diff options
Diffstat (limited to 'jetty-plus/src/main/java/org/eclipse/jetty/plus/security/DataSourceLoginService.java')
-rw-r--r-- | jetty-plus/src/main/java/org/eclipse/jetty/plus/security/DataSourceLoginService.java | 133 |
1 files changed, 73 insertions, 60 deletions
diff --git a/jetty-plus/src/main/java/org/eclipse/jetty/plus/security/DataSourceLoginService.java b/jetty-plus/src/main/java/org/eclipse/jetty/plus/security/DataSourceLoginService.java index 141597d4f2..7b19b7cb3a 100644 --- a/jetty-plus/src/main/java/org/eclipse/jetty/plus/security/DataSourceLoginService.java +++ b/jetty-plus/src/main/java/org/eclipse/jetty/plus/security/DataSourceLoginService.java @@ -32,14 +32,12 @@ import java.util.Locale; import javax.naming.InitialContext; import javax.naming.NameNotFoundException; import javax.naming.NamingException; -import javax.servlet.ServletRequest; import javax.sql.DataSource; import org.eclipse.jetty.plus.jndi.NamingEntryUtil; +import org.eclipse.jetty.security.AbstractLoginService; import org.eclipse.jetty.security.IdentityService; -import org.eclipse.jetty.security.MappedLoginService; import org.eclipse.jetty.server.Server; -import org.eclipse.jetty.server.UserIdentity; import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.log.Logger; import org.eclipse.jetty.util.security.Credential; @@ -51,7 +49,7 @@ import org.eclipse.jetty.util.security.Credential; * Obtain user/password/role information from a database * via jndi DataSource. */ -public class DataSourceLoginService extends MappedLoginService +public class DataSourceLoginService extends AbstractLoginService { private static final Logger LOG = Log.getLogger(DataSourceLoginService.class); @@ -68,11 +66,30 @@ public class DataSourceLoginService extends MappedLoginService private String _userRoleTableName = "user_roles"; private String _userRoleTableUserKey = "user_id"; private String _userRoleTableRoleKey = "role_id"; - private int _cacheMs = 30000; - private long _lastPurge = 0; private String _userSql; private String _roleSql; private boolean _createTables = false; + + + /** + * DBUser + */ + public class DBUserPrincipal extends UserPrincipal + { + private int _key; + + public DBUserPrincipal(String name, Credential credential, int key) + { + super(name, credential); + _key = key; + } + + public int getKey () + { + return _key; + } + + } /* ------------------------------------------------------------ */ public DataSourceLoginService() @@ -265,59 +282,25 @@ public class DataSourceLoginService extends MappedLoginService _userRoleTableRoleKey = roleTableRoleKey; } - /* ------------------------------------------------------------ */ - public void setCacheMs (int ms) - { - _cacheMs=ms; - } - - /* ------------------------------------------------------------ */ - public int getCacheMs () - { - return _cacheMs; - } - - /* ------------------------------------------------------------ */ - @Override - protected void loadUsers() - { - } - - + /* ------------------------------------------------------------ */ - /** Load user's info from database. - * - * @param userName the user name - */ - @Override - protected UserIdentity loadUser (String userName) + public UserPrincipal loadUserInfo (String username) { try { try (Connection connection = getConnection(); - PreparedStatement statement1 = connection.prepareStatement(_userSql)) + PreparedStatement statement1 = connection.prepareStatement(_userSql)) { - statement1.setObject(1, userName); + statement1.setObject(1, username); try (ResultSet rs1 = statement1.executeQuery()) { if (rs1.next()) { int key = rs1.getInt(_userTableKey); String credentials = rs1.getString(_userTablePasswordField); - List<String> roles = new ArrayList<String>(); - try (PreparedStatement statement2 = connection.prepareStatement(_roleSql)) - { - statement2.setInt(1, key); - try (ResultSet rs2 = statement2.executeQuery()) - { - while (rs2.next()) - { - roles.add(rs2.getString(_roleTableRoleField)); - } - } - } - return putUser(userName, Credential.getCredential(credentials), roles.toArray(new String[roles.size()])); + + return new DBUserPrincipal(username, Credential.getCredential(credentials), key); } } } @@ -328,26 +311,49 @@ public class DataSourceLoginService extends MappedLoginService } catch (SQLException e) { - LOG.warn("Problem loading user info for "+userName, e); + LOG.warn("Problem loading user info for "+username, e); } return null; } - /* ------------------------------------------------------------ */ - @Override - public UserIdentity login(String username, Object credentials, ServletRequest request) + public String[] loadRoleInfo (UserPrincipal user) { - long now = System.currentTimeMillis(); - if (now - _lastPurge > _cacheMs || _cacheMs == 0) + DBUserPrincipal dbuser = (DBUserPrincipal)user; + + try + { + try (Connection connection = getConnection(); + PreparedStatement statement2 = connection.prepareStatement(_roleSql)) + { + + List<String> roles = new ArrayList<String>(); + + statement2.setInt(1, dbuser.getKey()); + try (ResultSet rs2 = statement2.executeQuery()) + { + while (rs2.next()) + { + roles.add(rs2.getString(_roleTableRoleField)); + } + + return roles.toArray(new String[roles.size()]); + } + } + } + catch (NamingException e) { - _users.clear(); - _lastPurge = now; + LOG.warn("No datasource for "+_jndiName, e); } - - return super.login(username,credentials, request); + catch (SQLException e) + { + LOG.warn("Problem loading user info for "+user.getName(), e); + } + return null; } + + /* ------------------------------------------------------------ */ /** @@ -402,8 +408,11 @@ public class DataSourceLoginService extends MappedLoginService prepareTables(); } - - + /* ------------------------------------------------------------ */ + /** + * @throws NamingException + * @throws SQLException + */ private void prepareTables() throws NamingException, SQLException { @@ -504,12 +513,16 @@ public class DataSourceLoginService extends MappedLoginService } } - + /* ------------------------------------------------------------ */ + /** + * @return + * @throws NamingException + * @throws SQLException + */ private Connection getConnection () throws NamingException, SQLException { initDb(); return _datasource.getConnection(); } - } |