/** * Shuts down the database and removes the realm from the realm map. */ protected void shutDown(String testName) { Connection conn = null; Statement sql = null; DataSource ds = dsMap.get(testName); try { Connection c = ds.getConnection(); Statement s = c.createStatement(); s.executeUpdate("SHUTDOWN"); } catch (SQLException ex) { // ignore } finally { JdbcUtils.closeStatement(sql); JdbcUtils.closeConnection(conn); dsMap.remove(testName); realmMap.remove(testName); } }
protected Set<String> getPermissions(Connection conn, String username, Collection<String> roleNames) throws SQLException { PreparedStatement ps = null; Set<String> permissions = new LinkedHashSet<String>(); try { ps = conn.prepareStatement(permissionsQuery); for (String roleName : roleNames) { ps.setString(1, roleName); ResultSet rs = null; try { // Execute query rs = ps.executeQuery(); // Loop over results and add each returned role to a set while (rs.next()) { String permissionString = rs.getString(1); // Add the permission to the set of permissions permissions.add(permissionString); } } finally { JdbcUtils.closeResultSet(rs); } } } finally { JdbcUtils.closeStatement(ps); } return permissions; }
JdbcUtils.closeConnection(conn);
@Override public Map<String, String> getObject() throws Exception { Connection connection = dataSource.getConnection(); PreparedStatement ps = connection.prepareStatement(sql); ResultSet rs = null; Map<String, String> filters = new LinkedHashMap<>(); try { rs = ps.executeQuery(); while (rs.next()) { String url = rs.getString(1); String permission = rs.getString(2); filters.put(url, String.format(PERMISSION_STRING, permission)); LOGGER.debug("Load filter chain via JDBC: {} -> {}", url, permission); } } finally { JdbcUtils.closeResultSet(rs); } return filters; }
JdbcUtils.closeConnection(conn);
protected Set<String> getRoleNamesForUser(Connection conn, String username) throws SQLException { PreparedStatement ps = null; ResultSet rs = null; Set<String> roleNames = new LinkedHashSet<String>(); try { ps = conn.prepareStatement(userRolesQuery); ps.setString(1, username); // Execute query rs = ps.executeQuery(); // Loop over results and add each returned role to a set while (rs.next()) { String roleName = rs.getString(1); // Add the role to the list of names if it isn't null if (roleName != null) { roleNames.add(roleName); } else { if (log.isWarnEnabled()) { log.warn("Null role name found while retrieving role names for user [" + username + "]"); } } } } finally { JdbcUtils.closeResultSet(rs); JdbcUtils.closeStatement(ps); } return roleNames; }
/** * Creates and adds test data to user_role and roles_permissions tables. */ protected void createRolesAndPermissions(DataSource ds) { Connection conn = null;; Statement sql = null; try { conn = ds.getConnection(); sql = conn.createStatement(); sql.executeUpdate("create table user_roles (username varchar(20), role_name varchar(20))"); sql.executeUpdate("insert into user_roles values ('" + username + "', '" + testRole + "')"); sql.executeUpdate("create table roles_permissions (role_name varchar(20), permission varchar(40))"); sql.executeUpdate( "insert into roles_permissions values ('" + testRole + "', '" + testPermissionString + "')"); } catch (SQLException ex) { Assert.fail("Exception adding test role and permission"); } finally { JdbcUtils.closeStatement(sql); JdbcUtils.closeConnection(conn); } } }
JdbcUtils.closeConnection(conn);
JdbcUtils.closeResultSet(rs); JdbcUtils.closeStatement(ps);
/** * Creates a test database with a separate salt column in the users table. Sets the * DataSource of the realm associated with the test to a DataSource connected to the database. */ protected void createSaltColumnSchema(String testName) { jdbcDataSource ds = new jdbcDataSource(); ds.setDatabase("jdbc:hsqldb:mem:" + name); ds.setUser("SA"); ds.setPassword(""); Connection conn = null; Statement sql = null; try { conn = ds.getConnection(); sql = conn.createStatement(); sql.executeUpdate( "create table users (username varchar(20), password varchar(20), password_salt varchar(20))"); Sha256Hash sha256Hash = new Sha256Hash(plainTextPassword, salt); String password = sha256Hash.toHex(); sql.executeUpdate("insert into users values ('" + username + "', '" + password + "', '" + salt + "')"); } catch (SQLException ex) { Assert.fail("Exception creating test database"); } finally { JdbcUtils.closeStatement(sql); JdbcUtils.closeConnection(conn); } createRolesAndPermissions(ds); realmMap.get(testName).setDataSource(ds); dsMap.put(testName, ds); }
JdbcUtils.closeConnection(conn);
