Package tigase.db.jdbc
Class TigaseCustomAuth
java.lang.Object
tigase.db.AbstractAuthRepositoryWithCredentials
tigase.db.jdbc.TigaseCustomAuth
- All Implemented Interfaces:
AuthRepository,DataSourceAware<DataRepository>,Repository,RepositoryVersionAware
- Direct Known Subclasses:
TigaseSPAuth
public class TigaseCustomAuth
extends AbstractAuthRepositoryWithCredentials
implements DataSourceAware<DataRepository>, RepositoryVersionAware
The user authentication connector allows for customized SQL queries to be used. Queries are defined in the
configuration file and they can be either plain SQL queries or stored procedures.
If the query starts with characters:
Please don't use semicolon
Some queries take arguments. Arguments are marked by question marks
Example configuration.
The first example shows how to put a stored procedure as a query with 2 required parameters.
The same query with plain SQL parameters instead:
Created: Sat Nov 11 22:22:04 2006
If the query starts with characters:
{ call then the server assumes this is a stored procedure call,
otherwise it is executed as a plain SQL query. Each configuration value is stripped from white characters on both
ends before processing.
Please don't use semicolon
';' at the end of the query as many JDBC drivers get confused and the query
may not work for unknown obvious reason.
Some queries take arguments. Arguments are marked by question marks
'?' in the query. Refer to the
configuration parameters description for more details about what parameters are expected in each query.
Example configuration.
The first example shows how to put a stored procedure as a query with 2 required parameters.
add-user-query={ call TigAddUserPlainPw(?, ?) }
The same query with plain SQL parameters instead:
add-user-query=insert into users (user_id, password) values (?, ?)
Created: Sat Nov 11 22:22:04 2006
- Author:
- Artur Hefczyc
-
Nested Class Summary
Nested classes/interfaces inherited from interface tigase.db.AuthRepository
AuthRepository.AccountStatus, AuthRepository.DefaultCredentials, AuthRepository.SingleCredentialNested classes/interfaces inherited from interface tigase.db.Repository
Repository.Meta, Repository.SchemaIdNested classes/interfaces inherited from interface tigase.db.util.RepositoryVersionAware
RepositoryVersionAware.SchemaVersion -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final StringQuery adding a new user to the database.static final Stringstatic final StringQuery executing periodically to ensure active connection with the database.static final StringRemoves a user from the database.static final Stringstatic final StringDeprecated.static final StringDeprecated.static final StringRetrieves user password from the database for given user_id (JID).static final Stringstatic final StringDatabase initialization query which is run after the server is started.static final Stringstatic final Stringstatic final Stringstatic final Stringstatic final StringComma separated list of NON-SASL authentication mechanisms.static final Stringstatic final StringComma separated list of SASL authentication mechanisms.static final Stringstatic final Stringstatic final Stringstatic final StringUpdates (changes) password for a given user_id (JID).static final StringPerforms user login.static final StringThis query is called when user logs out or disconnects.static final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final StringFields inherited from interface tigase.db.AuthRepository
DATA_KEY, DIGEST_ID_KEY, DIGEST_KEY, MACHANISM_KEY, PASSWORD_KEY, PROTOCOL_KEY, PROTOCOL_VAL_NONSASL, PROTOCOL_VAL_SASL, REALM_KEY, RESULT_KEY, SERVER_NAME_KEY, USER_ID_KEY -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidgetAccountStatus(BareJID user) longgetActiveUsersCountIn(Duration duration) getCredentialIds(BareJID user) getCredentials(BareJID user, String credentialId) protected StringgetResourceUrimethod returns database connection string.longgetUsersCountmethod is thread safe.longgetUsersCount(String domain) This method is only used by the server statistics component to report number of registered users for given domain.voidinitRepository(String connection_str, Map<String, String> params) Deprecated.booleanisMechanismSupported(String domain, String mechanism) voidDo some actions on repository, when user logs in.voidbooleanvoidqueryAuthreturns mechanisms available for authentication.voidremoveCredential(BareJID user, String credentialId) voidremoveUser(BareJID user) voidsetAccountStatus(BareJID user, AuthRepository.AccountStatus value) voidsetDataSource(DataRepository data_repo) Method called to provide class with instance of a data source.voidupdateCredential(BareJID user, String credentialId, String password) voidupdateCredential(BareJID user, String credentialId, String mechanism, String data) voidupdatePassword(BareJID user, String password) Methods inherited from class tigase.db.AbstractAuthRepositoryWithCredentials
getCredentialsDecoder, getCredentialsEncoder, getPassword, setCredentialsCodecsMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface tigase.db.AuthRepository
getUsernames, isUserDisabled, setUserDisabledMethods inherited from interface tigase.db.util.RepositoryVersionAware
getVersion, updateSchema
-
Field Details
-
DEF_CONNVALID_KEY
Query executing periodically to ensure active connection with the database.
Takes no arguments.
Example query:
select 1
- See Also:
-
DEF_INITDB_KEY
Database initialization query which is run after the server is started.
Takes no arguments.
Example query:
update tig_users set online_status = 0
- See Also:
-
DEF_ADDUSER_KEY
Query adding a new user to the database.
Takes 2 arguments:(user_id (JID), password)
Example query:
insert into tig_users (user_id, user_pw) values (?, ?)
- See Also:
-
DEF_DELUSER_KEY
Removes a user from the database.
Takes 1 argument:(user_id (JID))
Example query:
delete from tig_users where user_id = ?
- See Also:
-
DEF_GETPASSWORD_KEY
Retrieves user password from the database for given user_id (JID).
