|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.ecyrd.jspwiki.auth.user.AbstractUserDatabase
com.ecyrd.jspwiki.auth.user.JDBCUserDatabase
public class JDBCUserDatabase
Implementation of UserDatabase that persists DefaultUserProfile
objects to a JDBC DataSource, as might typically be provided by a web
container. This implementation looks up the JDBC DataSource using JNDI.
The JNDI name of the datasource, backing table and mapped columns used
by this class are configured via settings in jspwiki.properties
.
Configurable properties are these:
Property | Default | Definition | ||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
jspwiki.userdatabase.datasource |
jdbc/UserDatabase |
The JNDI name of the DataSource | ||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.table |
users |
The table that stores the user profiles | ||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.created |
created |
The column containing the profile's creation timestamp | ||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.email |
email |
The column containing the user's e-mail address | ||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.fullName |
full_name |
The column containing the user's full name | ||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.loginName |
login_name |
The column containing the user's login id | ||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.password |
password |
The column containing the user's password | ||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.modified |
modified |
The column containing the profile's last-modified timestamp | ||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.wikiName |
wiki_name |
The column containing the user's wiki name | ||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.roleTable |
roles |
The table that stores user roles. When a new user is created, a new record is inserted containing user's initial role. The table will have an ID column whose name and values correspond to the contents of the user table's login name column. It will also contain a role column (see next row). | ||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.role |
role |
The column in the role table that stores user roles. When a new user
is created, this column will be populated with the value
Authenticated . Once created, JDBCUserDatabase does not
use this column again; it is provided strictly for the convenience
of container-managed authentication services. |
||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.hashPrefix |
true |
Whether or not to prepend a prefix for the hash algorithm, e.g.,
{SHA} . |
This class hashes passwords using SHA-1. All of the underying SQL commands used by this class are implemented using prepared statements, so it is immune to SQL injection attacks.
This class is typically used in conjunction with a web container's JNDI resource
factory. For example, Tomcat versions 4 and higher provide a basic JNDI factory
for registering DataSources. To give JSPWiki access to the JNDI resource named
by , you would declare the datasource resource similar to this:
<Context ...>
...
<Resource name="jdbc/UserDatabase" auth="Container"
type="javax.sql.DataSource" username="dbusername" password="dbpassword"
driverClassName="org.hsql.jdbcDriver" url="jdbc:HypersonicSQL:database"
maxActive="8" maxIdle="4"/>
...
</Context>
JDBC driver JARs should be added to Tomcat's common/lib
directory.
For more Tomcat 5.5 JNDI configuration examples,
see
http://tomcat.apache.org/tomcat-5.5-doc/jndi-resources-howto.html.
Field Summary | |
---|---|
static String |
DEFAULT_DB_CREATED
|
static String |
DEFAULT_DB_EMAIL
|
static String |
DEFAULT_DB_FULL_NAME
|
static String |
DEFAULT_DB_HASH_PREFIX
|
static String |
DEFAULT_DB_JNDI_NAME
|
static String |
DEFAULT_DB_LOGIN_NAME
|
static String |
DEFAULT_DB_MODIFIED
|
static String |
DEFAULT_DB_PASSWORD
|
static String |
DEFAULT_DB_ROLE
|
static String |
DEFAULT_DB_ROLE_TABLE
|
static String |
DEFAULT_DB_TABLE
|
static String |
DEFAULT_DB_WIKI_NAME
|
static String |
PROP_DB_CREATED
|
static String |
PROP_DB_DATASOURCE
|
static String |
PROP_DB_EMAIL
|
static String |
PROP_DB_FULL_NAME
|
static String |
PROP_DB_HASH_PREFIX
|
static String |
PROP_DB_LOGIN_NAME
|
static String |
PROP_DB_MODIFIED
|
static String |
PROP_DB_PASSWORD
|
static String |
PROP_DB_ROLE
|
static String |
PROP_DB_ROLE_TABLE
|
static String |
PROP_DB_TABLE
|
static String |
PROP_DB_WIKI_NAME
|
Fields inherited from class com.ecyrd.jspwiki.auth.user.AbstractUserDatabase |
---|
log, PROP_SHARED_WITH_CONTAINER, SHA_PREFIX |
Constructor Summary | |
---|---|
JDBCUserDatabase()
|
Method Summary | |
---|---|
void |
commit()
Persists the current state of the user database to back-end storage. |
void |
deleteByLoginName(String loginName)
Looks up and deletes the first UserProfile in the user database
that matches a profile having a given login name. |
UserProfile |
findByEmail(String index)
Looks up and returns the first UserProfile in the user database
that matches a profile having a given e-mail address. |
UserProfile |
findByFullName(String index)
Looks up and returns the first UserProfile in the user database
that matches a profile having a given full name. |
UserProfile |
findByLoginName(String index)
Looks up and returns the first UserProfile in the user database
that matches a profile having a given login name. |
UserProfile |
findByWikiName(String index)
Looks up and returns the first UserProfile in the user database
that matches a profile having a given wiki name. |
Principal[] |
getWikiNames()
Returns all WikiNames that are stored in the UserDatabase as an array of WikiPrincipal objects. |
void |
initialize(WikiEngine engine,
Properties props)
Initializes the user database based on values from a Properties object. |
boolean |
isSharedWithContainer()
Determines whether the user database shares user/password data with the web container; returns true if the JSPWiki property
jspwiki.userdatabase.isSharedWithContainer is true . |
void |
save(UserProfile profile)
Saves a UserProfile to the user database, overwriting the
existing profile if it exists. |
Methods inherited from class com.ecyrd.jspwiki.auth.user.AbstractUserDatabase |
---|
find, getHash, getPrincipals, newProfile, validatePassword |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String DEFAULT_DB_CREATED
public static final String DEFAULT_DB_EMAIL
public static final String DEFAULT_DB_FULL_NAME
public static final String DEFAULT_DB_HASH_PREFIX
public static final String DEFAULT_DB_JNDI_NAME
public static final String DEFAULT_DB_MODIFIED
public static final String DEFAULT_DB_ROLE
public static final String DEFAULT_DB_ROLE_TABLE
public static final String DEFAULT_DB_TABLE
public static final String DEFAULT_DB_LOGIN_NAME
public static final String DEFAULT_DB_PASSWORD
public static final String DEFAULT_DB_WIKI_NAME
public static final String PROP_DB_CREATED
public static final String PROP_DB_EMAIL
public static final String PROP_DB_FULL_NAME
public static final String PROP_DB_DATASOURCE
public static final String PROP_DB_HASH_PREFIX
public static final String PROP_DB_LOGIN_NAME
public static final String PROP_DB_MODIFIED
public static final String PROP_DB_PASSWORD
public static final String PROP_DB_ROLE
public static final String PROP_DB_ROLE_TABLE
public static final String PROP_DB_TABLE
public static final String PROP_DB_WIKI_NAME
Constructor Detail |
---|
public JDBCUserDatabase()
Method Detail |
---|
public void commit() throws WikiSecurityException
UserDatabase
synchronized
.
