be released

roles

protected java.sql.PreparedStatement roles(java.sql.Connection dbConnection,
                                           java.lang.String username)
                                    throws java.sql.SQLException
Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.

Parameters:
dbConnection - The database connection to be used
username - Username for which roles should be retrieved
Throws:
java.sql.SQLException - if a database error occurs

start

public void start()
           throws LifecycleException
Prepare for active use of the public methods of this Component.

Specified by:
start in interface Lifecycle
Overrides:
start in class RealmBase
Throws:
LifecycleException - if this component detects a fatal error that prevents it from being started

stop

public void stop()
          throws LifecycleException
Gracefully shut down active use of the public methods of this Component.

Specified by:
stop in interface Lifecycle
Overrides:
stop in class RealmBase
Throws:
LifecycleException - if this component detects a fatal error that needs to be reported


Copyright © 2000-2002 Apache Software Foundation. All Rights Reserved.