Package tigase.db.jdbc
Class TigaseCustomAuth
- java.lang.Object
-
- tigase.db.AbstractAuthRepositoryWithCredentials
-
- tigase.db.jdbc.TigaseCustomAuth
-
- All Implemented Interfaces:
AuthRepository,DataSourceAware<DataRepository>,Repository,RepositoryVersionAware
- Direct Known Subclasses:
TigaseSPAuth
public class TigaseCustomAuth extends AbstractAuthRepositoryWithCredentials implements DataSourceAware<DataRepository>, RepositoryVersionAware
The user authentication connector allows for customized SQL queries to be used. Queries are defined in the configuration file and they can be either plain SQL queries or stored procedures.
If the query starts with characters:{ callthen the server assumes this is a stored procedure call, otherwise it is executed as a plain SQL query. Each configuration value is stripped from white characters on both ends before processing.
Please don't use semicolon';'at the end of the query as many JDBC drivers get confused and the query may not work for unknown obvious reason.
Some queries take arguments. Arguments are marked by question marks'?'in the query. Refer to the configuration parameters description for more details about what parameters are expected in each query.
Example configuration.
The first example shows how to put a stored procedure as a query with 2 required parameters.
add-user-query={ call TigAddUserPlainPw(?, ?) }
The same query with plain SQL parameters instead:
add-user-query=insert into users (user_id, password) values (?, ?)
Created: Sat Nov 11 22:22:04 2006- Author:
- Artur Hefczyc
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface tigase.db.AuthRepository
AuthRepository.AccountStatus, AuthRepository.DefaultCredentials, AuthRepository.SingleCredential
-
Nested classes/interfaces inherited from interface tigase.db.Repository
Repository.Meta, Repository.SchemaId
-
Nested classes/interfaces inherited from interface tigase.db.util.RepositoryVersionAware
RepositoryVersionAware.SchemaVersion
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringDEF_ACCOUNTSTATUS_KEYstatic java.lang.StringDEF_ACCOUNTSTATUS_QUERYstatic java.lang.StringDEF_ADDUSER_KEYQuery adding a new user to the database.static java.lang.StringDEF_ADDUSER_QUERYstatic java.lang.StringDEF_CONNVALID_KEYQuery executing periodically to ensure active connection with the database.static java.lang.StringDEF_DELUSER_KEYRemoves a user from the database.static java.lang.StringDEF_DELUSER_QUERYstatic java.lang.StringDEF_DISABLEACCOUNT_KEYDeprecated.static java.lang.StringDEF_ENABLEACCOUNT_KEYDeprecated.static java.lang.StringDEF_GETPASSWORD_KEYRetrieves user password from the database for given user_id (JID).static java.lang.StringDEF_GETPASSWORD_QUERYstatic java.lang.StringDEF_INITDB_KEYDatabase initialization query which is run after the server is started.static java.lang.StringDEF_INITDB_QUERYstatic java.lang.StringDEF_LISTDISABLEDACCOUNTS_KEYstatic java.lang.StringDEF_LISTDISABLEDACCOUNTS_QUERYstatic java.lang.StringDEF_NONSASL_MECHSstatic java.lang.StringDEF_NONSASL_MECHS_KEYComma separated list of NON-SASL authentication mechanisms.static java.lang.StringDEF_SASL_MECHSstatic java.lang.StringDEF_SASL_MECHS_KEYComma separated list of SASL authentication mechanisms.static java.lang.StringDEF_UPDATEACCOUNTSTATUS_KEYstatic java.lang.StringDEF_UPDATEACCOUNTSTATUS_QUERYstatic java.lang.StringDEF_UPDATELOGINTIME_KEYstatic java.lang.StringDEF_UPDATEPASSWORD_KEYUpdates (changes) password for a given user_id (JID).static java.lang.StringDEF_USERLOGIN_KEYPerforms user login.static java.lang.StringDEF_USERLOGOUT_KEYThis query is called when user logs out or disconnects.static java.lang.StringDEF_USERS_COUNT_KEYstatic java.lang.StringDEF_USERS_COUNT_QUERYstatic java.lang.StringDEF_USERS_DOMAIN_COUNT_KEYstatic java.lang.StringDEF_USERS_DOMAIN_COUNT_QUERYstatic java.lang.StringNO_QUERYstatic java.lang.StringSP_STARTS_WITH-
Fields inherited from interface tigase.db.AuthRepository
DATA_KEY, DIGEST_ID_KEY, DIGEST_KEY, MACHANISM_KEY, PASSWORD_KEY, PROTOCOL_KEY, PROTOCOL_VAL_NONSASL, PROTOCOL_VAL_SASL, REALM_KEY, RESULT_KEY, SERVER_NAME_KEY, USER_ID_KEY
-
-
Constructor Summary
Constructors Constructor Description TigaseCustomAuth()
