View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2015 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.jaas.spi;
20  
21  import java.sql.Connection;
22  import java.sql.PreparedStatement;
23  import java.sql.ResultSet;
24  import java.sql.SQLException;
25  import java.util.ArrayList;
26  import java.util.List;
27  import java.util.Map;
28  
29  import javax.security.auth.Subject;
30  import javax.security.auth.callback.CallbackHandler;
31  
32  import org.eclipse.jetty.util.log.Log;
33  import org.eclipse.jetty.util.log.Logger;
34  import org.eclipse.jetty.util.security.Credential;
35  
36  /**
37   * AbstractDatabaseLoginModule
38   *
39   * Abstract base class for LoginModules that interact with a
40   * database to retrieve authentication and authorization information.
41   * Used by the JDBCLoginModule and DataSourceLoginModule.
42   *
43   */
44  public abstract class AbstractDatabaseLoginModule extends AbstractLoginModule
45  {
46      private static final Logger LOG = Log.getLogger(AbstractDatabaseLoginModule.class);
47  
48      private String userQuery;
49      private String rolesQuery;
50      private String dbUserTable;
51      private String dbUserTableUserField;
52      private String dbUserTableCredentialField;
53      private String dbUserRoleTable;
54      private String dbUserRoleTableUserField;
55      private String dbUserRoleTableRoleField;
56  
57      /**
58       * @return a java.sql.Connection from the database
59       * @throws Exception if unable to get the connection
60       */
61      public abstract Connection getConnection () throws Exception;
62  
63  
64  
65      /* ------------------------------------------------ */
66      /** Load info from database
67       * @param userName user info to load
68       * @exception Exception if unable to get the user info
69       */
70      public UserInfo getUserInfo (String userName)
71          throws Exception
72      {
73          try (Connection connection = getConnection())
74          {
75  
76              //query for credential
77              String dbCredential = null;
78              try (PreparedStatement statement = connection.prepareStatement (userQuery))
79              {
80                  statement.setString (1, userName);
81                  try (ResultSet results = statement.executeQuery())
82                  {
83                      if (results.next())
84                      {
85                          dbCredential = results.getString(1);
86                      }
87                  }
88              }
89  
90              if (dbCredential==null)
91              {
92                  return null;
93              }
94  
95              //query for role names
96              List<String> roles = new ArrayList<String>();
97              try (PreparedStatement statement = connection.prepareStatement (rolesQuery))
98              {
99                  statement.setString (1, userName);
100                 try (ResultSet results = statement.executeQuery())
101                 {
102                     while (results.next())
103                     {
104                         String roleName = results.getString (1);
105                         roles.add (roleName);
106                     }
107                 }
108             }
109 
110             return new UserInfo (userName, Credential.getCredential(dbCredential), roles);
111         }
112     }
113 
114 
115     public void initialize(Subject subject,
116             CallbackHandler callbackHandler,
117             Map<String,?> sharedState,
118             Map<String,?> options)
119     {
120         super.initialize(subject, callbackHandler, sharedState, options);
121 
122         //get the user credential query out of the options
123         dbUserTable = (String)options.get("userTable");
124         dbUserTableUserField = (String)options.get("userField");
125         dbUserTableCredentialField = (String)options.get("credentialField");
126 
127         userQuery = "select "+dbUserTableCredentialField+" from "+dbUserTable+" where "+dbUserTableUserField+"=?";
128 
129 
130         //get the user roles query out of the options
131         dbUserRoleTable = (String)options.get("userRoleTable");
132         dbUserRoleTableUserField = (String)options.get("userRoleUserField");
133         dbUserRoleTableRoleField = (String)options.get("userRoleRoleField");
134 
135         rolesQuery = "select "+dbUserRoleTableRoleField+" from "+dbUserRoleTable+" where "+dbUserRoleTableUserField+"=?";
136 
137         if(LOG.isDebugEnabled())LOG.debug("userQuery = "+userQuery);
138         if(LOG.isDebugEnabled())LOG.debug("rolesQuery = "+rolesQuery);
139     }
140 }