1
2
3
4
5
6
7
8
9
10
11
12
13
14 package org.eclipse.jetty.plus.jaas.spi;
15
16 import java.sql.Connection;
17 import java.sql.PreparedStatement;
18 import java.sql.ResultSet;
19 import java.sql.SQLException;
20 import java.util.ArrayList;
21 import java.util.List;
22 import java.util.Map;
23
24 import javax.security.auth.Subject;
25 import javax.security.auth.callback.CallbackHandler;
26
27 import org.eclipse.jetty.http.security.Credential;
28 import org.eclipse.jetty.util.log.Log;
29
30
31
32
33
34
35
36
37
38 public abstract class AbstractDatabaseLoginModule extends AbstractLoginModule
39 {
40 private String userQuery;
41 private String rolesQuery;
42 private String dbUserTable;
43 private String dbUserTableUserField;
44 private String dbUserTableCredentialField;
45 private String dbUserRoleTable;
46 private String dbUserRoleTableUserField;
47 private String dbUserRoleTableRoleField;
48
49
50
51
52
53
54
55
56 public abstract Connection getConnection () throws Exception;
57
58
59
60
61
62
63
64
65 public UserInfo getUserInfo (String userName)
66 throws Exception
67 {
68 Connection connection = null;
69
70 try
71 {
72 connection = getConnection();
73
74
75 PreparedStatement statement = connection.prepareStatement (userQuery);
76 statement.setString (1, userName);
77 ResultSet results = statement.executeQuery();
78 String dbCredential = null;
79 if (results.next())
80 {
81 dbCredential = results.getString(1);
82 }
83 results.close();
84 statement.close();
85
86
87 statement = connection.prepareStatement (rolesQuery);
88 statement.setString (1, userName);
89 results = statement.executeQuery();
90 List roles = new ArrayList();
91
92 while (results.next())
93 {
94 String roleName = results.getString (1);
95 roles.add (roleName);
96 }
97
98 results.close();
99 statement.close();
100
101 return dbCredential==null ? null : new UserInfo (userName,
102 Credential.getCredential(dbCredential), roles);
103 }
104 finally
105 {
106 if (connection != null) connection.close();
107 }
108 }
109
110
111 public void initialize(Subject subject,
112 CallbackHandler callbackHandler,
113 Map sharedState,
114 Map options)
115 {
116 super.initialize(subject, callbackHandler, sharedState, options);
117
118
119 dbUserTable = (String)options.get("userTable");
120 dbUserTableUserField = (String)options.get("userField");
121 dbUserTableCredentialField = (String)options.get("credentialField");
122
123 userQuery = "select "+dbUserTableCredentialField+" from "+dbUserTable+" where "+dbUserTableUserField+"=?";
124
125
126
127 dbUserRoleTable = (String)options.get("userRoleTable");
128 dbUserRoleTableUserField = (String)options.get("userRoleUserField");
129 dbUserRoleTableRoleField = (String)options.get("userRoleRoleField");
130
131 rolesQuery = "select "+dbUserRoleTableRoleField+" from "+dbUserRoleTable+" where "+dbUserRoleTableUserField+"=?";
132
133 if(Log.isDebugEnabled())Log.debug("userQuery = "+userQuery);
134 if(Log.isDebugEnabled())Log.debug("rolesQuery = "+rolesQuery);
135 }
136 }