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description voidaddUser(BareJID user, java.lang.String password)AuthRepository.AccountStatusgetAccountStatus(BareJID user)java.util.Collection<java.lang.String>getCredentialIds(BareJID user)CredentialsgetCredentials(BareJID user, java.lang.String credentialId)protected java.lang.StringgetParamWithDef(java.util.Map<java.lang.String,java.lang.String> params, java.lang.String key, java.lang.String def)java.lang.StringgetResourceUri()getResourceUrimethod returns database connection string.longgetUsersCount()getUsersCountmethod is thread safe.longgetUsersCount(java.lang.String domain)This method is only used by the server statistics component to report number of registered users for given domain.voidinitRepository(java.lang.String connection_str, java.util.Map<java.lang.String,java.lang.String> params)Deprecated.booleanisMechanismSupported(java.lang.String domain, java.lang.String mechanism)voidloggedIn(BareJID user)Do some actions on repository, when user logs in.voidlogout(BareJID user)booleanotherAuth(java.util.Map<java.lang.String,java.lang.Object> props)voidqueryAuth(java.util.Map<java.lang.String,java.lang.Object> authProps)queryAuthreturns mechanisms available for authentication.voidremoveCredential(BareJID user, java.lang.String credentialId)voidremoveUser(BareJID user)voidsetAccountStatus(BareJID user, AuthRepository.AccountStatus value)voidsetDataSource(DataRepository data_repo)Method called to provide class with instance of a data source.voidupdateCredential(BareJID user, java.lang.String credentialId, java.lang.String password)voidupdatePassword(BareJID user, java.lang.String password)-
Methods inherited from class tigase.db.AbstractAuthRepositoryWithCredentials
getCredentialsDecoder, getCredentialsEncoder, getPassword, setCredentialsCodecs
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface tigase.db.AuthRepository
getUsernames, isUserDisabled, setUserDisabled
-
Methods inherited from interface tigase.db.util.RepositoryVersionAware
getVersion, updateSchema
-
-
-
-
Field Detail
-
DEF_CONNVALID_KEY
public static final java.lang.String DEF_CONNVALID_KEY
Query executing periodically to ensure active connection with the database.
Takes no arguments.
Example query:
select 1
- See Also:
- Constant Field Values
-
DEF_INITDB_KEY
public static final java.lang.String DEF_INITDB_KEY
Database initialization query which is run after the server is started.
Takes no arguments.
Example query:
update tig_users set online_status = 0
- See Also:
- Constant Field Values
-
DEF_ADDUSER_KEY
public static final java.lang.String DEF_ADDUSER_KEY
Query adding a new user to the database.
Takes 2 arguments:(user_id (JID), password)
Example query:
insert into tig_users (user_id, user_pw) values (?, ?)
- See Also:
- Constant Field Values
-
DEF_DELUSER_KEY
public static final java.lang.String DEF_DELUSER_KEY
Removes a user from the database.
Takes 1 argument:(user_id (JID))
Example query:
delete from tig_users where user_id = ?
- See Also:
- Constant Field Values
-
DEF_GETPASSWORD_KEY
public static final java.lang.String DEF_GETPASSWORD_KEY
Retrieves user password from the database for given user_id (JID).
Takes 1 argument:(user_id (JID))
Example query:
select user_pw from tig_users where user_id = ?
- See Also:
- Constant Field Values
-
DEF_UPDATEPASSWORD_KEY
public static final java.lang.String DEF_UPDATEPASSWORD_KEY
Updates (changes) password for a given user_id (JID).
Takes 2 arguments:(password, user_id (JID))
Example query:
update tig_users set user_pw = ? where user_id = ?
- See Also:
- Constant Field Values
-
DEF_USERLOGIN_KEY
public static final java.lang.String DEF_USERLOGIN_KEY
Performs user login. Normally used when there is a special SP used for this purpose. This is an alternative way to a method requiring retrieving user password. Therefore at least one of those queries must be defined:user-login-queryorget-password-query.
If both queries are defined thenuser-login-queryis used. Normally this method should be only used with plain text password authentication or sasl-plain.
The Tigase server expects a result set with user_id to be returned from the query if login is successful and empty results set if the login is unsuccessful.
Takes 2 arguments:(user_id (JID), password)
Example query:
select user_id from tig_users where (user_id = ?) AND (user_pw = ?)
- See Also:
- Constant Field Values
-
DEF_USERLOGOUT_KEY
public static final java.lang.String DEF_USERLOGOUT_KEY
This query is called when user logs out or disconnects. It can record that event in the database.
Takes 1 argument:(user_id (JID))
Example query:
update tig_users, set online_status = online_status - 1 where user_id = ?