protected Set<String> getRoleNamesForUser(Connection conn, String username) throws SQLException { PreparedStatement ps = null; ResultSet rs = null; Set<String> roleNames = new LinkedHashSet<String>(); try { ps = conn.prepareStatement(userRolesQuery); ps.setString(1, username); // Execute query rs = ps.executeQuery(); // Loop over results and add each returned role to a set while (rs.next()) { String roleName = rs.getString(1); // Add the role to the list of names if it isn't null if (roleName != null) { roleNames.add(roleName); } else { if (log.isWarnEnabled()) { log.warn("Null role name found while retrieving role names for user [" + username + "]"); } } } } finally { JdbcUtils.closeResultSet(rs); JdbcUtils.closeStatement(ps); } return roleNames; }
Assert.fail("Exception creating test database"); } finally { JdbcUtils.closeStatement(sql); JdbcUtils.closeConnection(conn);
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; String username = upToken.getUsername(); // Null username is invalid if (username == null) { throw new AccountException("Null usernames are not allowed by this realm."); } Connection conn = null; AuthenticationInfo info = null; try { conn = dataSource.getConnection(); String password = getPasswordForUser(conn, username); if (password == null) { throw new UnknownAccountException("No account found for user [" + username + "]"); } info = buildAuthenticationInfo(username, password.toCharArray()); } catch (SQLException e) { final String message = "There was a SQL error while authenticating user [" + username + "]"; if (log.isErrorEnabled()) { log.error(message, e); } // Rethrow any SQL errors as an authentication exception throw new AuthenticationException(message, e); } finally { JdbcUtils.closeConnection(conn); } return info; }
protected Set<String> getPermissions(Connection conn, String username, Collection<String> roleNames) throws SQLException { PreparedStatement ps = null; Set<String> permissions = new LinkedHashSet<String>(); try { ps = conn.prepareStatement(permissionsQuery); for (String roleName : roleNames) { ps.setString(1, roleName); ResultSet rs = null; try { // Execute query rs = ps.executeQuery(); // Loop over results and add each returned role to a set while (rs.next()) { String permissionString = rs.getString(1); // Add the permission to the set of permissions permissions.add(permissionString); } } finally { JdbcUtils.closeResultSet(rs); } } } finally { JdbcUtils.closeStatement(ps); } return permissions; }
JdbcUtils.closeConnection(conn);
JdbcUtils.closeResultSet(rs); JdbcUtils.closeStatement(ps);
protected Set<String> getPermissions(Connection conn, String username, Collection<String> roleNames) throws SQLException { PreparedStatement ps = null; ResultSet rs = null; Set<String> permissions = new LinkedHashSet<String>(); try { for (String roleName : roleNames) { ps = conn.prepareStatement(permissionsQuery); ps.setString(1, roleName); // Execute query rs = ps.executeQuery(); // Loop over results and add each returned role to a set while (rs.next()) { String permissionString = rs.getString(1); // Add the permission to the set of permissions permissions.add(permissionString); } } } finally { JdbcUtils.closeResultSet(rs); JdbcUtils.closeStatement(ps); } return permissions; }
protected Set<String> getRoleNamesForUser(Connection conn, String username) throws SQLException { PreparedStatement ps = null; ResultSet rs = null; Set<String> roleNames = new LinkedHashSet<String>(); try { ps = conn.prepareStatement(userRolesQuery); ps.setString(1, username); // Execute query rs = ps.executeQuery(); // Loop over results and add each returned role to a set while (rs.next()) { String roleName = rs.getString(1); // Add the role to the list of names if it isn't null if (roleName != null) { roleNames.add(roleName); } else { if (log.isWarnEnabled()) { log.warn("Null role name found while retrieving role names for user [" + username + "]"); } } } } finally { JdbcUtils.closeResultSet(rs); JdbcUtils.closeStatement(ps); } return roleNames; }
private String getPasswordForUser(Connection conn, String username) throws SQLException { PreparedStatement ps = null; ResultSet rs = null; String password = null; try { ps = conn.prepareStatement(authenticationQuery); ps.setString(1, username); // Execute query rs = ps.executeQuery(); // Loop over results - although we are only expecting one result, since usernames should be unique boolean foundResult = false; while (rs.next()) { // Check to ensure only one row is processed if (foundResult) { throw new AuthenticationException("More than one user row found for user [" + username + "]. Usernames must be unique."); } password = rs.getString(1); foundResult = true; } } finally { JdbcUtils.closeResultSet(rs); JdbcUtils.closeStatement(ps); } return password; }