com.caucho.security
Class DatabaseAuthenticator

java.lang.Object
  extended by com.caucho.security.AbstractAuthenticator
      extended by com.caucho.security.AbstractCookieAuthenticator
          extended by com.caucho.security.DatabaseAuthenticator
All Implemented Interfaces:
HandleAware, Authenticator, CookieAuthenticator, java.io.Serializable
Direct Known Subclasses:
JdbcAuthenticator

public class DatabaseAuthenticator
extends AbstractCookieAuthenticator

An authenticator using JDBC.

The default table schema looks something like:

 CREATE TABLE LOGIN (
   username VARCHAR(250) NOT NULL,
   password VARCHAR(250),
   cookie VARCHAR(250),
   PRIMARY KEY (username)
 );
 
 <security:DatabaseAuthenticator data-source="jdbc/user"/>
 

See Also:
Serialized Form

Field Summary
protected  java.lang.String _cookieDomain
           
protected  long _cookieMaxAge
           
protected  int _cookieVersion
           
protected  boolean _useCookie
           
 
Fields inherited from class com.caucho.security.AbstractAuthenticator
_passwordDigest, _passwordDigestAlgorithm, _passwordDigestRealm
 
Constructor Summary
DatabaseAuthenticator()
           
 
Method Summary
protected  void addAuthCookie(java.security.Principal user, HttpServletRequest request)
          Adds a cookie to store authentication.
 boolean associateCookie(java.security.Principal user, java.lang.String cookieValue)
          Associates a user with a persistent cookie.
protected  java.security.Principal authenticate(java.security.Principal principal, PasswordCredentials cred, java.lang.Object details)
          Main authenticator API.
 java.security.Principal authenticate(java.lang.String username, java.lang.String password, HttpServletRequest request)
          Authenticates the user given the request.
 java.security.Principal authenticateByCookie(java.lang.String cookieValue)
          Authenticate based on a cookie.
 java.lang.String getCookieAuthQuery()
          Gets the cookie auth query.
 java.lang.String getCookieAuthUpdate()
          Gets the cookie update query.
 java.lang.String getCookieDomain()
          Returns the domain for a login cookie.
 long getCookieMaxAge()
          Returns the max-age for a login cookie.
 int getCookieVersion()
          Returns the version for a login cookie.
 javax.sql.DataSource getDataSource()
          Gets the database
 java.lang.String getPasswordQuery()
          Gets the password query.
protected  PasswordUser getPasswordUser(java.lang.String username)
          Returns the password for authenticators too lazy to calculate the digest.
 java.lang.String getRoleQuery()
          Gets the role query.
 boolean getUseCookie()
          Returns true if Resin should generate the resinauth cookie by default.
 void init()
          Initialize the authenticator.
 boolean isCookieSupported(java.lang.String jUseCookieAuth)
          Returns the authentication cookie
 boolean isUserInRole(java.security.Principal principal, java.lang.String role)
          Returns true if the user plays the named role.
 java.security.Principal loginImpl(java.lang.String username, java.lang.String password)
          Authenticates the user given the request.
 void setCookieAuthQuery(java.lang.String query)
          Sets the cookie auth query.
 void setCookieAuthUpdate(java.lang.String query)
          Sets the cookie update query.
 void setCookieDomain(java.lang.String cookieDomain)
          Sets the domain for a login cookie.
 void setCookieLogout(boolean cookieLogout)
          If true, the cookie is removed on logout
 void setCookieMaxAge(Period cookieMaxAge)
          Sets the max age for a login cookie.
 void setCookieVersion(int version)
          Sets the version for a login cookie.
 void setDataSource(javax.sql.DataSource dataSource)
          Sets the database pool name.
 void setPasswordQuery(java.lang.String query)
          Sets the password query.
 void setRoleQuery(java.lang.String query)
          Sets the role query.
 void setUseCookie(boolean useCookie)
          Set true if Resin should generate the resinauth cookie by default.
 
Methods inherited from class com.caucho.security.AbstractAuthenticator
addRoleMapping, authenticate, authenticate, authenticate, authenticate, digest, getAlgorithm, getDigest, getDigestSecret, getDigestSecret, getLogoutOnSessionTimeout, getPasswordDigest, getPasswordDigest, getPasswordDigestAlgorithm, getPasswordDigestRealm, getPasswordUser, getSingleSignon, logout, setLogoutOnSessionTimeout, setPasswordDigest, setPasswordDigestAlgorithm, setPasswordDigestRealm, setSerializationHandle, stringToDigest, toString, writeReplace
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface com.caucho.security.Authenticator
authenticate, getAlgorithm, logout
 

Field Detail

_useCookie

protected boolean _useCookie

_cookieVersion

protected int _cookieVersion

_cookieDomain

protected java.lang.String _cookieDomain

_cookieMaxAge

protected long _cookieMaxAge
Constructor Detail

DatabaseAuthenticator

public DatabaseAuthenticator()
Method Detail

getDataSource

public javax.sql.DataSource getDataSource()
Gets the database


setDataSource

public void setDataSource(javax.sql.DataSource dataSource)
Sets the database pool name.


getPasswordQuery

public java.lang.String getPasswordQuery()
Gets the password query.