commit
in interface UserDatabase
commit
in class AbstractUserDatabase
WikiSecurityException
UserDatabase.commit()
public void deleteByLoginName(String loginName) throws NoSuchPrincipalException, WikiSecurityException
UserProfile
in the user database
that matches a profile having a given login name. If the user database
does not contain a user with a matching attribute, throws a
NoSuchPrincipalException
. The method does not commit the
results of the delete; it only alters the database in memory.
loginName
- the login name of the user profile that shall be deleted
NoSuchPrincipalException
WikiSecurityException
public UserProfile findByEmail(String index) throws NoSuchPrincipalException
UserDatabase
UserProfile
in the user database
that matches a profile having a given e-mail address. If the user
database does not contain a user with a matching attribute, throws a
NoSuchPrincipalException
.
findByEmail
in interface UserDatabase
findByEmail
in class AbstractUserDatabase
index
- the e-mail address of the desired user profile
NoSuchPrincipalException
UserDatabase.findByEmail(java.lang.String)
public UserProfile findByFullName(String index) throws NoSuchPrincipalException
UserDatabase
UserProfile
in the user database
that matches a profile having a given full name. If the user database
does not contain a user with a matching attribute, throws a
NoSuchPrincipalException
.
findByFullName
in interface UserDatabase
findByFullName
in class AbstractUserDatabase
index
- the fill name of the desired user profile
NoSuchPrincipalException
UserDatabase.findByFullName(java.lang.String)
public UserProfile findByLoginName(String index) throws NoSuchPrincipalException
UserDatabase
UserProfile
in the user database
that matches a profile having a given login name. If the user database
does not contain a user with a matching attribute, throws a
NoSuchPrincipalException
.
findByLoginName
in interface UserDatabase
findByLoginName
in class AbstractUserDatabase
index
- the login name of the desired user profile
NoSuchPrincipalException
UserDatabase.findByLoginName(java.lang.String)
public UserProfile findByWikiName(String index) throws NoSuchPrincipalException
UserDatabase
UserProfile
in the user database
that matches a profile having a given wiki name. If the user database
does not contain a user with a matching attribute, throws a
NoSuchPrincipalException
.
findByWikiName
in interface UserDatabase
findByWikiName
in class AbstractUserDatabase
index
- the wiki name of the desired user profile
NoSuchPrincipalException
UserDatabase.findByWikiName(java.lang.String)
public Principal[] getWikiNames() throws WikiSecurityException
WikiSecurityException
public void initialize(WikiEngine engine, Properties props) throws NoRequiredPropertyException
UserDatabase
initialize
in interface UserDatabase
initialize
in class AbstractUserDatabase
NoRequiredPropertyException
UserDatabase.initialize(com.ecyrd.jspwiki.WikiEngine,
java.util.Properties)
public boolean isSharedWithContainer()
true
if the JSPWiki property
jspwiki.userdatabase.isSharedWithContainer
is true
.
UserDatabase.isSharedWithContainer()
public void save(UserProfile profile) throws WikiSecurityException
UserDatabase
Saves a UserProfile
to the user database, overwriting the
existing profile if it exists. The user name under which the profile
should be saved is returned by the supplied profile's
UserProfile.getLoginName()
method.
The database implementation is responsible for detecting potential duplicate user profiles; specifically, the login name, wiki name, and full name must be unique. The implementation is not required to check for validity of passwords or e-mail addresses. Special case: if the profile already exists and the password is null, it should retain its previous value, rather than being set to null.
Implementations are required to time-stamp the creation or modification fields of the UserProfile./p>
Calling classes should generally call
AuthenticationManager.refreshCredentials(WikiSession)
after
calling this method to ensure that Principals are reloaded into the
current WikiSession's Subject.
save
in interface UserDatabase
save
in class AbstractUserDatabase
profile
- the user profile to save
WikiSecurityException
- if the profile cannot be savedUserDatabase.save(com.ecyrd.jspwiki.auth.user.UserProfile)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |