org.apache.catalina.realm

Class JDBCRealm

Implemented Interfaces:
Lifecycle, MBeanRegistration, Realm

public class JDBCRealm
extends RealmBase

Implmentation of Realm that works with any JDBC supported database. See the JDBCRealm.howto for more details on how to set up the database and for configuration options.

TODO - Support connection pooling (including message format objects) so that authenticate() does not have to be synchronized and would fix the ugly connection logic.

Version:
$Revision: 1.7 $ $Date: 2004/05/26 15:51:08 $

Authors:
Craig R. McClanahan
Carson McDonald
Ignacio Ortega

Field Summary

protected String
connectionName
The connection username to use when trying to connect to the database.
protected String
connectionPassword
The connection URL to use when trying to connect to the database.
protected String
connectionURL
The connection URL to use when trying to connect to the database.
protected Connection
dbConnection
The connection to the database.
protected Driver
driver
Instance of the JDBC Driver class we use as a connection factory.
protected String
driverName
The JDBC driver to use.
protected static String
info
Descriptive information about this Realm implementation.
protected static String
name
Descriptive information about this Realm implementation.
protected PreparedStatement
preparedCredentials
The PreparedStatement to use for authenticating users.
protected PreparedStatement
preparedRoles
The PreparedStatement to use for identifying the roles for a specified user.
protected String
roleNameCol
The column in the user role table that names a role
protected static StringManager
sm
The string manager for this package.
protected String
userCredCol
The column in the user table that holds the user's credintials
protected String
userNameCol
The column in the user table that holds the user's name
protected String
userRoleTable
The table that holds the relation between user's and roles
protected String
userTable
The table that holds user data.

Fields inherited from class org.apache.catalina.realm.RealmBase

container, controller, debug, digest, digestEncoding, domain, host, info, initialized, lifecycle, md, md5Encoder, md5Helper, mserver, oname, path, sm, started, support, type, validate

Fields inherited from interface org.apache.catalina.Lifecycle

AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, START_EVENT, STOP_EVENT

Method Summary

Principal
authenticate(Connection dbConnection, String username, String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.
Principal
authenticate(String username, String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.
protected void
close(Connection dbConnection)
Close the specified database connection.
protected PreparedStatement
credentials(Connection dbConnection, String username)
Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.
String
getConnectionName()
Return the username to use to connect to the database.
String
getConnectionPassword()
Return the password to use to connect to the database.
String
getConnectionURL()
Return the URL to use to connect to the database.
String
getDriverName()
Return the JDBC driver that will be used.
protected String
getName()
Return a short name for this Realm implementation.
protected String
getPassword(String username)
Return the password associated with the given principal's user name.
protected Principal
getPrincipal(String username)
Return the Principal associated with the given user name.
String
getRoleNameCol()
Return the column in the user role table that names a role.
String
getUserCredCol()
Return the column in the user table that holds the user's credentials.
String
getUserNameCol()
Return the column in the user table that holds the user's name.
String
getUserRoleTable()
Return the table that holds the relation between user's and roles.
String
getUserTable()
Return the table that holds user data..
protected Connection
open()
Open (if necessary) and return a database connection for use by this Realm.
protected void
release(Connection dbConnection)
Release our use of this connection so that it can be recycled.
protected PreparedStatement
roles(Connection dbConnection, String username)
Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.
void
setConnectionName(String connectionName)
Set the username to use to connect to the database.
void
setConnectionPassword(String connectionPassword)
Set the password to use to connect to the database.
void
setConnectionURL(String connectionURL)
Set the URL to use to connect to the database.
void
setDriverName(String driverName)
Set the JDBC driver that will be used.
void
setRoleNameCol(String roleNameCol)
Set the column in the user role table that names a role.
void
setUserCredCol(String userCredCol)
Set the column in the user table that holds the user's credentials.
void
setUserNameCol(String userNameCol)
Set the column in the user table that holds the user's name.
void
setUserRoleTable(String userRoleTable)
Set the table that holds the relation between user's and roles.
void
setUserTable(String userTable)
Set the table that holds user data.
void
start()
Prepare for active use of the public methods of this Component.
void
stop()
Gracefully shut down active use of the public methods of this Component.

Methods inherited from class org.apache.catalina.realm.RealmBase

Digest, addLifecycleListener, addPropertyChangeListener, authenticate, authenticate, authenticate, authenticate, destroy, digest, findLifecycleListeners, findSecurityConstraints, getContainer, getController, getDebug, getDigest, getDigest, getDigestEncoding, getDomain, getInfo, getName, getObjectName, getPassword, getPrincipal, getType, getValidate, hasMessageDigest, hasResourcePermission, hasRole, hasUserDataPermission, init, log, log, main, postDeregister, postRegister, preDeregister, preRegister, removeLifecycleListener, removePropertyChangeListener, setContainer, setController, setDebug, setDigest, setDigestEncoding, setValidate, start, stop

Field Details

connectionName

protected String connectionName
The connection username to use when trying to connect to the database.


connectionPassword

protected String connectionPassword
The connection URL to use when trying to connect to the database.


connectionURL

protected String connectionURL
The connection URL to use when trying to connect to the database.


dbConnection

protected Connection dbConnection
The connection to the database.


driver

protected Driver driver
Instance of the JDBC Driver class we use as a connection factory.


driverName

protected String driverName
The JDBC driver to use.


info

protected static final String info
Descriptive information about this Realm implementation.


name

protected static final String name
Descriptive information about this Realm implementation.


preparedCredentials

protected PreparedStatement preparedCredentials
The PreparedStatement to use for authenticating users.


preparedRoles

protected PreparedStatement preparedRoles
The PreparedStatement to use for identifying the roles for a specified user.


roleNameCol

protected String roleNameCol
The column in the user role table that names a role


sm

protected static final StringManager sm
The string manager for this package.


userCredCol

protected String userCredCol
The column in the user table that holds the user's credintials


userNameCol

protected String userNameCol
The column in the user table that holds the user's name


userRoleTable

protected String userRoleTable
The table that holds the relation between user's and roles


userTable

protected String userTable
The table that holds user data.

