org.mortbay.jetty.security
Class JDBCUserRealm

java.lang.Object
  extended by org.mortbay.component.AbstractLifeCycle
      extended by org.mortbay.jetty.security.HashUserRealm
          extended by org.mortbay.jetty.security.JDBCUserRealm
All Implemented Interfaces:
LifeCycle, SSORealm, UserRealm

public class JDBCUserRealm
extends HashUserRealm
implements UserRealm

HashMapped User Realm with JDBC as data source. JDBCUserRealm extends HashUserRealm and adds a method to fetch user information from database. The authenticate() method checks the inherited HashMap for the user. If the user is not found, it will fetch details from the database and populate the inherited HashMap. It then calls the HashUserRealm authenticate() method to perform the actual authentication. Periodically (controlled by configuration parameter), internal hashes are cleared. Caching can be disabled by setting cache refresh interval to zero. Uses one database connection that is initialized at startup. Reconnect on failures. authenticate() is 'synchronized'. An example properties file for configuration is in $JETTY_HOME/etc/jdbcRealm.properties

Version:
$Id: JDBCUserRealm.java 3345 2008-07-22 05:58:07Z dyu $
Author:
Arkadi Shishlov (arkadi), Fredrik Borgh, Greg Wilkins (gregw), Ben Alex

Nested Class Summary
 
Nested classes/interfaces inherited from interface org.mortbay.component.LifeCycle
LifeCycle.Listener
 
Field Summary
 
Fields inherited from class org.mortbay.jetty.security.HashUserRealm
__SSO, _roles, _users
 
Fields inherited from class org.mortbay.component.AbstractLifeCycle
_listeners
 
Constructor Summary
JDBCUserRealm()
          Constructor.
JDBCUserRealm(java.lang.String name)
          Constructor.
JDBCUserRealm(java.lang.String name, java.lang.String config)
          Constructor.
 
Method Summary
 java.security.Principal authenticate(java.lang.String username, java.lang.Object credentials, Request request)
          Authenticate a users credentials.
 void connectDatabase()
          (re)Connect to database with parameters setup by loadConfig()
 boolean isUserInRole(java.security.Principal user, java.lang.String roleName)
          Check if a user is in a role.
protected  void loadConfig()
          Load JDBC connection configuration from properties file.
 void logout(java.security.Principal user)
          logout a user Principal.
 
Methods inherited from class org.mortbay.jetty.security.HashUserRealm
addUserToRole, clearSingleSignOn, disassociate, doStart, doStop, dump, getConfig, getConfigResource, getName, getPrincipal, getRefreshInterval, getSingleSignOn, getSSORealm, popRole, pushRole, put, reauthenticate, setConfig, setName, setRefreshInterval, setSingleSignOn, setSSORealm, toString
 
Methods inherited from class org.mortbay.component.AbstractLifeCycle
addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface org.mortbay.jetty.security.UserRealm
disassociate, getName, getPrincipal, popRole, pushRole, reauthenticate
 

Constructor Detail

JDBCUserRealm

public JDBCUserRealm()
Constructor.


JDBCUserRealm

public JDBCUserRealm(java.lang.String name)
Constructor.

Parameters:
name -

JDBCUserRealm

public JDBCUserRealm(java.lang.String name,
                     java.lang.String config)
              throws java.io.IOException,
                     java.lang.ClassNotFoundException,
                     java.lang.InstantiationException,
                     java.lang.IllegalAccessException
Constructor.

Parameters:
name - Realm name
config - Filename or url of JDBC connection properties file.
Throws:
java.io.IOException
java.lang.ClassNotFoundException
java.lang.InstantiationException
java.lang.IllegalAccessException
Method Detail

loadConfig

protected void loadConfig()
                   throws java.io.IOException
Load JDBC connection configuration from properties file.

Overrides:
loadConfig in class HashUserRealm
Throws:
java.io.IOException

logout

public void logout(java.security.Principal user)
Description copied from interface: UserRealm
logout a user Principal. Called by authentication mechanisms (eg FORM) that can detect logout.

Specified by:
logout in interface UserRealm
Overrides:
logout in class HashUserRealm
Parameters:
user - A Principal previously returned from this realm

connectDatabase

public void connectDatabase()
(re)Connect to database with parameters setup by loadConfig()


authenticate

public java.security.Principal authenticate(java.lang.String username,
                                            java.lang.Object credentials,
                                            Request request)
Description copied from interface: UserRealm
Authenticate a users credentials. Implementations of this method may adorn the calling context to assoicate it with the authenticated principal (eg ThreadLocals). If such context associations are made, they should be considered valid until a UserRealm.deAuthenticate(UserPrincipal) call is made for this UserPrincipal.

Specified by:
authenticate in interface UserRealm
Overrides:
authenticate in class HashUserRealm
Parameters:
username - The username.
credentials - The user credentials, normally a String password.
request - The request to be authenticated. Additional parameters may be extracted or set on this request as needed for the authentication mechanism (none required for BASIC and FORM authentication).
Returns:
The authenticated UserPrincipal.

isUserInRole

public boolean isUserInRole(java.security.Principal user,
                            java.lang.String roleName)
Check if a user is in a role.

Specified by:
isUserInRole in interface UserRealm
Overrides:
isUserInRole in class HashUserRealm
Parameters:
user - The user, which must be from this realm
roleName -
Returns:
True if the user can act in the role.


Copyright © 1995-2009 Mort Bay Consulting. All Rights Reserved.