- See Also:
- Constant Field Values
-
DEF_UPDATELOGINTIME_KEY
public static final java.lang.String DEF_UPDATELOGINTIME_KEY
- See Also:
- Constant Field Values
-
DEF_USERS_COUNT_KEY
public static final java.lang.String DEF_USERS_COUNT_KEY
- See Also:
- Constant Field Values
-
DEF_USERS_DOMAIN_COUNT_KEY
public static final java.lang.String DEF_USERS_DOMAIN_COUNT_KEY
- See Also:
- Constant Field Values
-
DEF_LISTDISABLEDACCOUNTS_KEY
public static final java.lang.String DEF_LISTDISABLEDACCOUNTS_KEY
- See Also:
- Constant Field Values
-
DEF_DISABLEACCOUNT_KEY
@Deprecated public static final java.lang.String DEF_DISABLEACCOUNT_KEY
Deprecated.- See Also:
- Constant Field Values
-
DEF_ENABLEACCOUNT_KEY
@Deprecated public static final java.lang.String DEF_ENABLEACCOUNT_KEY
Deprecated.- See Also:
- Constant Field Values
-
DEF_UPDATEACCOUNTSTATUS_KEY
public static final java.lang.String DEF_UPDATEACCOUNTSTATUS_KEY
- See Also:
- Constant Field Values
-
DEF_ACCOUNTSTATUS_KEY
public static final java.lang.String DEF_ACCOUNTSTATUS_KEY
- See Also:
- Constant Field Values
-
DEF_NONSASL_MECHS_KEY
public static final java.lang.String DEF_NONSASL_MECHS_KEY
Comma separated list of NON-SASL authentication mechanisms. Possible mechanisms are:passwordanddigest.digestmechanism can work only withget-password-queryactive and only when password are stored in plain text format in the database.- See Also:
- Constant Field Values
-
DEF_SASL_MECHS_KEY
public static final java.lang.String DEF_SASL_MECHS_KEY
Comma separated list of SASL authentication mechanisms. Possible mechanisms are all mechanisms supported by Java implementation. The most common are:PLAIN,DIGEST-MD5,CRAM-MD5.
"Non-PLAIN" mechanisms will work only with theget-password-queryactive and only when passwords are stored in plain text format in the database.- See Also:
- Constant Field Values
-
NO_QUERY
public static final java.lang.String NO_QUERY
- See Also:
- Constant Field Values
-
DEF_INITDB_QUERY
public static final java.lang.String DEF_INITDB_QUERY
- See Also:
- Constant Field Values
-
DEF_ADDUSER_QUERY
public static final java.lang.String DEF_ADDUSER_QUERY
- See Also:
- Constant Field Values
-
DEF_DELUSER_QUERY
public static final java.lang.String DEF_DELUSER_QUERY
- See Also:
- Constant Field Values
-
DEF_GETPASSWORD_QUERY
public static final java.lang.String DEF_GETPASSWORD_QUERY
- See Also:
- Constant Field Values
-
DEF_USERS_COUNT_QUERY
public static final java.lang.String DEF_USERS_COUNT_QUERY
- See Also:
- Constant Field Values
-
DEF_USERS_DOMAIN_COUNT_QUERY
public static final java.lang.String DEF_USERS_DOMAIN_COUNT_QUERY
- See Also:
- Constant Field Values
-
DEF_LISTDISABLEDACCOUNTS_QUERY
public static final java.lang.String DEF_LISTDISABLEDACCOUNTS_QUERY
- See Also:
- Constant Field Values
-
DEF_UPDATEACCOUNTSTATUS_QUERY
public static final java.lang.String DEF_UPDATEACCOUNTSTATUS_QUERY
- See Also:
- Constant Field Values
-
DEF_ACCOUNTSTATUS_QUERY
public static final java.lang.String DEF_ACCOUNTSTATUS_QUERY
- See Also:
- Constant Field Values
-
DEF_NONSASL_MECHS
public static final java.lang.String DEF_NONSASL_MECHS
- See Also:
- Constant Field Values
-
DEF_SASL_MECHS
public static final java.lang.String DEF_SASL_MECHS
- See Also:
- Constant Field Values
-
SP_STARTS_WITH
public static final java.lang.String SP_STARTS_WITH
- See Also:
- Constant Field Values
-
-
Method Detail
-
addUser
public void addUser(BareJID user, java.lang.String password) throws TigaseDBException
- Specified by:
addUserin interfaceAuthRepository- Throws:
TigaseDBException
-
getAccountStatus
public AuthRepository.AccountStatus getAccountStatus(BareJID user) throws TigaseDBException
- Specified by:
getAccountStatusin interfaceAuthRepository- Throws:
TigaseDBException
-
getCredentials
public Credentials getCredentials(BareJID user, java.lang.String credentialId) throws TigaseDBException
- Specified by:
getCredentialsin interfaceAuthRepository- Throws:
TigaseDBException
-
getParamWithDef
protected java.lang.String getParamWithDef(java.util.Map<java.lang.String,java.lang.String> params, java.lang.String key, java.lang.String def)
-
getResourceUri
public java.lang.String getResourceUri()
Description copied from interface:AuthRepositorygetResourceUrimethod returns database connection string.- Specified by:
getResourceUriin interfaceAuthRepository- Returns:
- a
Stringvalue of database connection string.
