org.apache.geronimo.security.realm.providers
Class SQLLoginModule

java.lang.Object
  extended by org.apache.geronimo.security.realm.providers.SQLLoginModule
All Implemented Interfaces:
LoginModule

public class SQLLoginModule
extends Object
implements LoginModule

A login module that loads security information from a SQL database. Expects to be run by a GenericSecurityRealm (doesn't work on its own).

This requires database connectivity information (either 1: a dataSourceName and optional dataSourceApplication or 2: a JDBC driver, URL, username, and password) and 2 SQL queries.

The userSelect query should return 2 values, the username and the password in that order. It should include one PreparedStatement parameter (a ?) which will be filled in with the username. In other words, the query should look like: SELECT user, password FROM credentials WHERE username=?

The groupSelect query should return 2 values, the username and the group name in that order (but it may return multiple rows, one per group). It should include one PreparedStatement parameter (a ?) which will be filled in with the username. In other words, the query should look like: SELECT user, role FROM user_roles WHERE username=?

This login module checks security credentials so the lifecycle methods must return true to indicate success or throw LoginException to indicate failure.


Field Summary
static String CONNECTION_URL
           
static String DATABASE_POOL_APP_NAME
           
static String DATABASE_POOL_NAME
           
static String DIGEST
           
static String DRIVER
           
static String ENCODING
           
static String GROUP_SELECT
           
static String PASSWORD
           
static String USER
           
static String USER_SELECT
           
 
Constructor Summary
SQLLoginModule()
           
 
Method Summary
 boolean abort()
           
 boolean commit()
           
 void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
           
 boolean login()
           
 boolean logout()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

USER_SELECT

public static final String USER_SELECT
See Also:
Constant Field Values

GROUP_SELECT

public static final String GROUP_SELECT
See Also:
Constant Field Values

CONNECTION_URL

public static final String CONNECTION_URL
See Also:
Constant Field Values

USER

public static final String USER
See Also:
Constant Field Values

PASSWORD

public static final String PASSWORD
See Also:
Constant Field Values

DRIVER

public static final String DRIVER
See Also:
Constant Field Values

DATABASE_POOL_NAME

public static final String DATABASE_POOL_NAME
See Also:
Constant Field Values

DATABASE_POOL_APP_NAME

public static final String DATABASE_POOL_APP_NAME
See Also:
Constant Field Values

DIGEST

public static final String DIGEST
See Also:
Constant Field Values

ENCODING

public static final String ENCODING
See Also:
Constant Field Values
Constructor Detail

SQLLoginModule

public SQLLoginModule()
Method Detail

initialize

public void initialize(Subject subject,
                       CallbackHandler callbackHandler,
                       Map sharedState,
                       Map options)
Specified by:
initialize in interface LoginModule

login

public boolean login()
              throws LoginException
Specified by:
login in interface LoginModule
Throws:
LoginException

commit

public boolean commit()
               throws LoginException
Specified by:
commit in interface LoginModule
Throws:
LoginException

abort

public boolean abort()
              throws LoginException
Specified by:
abort in interface LoginModule
Throws:
LoginException

logout

public boolean logout()
               throws LoginException
Specified by:
logout in interface LoginModule
Throws:
LoginException


Copyright © 2003-2007 Apache Software Foundation. All Rights Reserved.