@Override public <C extends Credential> C getCredential(final Class<C> credentialType) throws RealmUnavailableException { return getCredential(credentialType, null); }
@Override public QueryBuilder principalQuery(String sql) { return this.parent.principalQuery(sql); }
@Override public JdbcSecurityRealm build() { return this.parent.build(); }
String sql = configuration.getSql(); try (Connection connection = getConnection(configuration); PreparedStatement preparedStatement = connection.prepareStatement(sql)) { preparedStatement.setString(1, name); List<AttributeMapper> attributeMappers = configuration.getColumnMappers(AttributeMapper.class); List<KeyMapper> keyMappers = configuration.getColumnMappers(KeyMapper.class); while (resultSet.next()) { found = true; Object value = attributeMapper.map(resultSet, providers); if (value != null) { if (attributes.containsKey(attributeMapper.getName())) { attributes.get(attributeMapper.getName()).add(value.toString()); } else { attributes.addFirst(attributeMapper.getName(), value.toString()); Credential credential = keyMapper.map(resultSet, providers); if (credential != null) { credentials = credentials.withCredential(credential); this.identity = found ? new JdbcIdentity(attributes, credentials) : null; loaded = true;
/** * Builds a new {@link JdbcSecurityRealm} instance based on configuration defined for this {@link JdbcSecurityRealmBuilder} instance. * * @return the built realm */ public JdbcSecurityRealm build() { List<QueryConfiguration> configuration = new ArrayList<>(); for (QueryBuilder query : this.queries) { configuration.add(query.buildQuery()); } return new JdbcSecurityRealm(configuration, providers); }
@Override public SupportLevel getCredentialAcquireSupport(final Class<? extends Credential> credentialType, final String algorithmName, final AlgorithmParameterSpec parameterSpec) throws RealmUnavailableException { Assert.checkNotNullParam("credentialType", credentialType); SupportLevel support = SupportLevel.UNSUPPORTED; for (QueryConfiguration configuration : queryConfiguration) { for (KeyMapper keyMapper : configuration.getColumnMappers(KeyMapper.class)) { final SupportLevel mapperSupport = keyMapper.getCredentialAcquireSupport(credentialType, algorithmName, parameterSpec); if (support.compareTo(mapperSupport) < 0) { support = mapperSupport; } } } return support; }
@Override public SupportLevel getEvidenceVerifySupport(final Class<? extends Evidence> evidenceType, final String algorithmName) throws RealmUnavailableException { Assert.checkNotNullParam("evidenceType", evidenceType); SupportLevel support = SupportLevel.UNSUPPORTED; for (QueryConfiguration configuration : queryConfiguration) { for (KeyMapper keyMapper : configuration.getColumnMappers(KeyMapper.class)) { final SupportLevel mapperSupport = keyMapper.getEvidenceVerifySupport(evidenceType, algorithmName); if (support.compareTo(mapperSupport) < 0) { support = mapperSupport; } } } return support; }
public boolean exists() throws RealmUnavailableException { return getIdentity() != null; }
public static JdbcSecurityRealmBuilder builder() { return new JdbcSecurityRealmBuilder(); }
QueryConfiguration buildQuery() { return new QueryConfiguration(this.sql, this.dataSource, this.mappers); }
@Override public RealmIdentity getRealmIdentity(final Principal principal) { if (! (principal instanceof NamePrincipal)) { return RealmIdentity.NON_EXISTENT; } return new JdbcRealmIdentity(principal.getName()); }
/** * Determine whether a given type of evidence is definitely verifiable, possibly verifiable (for some identities), * or definitely not verifiable. * * @param evidenceType the type of evidence to be verified (must not be {@code null}) * @param algorithmName the algorithm name, or {@code null} if any algorithm is acceptable or the evidence type does * not support algorithm names * @return the level of support for this evidence type */ default SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> evidenceType, String algorithmName) { if (PasswordGuessEvidence.class.isAssignableFrom(evidenceType)) { return getCredentialAcquireSupport(PasswordCredential.class, null, null); } return SupportLevel.UNSUPPORTED; }
/** * <p>A SQL SELECT statement that will be used to return data from a database based on the principal's name. * * <p>When authenticating, validating or obtaining credentials for a {@link RealmIdentity}, * this query will be used. You must provide a SELECT with a single query parameter as follows: * * <pre> * JdbcSecurityRealm securityRealm = JdbcSecurityRealm.builder().principalQuery("SELECT password FROM user_bcrypt_password where name = ?") * </pre> * * <p>Where the query parameter value would be the principal's name. * * @param sql the authentication query * @return this builder */ public QueryBuilder principalQuery(String sql) { QueryBuilder builder = new QueryBuilder(sql, this); this.queries.add(builder); return builder; } }
@Override public AuthorizationIdentity getAuthorizationIdentity() throws RealmUnavailableException { if (!exists()) { return AuthorizationIdentity.EMPTY; } return AuthorizationIdentity.basicIdentity(this.identity.attributes); }
private Connection getConnection(QueryConfiguration configuration) { try { DataSource dataSource = configuration.getDataSource(); return dataSource.getConnection(); } catch (Exception e) { throw log.couldNotOpenConnection(e); } }
@Override public SupportLevel getEvidenceVerifySupport(final Class<? extends Evidence> evidenceType, final String algorithmName) throws RealmUnavailableException { Assert.checkNotNullParam("evidenceType", evidenceType); JdbcIdentity identity = getIdentity(); if (identity != null) { return identity.identityCredentials.canVerify(evidenceType, algorithmName) ? SupportLevel.SUPPORTED : SupportLevel.UNSUPPORTED; } return SupportLevel.UNSUPPORTED; }
@Override public <C extends Credential> C getCredential(final Class<C> credentialType, final String algorithmName) throws RealmUnavailableException { return getCredential(credentialType, algorithmName, null); }
@Override public boolean verifyEvidence(final Evidence evidence) throws RealmUnavailableException { Assert.checkNotNullParam("evidence", evidence); JdbcIdentity identity = getIdentity(); if (identity != null) { return identity.identityCredentials.verify(evidence); } return false; }
@Override public <C extends Credential> C getCredential(final Class<C> credentialType, final String algorithmName, final AlgorithmParameterSpec parameterSpec) throws RealmUnavailableException { Assert.checkNotNullParam("credentialType", credentialType); JdbcIdentity identity = getIdentity(); if (identity != null) { return identity.identityCredentials.getCredential(credentialType, algorithmName); } return null; }
@Override public SupportLevel getCredentialAcquireSupport(final Class<? extends Credential> credentialType, final String algorithmName, final AlgorithmParameterSpec parameterSpec) throws RealmUnavailableException { Assert.checkNotNullParam("credentialType", credentialType); JdbcIdentity identity = getIdentity(); if (identity != null) { return identity.identityCredentials.getCredentialAcquireSupport(credentialType, algorithmName, parameterSpec); } return SupportLevel.UNSUPPORTED; }