java.lang.Object
java.util.AbstractMap
java.util.HashMap
org.mortbay.http.HashUserRealm
org.mortbay.http.JDBCUserRealm
- All Implemented Interfaces:
- java.lang.Cloneable, java.io.Externalizable, java.util.Map, java.io.Serializable, SSORealm, UserRealm
- public class JDBCUserRealm
- extends HashUserRealm
HashMapped User Realm with JDBC as data source.
JDBCUserRealm extends HashUserRealm and adds a method to fetch user
information from database.
The authenticate() method checks the inherited HashMap for the user.
If the user is not found, it will fetch details from the database
and populate the inherited HashMap. It then calls the HashUserRealm
authenticate() method to perform the actual authentication.
Periodically (controlled by configuration parameter), internal
hashes are cleared. Caching can be disabled by setting cache
refresh interval to zero.
Uses one database connection that is initialized at startup. Reconnect
on failures. authenticate() is 'synchronized'.
An example properties file for configuration is in
$JETTY_HOME/etc/jdbcRealm.properties
- Version:
- $Id: JDBCUserRealm.java,v 1.15 2003/10/12 11:58:32 gregwilkins Exp $
| Nested classes inherited from class org.mortbay.http.HashUserRealm |
|
| Nested classes inherited from class java.util.HashMap |
|
| Nested classes inherited from class java.util.AbstractMap |
|
| Nested classes inherited from class java.util.Map |
java.util.Map.Entry |
| Fields inherited from class java.util.HashMap |
|
| Methods inherited from class org.mortbay.http.HashUserRealm |
addUserToRole, clearSingleSignOn, disassociate, dump, getName, getPrincipal, getSingleSignOn, getSSORealm, isUserInRole, load, popRole, pushRole, put, readExternal, reauthenticate, setName, setSingleSignOn, setSSORealm, toString, writeExternal |
| Methods inherited from class java.util.HashMap |
clear, clone, containsKey, containsValue, entrySet, get, isEmpty, keySet, putAll, remove, size, values |
log
private static org.apache.commons.logging.Log log
_jdbcDriver
private java.lang.String _jdbcDriver
_url
private java.lang.String _url
_userName
private java.lang.String _userName
_password
private java.lang.String _password
_userTable
private java.lang.String _userTable
_userTableKey
private java.lang.String _userTableKey
_userTableUserField
private java.lang.String _userTableUserField
_userTablePasswordField
private java.lang.String _userTablePasswordField
_roleTable
private java.lang.String _roleTable
_roleTableKey
private java.lang.String _roleTableKey
_roleTableRoleField
private java.lang.String _roleTableRoleField
_userRoleTable
private java.lang.String _userRoleTable
_userRoleTableUserKey
private java.lang.String _userRoleTableUserKey
_userRoleTableRoleKey
private java.lang.String _userRoleTableRoleKey
_cacheTime
private int _cacheTime
_lastHashPurge
private long _lastHashPurge
_con
private java.sql.Connection _con
_userSql
private java.lang.String _userSql
_roleSql
private java.lang.String _roleSql
JDBCUserRealm
public JDBCUserRealm(java.lang.String name)
- Constructor.
JDBCUserRealm
public JDBCUserRealm(java.lang.String name,
java.lang.String config)
throws java.io.IOException,
java.lang.ClassNotFoundException,
java.lang.InstantiationException,
java.lang.IllegalAccessException
- Constructor.
loadConfig
public void loadConfig(java.lang.String config)
throws java.io.IOException
- Load JDBC connection configuration from properties file.
logout
public void logout(java.security.Principal user)
- Description copied from interface:
UserRealm
- logout a user Principal.
Called by authentication mechanisms (eg FORM) that can detect logout.
- Specified by:
logout in interface UserRealm- Overrides:
logout in class HashUserRealm
connectDatabase
public void connectDatabase()
- (re)Connect to database with parameters setup by loadConfig()
authenticate
public java.security.Principal authenticate(java.lang.String username,
java.lang.Object credentials,
HttpRequest request)
- Description copied from interface:
UserRealm
- Authenticate a users credentials.
Implementations of this method may adorn the calling context to
assoicate it with the authenticated principal (eg ThreadLocals). If
such context associations are made, they should be considered valid
until a UserRealm.deAuthenticate(UserPrincipal) call is made for this
UserPrincipal.
- Specified by:
authenticate in interface UserRealm- Overrides:
authenticate in class HashUserRealm
authenticate
public java.security.Principal authenticate(java.lang.String username,
java.lang.String credentials,
HttpRequest request)
loadUser
private void loadUser(java.lang.String username)
JAVADOC | 
SOURCE | 
DOWNLOAD | NESTED | FIELD | CONSTR | METHOD