org.mortbay.jetty.security
Class JDBCUserRealm

java.lang.Object
  extended by org.mortbay.jetty.security.HashUserRealm
      extended by org.mortbay.jetty.security.JDBCUserRealm
All Implemented Interfaces:
SSORealm, UserRealm

public class JDBCUserRealm
extends HashUserRealm
implements UserRealm

HashMapped User Realm with JDBC as data source. JDBCUserRealm extends HashUserRealm and adds a method to fetch user information from database. The authenticate() method checks the inherited HashMap for the user. If the user is not found, it will fetch details from the database and populate the inherited HashMap. It then calls the HashUserRealm authenticate() method to perform the actual authentication. Periodically (controlled by configuration parameter), internal hashes are cleared. Caching can be disabled by setting cache refresh interval to zero. Uses one database connection that is initialized at startup. Reconnect on failures. authenticate() is 'synchronized'. An example properties file for configuration is in $JETTY_HOME/etc/jdbcRealm.properties

Version:
$Id: JDBCUserRealm.java 1607 2007-02-20 07:37:05Z janb $
Author:
Arkadi Shishlov (arkadi), Fredrik Borgh, Greg Wilkins (gregw), Ben Alex

Field Summary
 
Fields inherited from class org.mortbay.jetty.security.HashUserRealm
__SSO, _roles, _users
 
Constructor Summary
JDBCUserRealm()
          Constructor.
JDBCUserRealm(String name)
          Constructor.
JDBCUserRealm(String name, String config)
          Constructor.
 
Method Summary
 Principal authenticate(String username, Object credentials, Request request)
          Authenticate a users credentials.
 void connectDatabase()
          (re)Connect to database with parameters setup by loadConfig()
 String getConfig()
           
 String getName()
           
 void logout(Principal user)
          logout a user Principal.
 void setConfig(String config)
          Load JDBC connection configuration from properties file.
 void setName(String name)
           
 
Methods inherited from class org.mortbay.jetty.security.HashUserRealm
addUserToRole, clearSingleSignOn, disassociate, dump, getPrincipal, getSingleSignOn, getSSORealm, isUserInRole, popRole, pushRole, put, reauthenticate, setSingleSignOn, setSSORealm, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface org.mortbay.jetty.security.UserRealm
disassociate, getPrincipal, isUserInRole, popRole, pushRole, reauthenticate
 

Constructor Detail

JDBCUserRealm

public JDBCUserRealm()
Constructor.


JDBCUserRealm

public JDBCUserRealm(String name)
Constructor.

Parameters:
name -

JDBCUserRealm

public JDBCUserRealm(String name,
                     String config)
              throws IOException,
                     ClassNotFoundException,
                     InstantiationException,
                     IllegalAccessException
Constructor.

Parameters:
name - Realm name
config - Filename or url of JDBC connection properties file.
Throws:
IOException
ClassNotFoundException
InstantiationException
IllegalAccessException
Method Detail

getName

public String getName()
Specified by:
getName in interface UserRealm
Overrides:
getName in class HashUserRealm
Returns:
The realm name.

setName

public void setName(String name)
Overrides:
setName in class HashUserRealm
Parameters:
name - The realm name

getConfig

public String getConfig()
Overrides:
getConfig in class HashUserRealm

setConfig

public void setConfig(String config)
               throws IOException
Load JDBC connection configuration from properties file.

Overrides:
setConfig in class HashUserRealm
Parameters:
config - Filename or url of user properties file.
Throws:
IOException

logout

public void logout(Principal user)
Description copied from interface: UserRealm
logout a user Principal. Called by authentication mechanisms (eg FORM) that can detect logout.

Specified by:
logout in interface UserRealm
Overrides:
logout in class HashUserRealm
Parameters:
user - A Principal previously returned from this realm

connectDatabase

public void connectDatabase()
(re)Connect to database with parameters setup by loadConfig()


authenticate

public Principal authenticate(String username,
                              Object credentials,
                              Request request)
Description copied from interface: UserRealm
Authenticate a users credentials. Implementations of this method may adorn the calling context to assoicate it with the authenticated principal (eg ThreadLocals). If such context associations are made, they should be considered valid until a UserRealm.deAuthenticate(UserPrincipal) call is made for this UserPrincipal.

Specified by:
authenticate in interface UserRealm
Overrides:
authenticate in class HashUserRealm
Parameters:
username - The username.
credentials - The user credentials, normally a String password.
request - The request to be authenticated. Additional parameters may be extracted or set on this request as needed for the authentication mechanism (none required for BASIC and FORM authentication).
Returns:
The authenticated UserPrincipal.