Example:


 SELECT password FROM LOGIN WHERE username=?
 


setPasswordQuery

public void setPasswordQuery(java.lang.String query)
Sets the password query.


getCookieAuthQuery

public java.lang.String getCookieAuthQuery()
Gets the cookie auth query.


setCookieAuthQuery

public void setCookieAuthQuery(java.lang.String query)
Sets the cookie auth query.


getCookieAuthUpdate

public java.lang.String getCookieAuthUpdate()
Gets the cookie update query.


setCookieAuthUpdate

public void setCookieAuthUpdate(java.lang.String query)
Sets the cookie update query.


setCookieLogout

public void setCookieLogout(boolean cookieLogout)
If true, the cookie is removed on logout


getRoleQuery

public java.lang.String getRoleQuery()
Gets the role query.


setRoleQuery

public void setRoleQuery(java.lang.String query)
Sets the role query.


getUseCookie

public boolean getUseCookie()
Returns true if Resin should generate the resinauth cookie by default.


setUseCookie

public void setUseCookie(boolean useCookie)
Set true if Resin should generate the resinauth cookie by default.


getCookieVersion

public int getCookieVersion()
Returns the version for a login cookie.


setCookieVersion

public void setCookieVersion(int version)
Sets the version for a login cookie.


getCookieDomain

public java.lang.String getCookieDomain()
Returns the domain for a login cookie.


setCookieDomain

public void setCookieDomain(java.lang.String cookieDomain)
Sets the domain for a login cookie.


getCookieMaxAge

public long getCookieMaxAge()
Returns the max-age for a login cookie.


setCookieMaxAge

public void setCookieMaxAge(Period cookieMaxAge)
Sets the max age for a login cookie.


init

@PostConstruct
public void init()
          throws ServletException
Initialize the authenticator.

Overrides:
init in class AbstractAuthenticator
Throws:
ServletException

authenticate

protected java.security.Principal authenticate(java.security.Principal principal,
                                               PasswordCredentials cred,
                                               java.lang.Object details)
Main authenticator API.

Overrides:
authenticate in class AbstractAuthenticator

authenticate

public java.security.Principal authenticate(java.lang.String username,
                                            java.lang.String password,
                                            HttpServletRequest request)
Authenticates the user given the request.

Parameters:
username - the user name for the login
password - the password for the login
Returns:
the authenticated user or null for a failure

isCookieSupported

public boolean isCookieSupported(java.lang.String jUseCookieAuth)
Returns the authentication cookie

Specified by:
isCookieSupported in interface CookieAuthenticator
Overrides:
isCookieSupported in class AbstractCookieAuthenticator

addAuthCookie

protected void addAuthCookie(java.security.Principal user,
                             HttpServletRequest request)
Adds a cookie to store authentication.


loginImpl

public java.security.Principal loginImpl(java.lang.String username,
                                         java.lang.String password)
Authenticates the user given the request.

Parameters:
username - the user name for the login
password - the password for the login
Returns:
the authenticated user or null for a failure

getPasswordUser

protected PasswordUser getPasswordUser(java.lang.String username)
Returns the password for authenticators too lazy to calculate the digest.

Overrides:
getPasswordUser in class AbstractAuthenticator
Parameters:
username - the string user name
Returns:
the populated PasswordUser value

authenticateByCookie

public java.security.Principal authenticateByCookie(java.lang.String cookieValue)
Authenticate based on a cookie.

Specified by:
authenticateByCookie in interface CookieAuthenticator
Overrides:
authenticateByCookie in class AbstractCookieAuthenticator
Parameters:
cookieValue - the value of the resin-auth cookie
Returns:
the user for the cookie.

associateCookie

public boolean associateCookie(java.security.Principal user,
                               java.lang.String cookieValue)
Associates a user with a persistent cookie.

Specified by:
associateCookie in interface CookieAuthenticator
Overrides:
associateCookie in class AbstractCookieAuthenticator
Parameters:
user - the user for the cookie
cookieValue - the value of the resin-auth cookie
Returns:
true if the cookie value is valid, i.e. it's unique

isUserInRole

public boolean isUserInRole(java.security.Principal principal,
                            java.lang.String role)
Description copied from class: AbstractAuthenticator
Returns true if the user plays the named role.

Specified by:
isUserInRole in interface Authenticator
Overrides:
isUserInRole in class AbstractAuthenticator
Parameters:
principal - the user to test
role - the role to test