Method Details

authenticate

public Principal authenticate(Connection dbConnection,
                              String username,
                              String credentials)
            throws SQLException
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null.

Parameters:
dbConnection - The database connection to be used
username - Username of the Principal to look up
credentials - Password or other credentials to use in authenticating this username


authenticate

public Principal authenticate(String username,
                              String credentials)
Return the Principal associated with the specified username and credentials, if there is one; otherwise return null. If there are any errors with the JDBC connection, executing the query or anything we return null (don't authenticate). This event is also logged, and the connection will be closed so that a subsequent request will automatically re-open it.
Specified by:
authenticate in interface Realm
Overrides:
authenticate in interface RealmBase

Parameters:
username - Username of the Principal to look up
credentials - Password or other credentials to use in authenticating this username


close

protected void close(Connection dbConnection)
Close the specified database connection.

Parameters:
dbConnection - The connection to be closed


credentials

protected PreparedStatement credentials(Connection dbConnection,
                                        String username)
            throws SQLException
Return a PreparedStatement configured to perform the SELECT required to retrieve user credentials for the specified username.

Parameters:
dbConnection - The database connection to be used
username - Username for which credentials should be retrieved


getConnectionName

public String getConnectionName()
Return the username to use to connect to the database.


getConnectionPassword

public String getConnectionPassword()
Return the password to use to connect to the database.


getConnectionURL

public String getConnectionURL()
Return the URL to use to connect to the database.


getDriverName

public String getDriverName()
Return the JDBC driver that will be used.


getName

protected String getName()
Return a short name for this Realm implementation.
Overrides:
getName in interface RealmBase


getPassword

protected String getPassword(String username)
Return the password associated with the given principal's user name.
Overrides:
getPassword in interface RealmBase


getPrincipal

protected Principal getPrincipal(String username)
Return the Principal associated with the given user name.
Overrides:
getPrincipal in interface RealmBase


getRoleNameCol

public String getRoleNameCol()
Return the column in the user role table that names a role.


getUserCredCol

public String getUserCredCol()
Return the column in the user table that holds the user's credentials.


getUserNameCol

public String getUserNameCol()
Return the column in the user table that holds the user's name.


getUserRoleTable

public String getUserRoleTable()
Return the table that holds the relation between user's and roles.


getUserTable

public String getUserTable()
Return the table that holds user data..


open

protected Connection open()
            throws SQLException
Open (if necessary) and return a database connection for use by this Realm.


release

protected void release(Connection dbConnection)
Release our use of this connection so that it can be recycled.

Parameters:
dbConnection - The connection to be released


roles

protected PreparedStatement roles(Connection dbConnection,
                                  String username)
            throws SQLException
Return a PreparedStatement configured to perform the SELECT required to retrieve user roles for the specified username.

Parameters:
dbConnection - The database connection to be used
username - Username for which roles should be retrieved


setConnectionName

public void setConnectionName(String connectionName)
Set the username to use to connect to the database.

Parameters:
connectionName - Username


setConnectionPassword

public void setConnectionPassword(String connectionPassword)
Set the password to use to connect to the database.

Parameters:
connectionPassword - User password


setConnectionURL

public void setConnectionURL(String connectionURL)
Set the URL to use to connect to the database.

Parameters:
connectionURL - The new connection URL


setDriverName

public void setDriverName(String driverName)
Set the JDBC driver that will be used.

Parameters:
driverName - The driver name


setRoleNameCol

public void setRoleNameCol(String roleNameCol)
Set the column in the user role table that names a role.

Parameters:
roleNameCol - The column name


setUserCredCol

public void setUserCredCol(String userCredCol)
Set the column in the user table that holds the user's credentials.

Parameters:
userCredCol - The column name


setUserNameCol

public void setUserNameCol(String userNameCol)
Set the column in the user table that holds the user's name.

Parameters:
userNameCol - The column name


setUserRoleTable

public void setUserRoleTable(String userRoleTable)
Set the table that holds the relation between user's and roles.

Parameters:
userRoleTable - The table name


setUserTable

public void setUserTable(String userTable)
Set the table that holds user data.

Parameters:
userTable - The table name


start

public void start()
            throws LifecycleException
Prepare for active use of the public methods of this Component.
Specified by:
start in interface Lifecycle
Overrides:
start in interface RealmBase

Throws:
LifecycleException - if this component detects a fatal error that prevents it from being started


stop

public void stop()
            throws LifecycleException
Gracefully shut down active use of the public methods of this Component.
Specified by:
stop in interface Lifecycle
Overrides:
stop in interface RealmBase

Throws:
LifecycleException - if this component detects a fatal error that needs to be reported


Copyright B) 2000-2003 Apache Software Foundation. All Rights Reserved.