-
getCredentialIds
public java.util.Collection<java.lang.String> getCredentialIds(BareJID user) throws TigaseDBException
- Specified by:
getCredentialIdsin interfaceAuthRepository- Throws:
TigaseDBException
-
getUsersCount
public long getUsersCount()
getUsersCountmethod is thread safe. It uses local variable for storingStatement.- Specified by:
getUsersCountin interfaceAuthRepository- Returns:
- a
longnumber of user accounts in database.
-
getUsersCount
public long getUsersCount(java.lang.String domain)
Description copied from interface:AuthRepositoryThis method is only used by the server statistics component to report number of registered users for given domain.- Specified by:
getUsersCountin interfaceAuthRepository- Parameters:
domain- for which get the statistics- Returns:
- a
longnumber of registered users in the repository.
-
initRepository
@Deprecated public void initRepository(java.lang.String connection_str, java.util.Map<java.lang.String,java.lang.String> params) throws DBInitExceptionDeprecated.Description copied from interface:RepositoryMethod is deprecated and should not be user any more.
The method is called to initialize the data repository. Depending on the implementation all the initialization parameters can be passed either viaresource_uriparameter as the database connection string or viaparamsmap if the required repository parameters are more complex or both.- Specified by:
initRepositoryin interfaceRepository- Parameters:
connection_str- value in most cases representing the database connection string.params- is aMapwith repository properties necessary to initialize and perform all the functions. The initialization parameters are implementation dependent.- Throws:
DBInitException- if there was an error during repository initialization. Some implementations, though, perform so called lazy initialization so even though there is a problem with the underlying repository it may not be signaled through this method call.
-
isMechanismSupported
public boolean isMechanismSupported(java.lang.String domain, java.lang.String mechanism)- Specified by:
isMechanismSupportedin interfaceAuthRepository- Overrides:
isMechanismSupportedin classAbstractAuthRepositoryWithCredentials
-
loggedIn
public void loggedIn(BareJID user) throws TigaseDBException
Description copied from interface:AuthRepositoryDo some actions on repository, when user logs in. (for example updatelast_login_time)- Specified by:
loggedInin interfaceAuthRepository- Parameters:
user- JID of logged user.- Throws:
TigaseDBException- if an error occurs
-
logout
public void logout(BareJID user) throws TigaseDBException
- Specified by:
logoutin interfaceAuthRepository- Throws:
TigaseDBException
-
otherAuth
public boolean otherAuth(java.util.Map<java.lang.String,java.lang.Object> props) throws TigaseDBException, AuthorizationException- Specified by:
otherAuthin interfaceAuthRepository- Throws:
TigaseDBExceptionAuthorizationException
-
queryAuth
public void queryAuth(java.util.Map<java.lang.String,java.lang.Object> authProps)
Description copied from interface:AuthRepositoryqueryAuthreturns mechanisms available for authentication.- Specified by:
queryAuthin interfaceAuthRepository- Parameters:
authProps- aMapvalue with parameters for authentication.
-
removeCredential
public void removeCredential(BareJID user, java.lang.String credentialId) throws TigaseDBException
- Specified by:
removeCredentialin interfaceAuthRepository- Throws:
TigaseDBException
-
removeUser
public void removeUser(BareJID user) throws TigaseDBException
- Specified by:
removeUserin interfaceAuthRepository- Throws:
TigaseDBException
-
setAccountStatus
public void setAccountStatus(BareJID user, AuthRepository.AccountStatus value) throws TigaseDBException
- Specified by:
setAccountStatusin interfaceAuthRepository- Throws:
TigaseDBException
-
setDataSource
public void setDataSource(DataRepository data_repo) throws DBInitException
Description copied from interface:DataSourceAwareMethod called to provide class with instance of a data source.- Specified by:
setDataSourcein interfaceDataSourceAware<DataRepository>- Throws:
DBInitException
-
updateCredential
public void updateCredential(BareJID user, java.lang.String credentialId, java.lang.String password) throws TigaseDBException
- Specified by:
updateCredentialin interfaceAuthRepository- Throws:
TigaseDBException
-
updatePassword
public void updatePassword(BareJID user, java.lang.String password) throws TigaseDBException
- Specified by:
updatePasswordin interfaceAuthRepository- Throws:
TigaseDBException
-
-