1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.eclipse.jetty.jaas.spi;
20
21 import java.sql.Connection;
22 import java.sql.PreparedStatement;
23 import java.sql.ResultSet;
24 import java.util.ArrayList;
25 import java.util.List;
26 import java.util.Map;
27
28 import javax.security.auth.Subject;
29 import javax.security.auth.callback.CallbackHandler;
30
31 import org.eclipse.jetty.util.log.Log;
32 import org.eclipse.jetty.util.log.Logger;
33 import org.eclipse.jetty.util.security.Credential;
34
35
36
37
38
39
40
41
42
43 public abstract class AbstractDatabaseLoginModule extends AbstractLoginModule
44 {
45 private static final Logger LOG = Log.getLogger(AbstractDatabaseLoginModule.class);
46
47 private String userQuery;
48 private String rolesQuery;
49 private String dbUserTable;
50 private String dbUserTableUserField;
51 private String dbUserTableCredentialField;
52 private String dbUserRoleTable;
53 private String dbUserRoleTableUserField;
54 private String dbUserRoleTableRoleField;
55
56
57
58
59
60 public abstract Connection getConnection () throws Exception;
61
62
63 public class JDBCUserInfo extends UserInfo
64 {
65 public JDBCUserInfo (String userName, Credential credential)
66 {
67 super(userName, credential);
68 }
69
70
71
72 @Override
73 public List<String> doFetchRoles ()
74 throws Exception
75 {
76 return getRoles(getUserName());
77 }
78 }
79
80
81
82
83
84
85
86
87 public UserInfo getUserInfo (String userName)
88 throws Exception
89 {
90 try (Connection connection = getConnection())
91 {
92
93
94 String dbCredential = null;
95 try (PreparedStatement statement = connection.prepareStatement (userQuery))
96 {
97 statement.setString (1, userName);
98 try (ResultSet results = statement.executeQuery())
99 {
100 if (results.next())
101 {
102 dbCredential = results.getString(1);
103 }
104 }
105 }
106
107 if (dbCredential==null)
108 {
109 return null;
110 }
111
112
113
114 return new JDBCUserInfo (userName, Credential.getCredential(dbCredential));
115 }
116 }
117
118
119 public List<String> getRoles (String userName)
120 throws Exception
121 {
122 List<String> roles = new ArrayList<String>();
123
124 try (Connection connection = getConnection())
125 {
126
127
128 try (PreparedStatement statement = connection.prepareStatement (rolesQuery))
129 {
130 statement.setString (1, userName);
131 try (ResultSet results = statement.executeQuery())
132 {
133 while (results.next())
134 {
135 String roleName = results.getString (1);
136 roles.add (roleName);
137 }
138 }
139 }
140
141 }
142
143 return roles;
144 }
145
146
147
148
149 public void initialize(Subject subject,
150 CallbackHandler callbackHandler,
151 Map<String,?> sharedState,
152 Map<String,?> options)
153 {
154 super.initialize(subject, callbackHandler, sharedState, options);
155
156
157 dbUserTable = (String)options.get("userTable");
158 dbUserTableUserField = (String)options.get("userField");
159 dbUserTableCredentialField = (String)options.get("credentialField");
160
161 userQuery = "select "+dbUserTableCredentialField+" from "+dbUserTable+" where "+dbUserTableUserField+"=?";
162
163
164
165 dbUserRoleTable = (String)options.get("userRoleTable");
166 dbUserRoleTableUserField = (String)options.get("userRoleUserField");
167 dbUserRoleTableRoleField = (String)options.get("userRoleRoleField");
168
169 rolesQuery = "select "+dbUserRoleTableRoleField+" from "+dbUserRoleTable+" where "+dbUserRoleTableUserField+"=?";
170
171 if(LOG.isDebugEnabled())LOG.debug("userQuery = "+userQuery);
172 if(LOG.isDebugEnabled())LOG.debug("rolesQuery = "+rolesQuery);
173 }
174 }