Takes 1 argument:(user_id (JID))
Example query:
select user_pw from tig_users where user_id = ?
- See Also:
-
DEF_UPDATEPASSWORD_KEY
Updates (changes) password for a given user_id (JID).
Takes 2 arguments:(password, user_id (JID))
Example query:
update tig_users set user_pw = ? where user_id = ?
- See Also:
-
DEF_USERLOGIN_KEY
Performs user login. Normally used when there is a special SP used for this purpose. This is an alternative way to a method requiring retrieving user password. Therefore at least one of those queries must be defined:user-login-queryorget-password-query.
If both queries are defined thenuser-login-queryis used. Normally this method should be only used with plain text password authentication or sasl-plain.
The Tigase server expects a result set with user_id to be returned from the query if login is successful and empty results set if the login is unsuccessful.
Takes 2 arguments:(user_id (JID), password)
Example query:
select user_id from tig_users where (user_id = ?) AND (user_pw = ?)
- See Also:
-
DEF_USERLOGOUT_KEY
This query is called when user logs out or disconnects. It can record that event in the database.
Takes 1 argument:(user_id (JID))
Example query:
update tig_users, set online_status = online_status - 1 where user_id = ?
- See Also:
-
DEF_UPDATELOGINTIME_KEY
- See Also:
-
DEF_USERS_COUNT_KEY
- See Also:
-
DEF_ACTIVE_USERS_COUNT_KEY
- See Also:
-
DEF_USERS_DOMAIN_COUNT_KEY
- See Also:
-
DEF_LISTDISABLEDACCOUNTS_KEY
- See Also:
-
DEF_DISABLEACCOUNT_KEY
Deprecated.- See Also:
-
DEF_ENABLEACCOUNT_KEY
Deprecated.- See Also:
-
DEF_UPDATEACCOUNTSTATUS_KEY
- See Also:
-
DEF_ACCOUNTSTATUS_KEY
- See Also:
-
DEF_NONSASL_MECHS_KEY
Comma separated list of NON-SASL authentication mechanisms. Possible mechanisms are:passwordanddigest.digestmechanism can work only withget-password-queryactive and only when password are stored in plain text format in the database.- See Also:
-
DEF_SASL_MECHS_KEY
Comma separated list of SASL authentication mechanisms. Possible mechanisms are all mechanisms supported by Java implementation. The most common are:PLAIN,DIGEST-MD5,CRAM-MD5.
"Non-PLAIN" mechanisms will work only with theget-password-queryactive and only when passwords are stored in plain text format in the database.- See Also:
-
NO_QUERY
- See Also:
-
DEF_INITDB_QUERY
- See Also:
-
DEF_ADDUSER_QUERY
- See Also:
-
DEF_DELUSER_QUERY
- See Also:
-
DEF_GETPASSWORD_QUERY
- See Also:
-
DEF_USERS_COUNT_QUERY
- See Also:
-
DEF_ACTIVE_USERS_COUNT_QUERY
- See Also:
-
DEF_USERS_DOMAIN_COUNT_QUERY
- See Also:
-
DEF_LISTDISABLEDACCOUNTS_QUERY
- See Also:
-
DEF_UPDATEACCOUNTSTATUS_QUERY
- See Also:
-
DEF_ACCOUNTSTATUS_QUERY
- See Also:
-
DEF_NONSASL_MECHS
- See Also:
-
DEF_SASL_MECHS
- See Also:
-
SP_STARTS_WITH
- See Also:
-
-
Constructor Details
-
TigaseCustomAuth
public TigaseCustomAuth()
-
-
Method Details
-
addUser
- Specified by:
addUserin interfaceAuthRepository- Throws:
TigaseDBException
-
getAccountStatus
- Specified by:
getAccountStatusin interfaceAuthRepository- Throws:
TigaseDBException
-
getCredentials
- Specified by:
getCredentialsin interfaceAuthRepository- Throws:
TigaseDBException
-
getParamWithDef
-
getResourceUri
Description copied from interface:AuthRepositorygetResourceUrimethod returns database connection string.- Specified by:
getResourceUriin interfaceAuthRepository- Returns:
- a
Stringvalue of database connection string.
-
getCredentialIds
- Specified by:
getCredentialIdsin interfaceAuthRepository- Throws:
TigaseDBException
-
getActiveUsersCountIn
- Specified by:
getActiveUsersCountInin interfaceAuthRepository- Parameters:
duration- Time range within which active users should be counted. Method is only used by statistics.- Returns:
- number of active users in required range
-
getUsersCount
public long getUsersCount()getUsersCountmethod is thread safe. It uses local variable for storingStatement.- Specified by:
getUsersCountin interfaceAuthRepository- Returns:
- a
longnumber of user accounts in database.
-
getUsersCount
Description copied from interface:AuthRepositoryThis method is only used by the server statistics component to report number of registered users for given domain.- Specified by:
getUsersCountin interfaceAuthRepository- Parameters:
domain- for which get the statistics- Returns:
- a
longnumber of registered users in the repository.
-
initRepository
@Deprecated public void initRepository(String connection_str, Map<String, String> params) throws DBInitExceptionDeprecated.Description copied from interface:RepositoryMethod is deprecated and should not be user any more.
The method is called to initialize the data repository. Depending on the implementation all the initialization parameters can be passed either viaresource_uriparameter as the database connection string or viaparamsmap if the required repository parameters are more complex or both.- Specified by:
initRepositoryin interfaceRepository- Parameters:
connection_str- value in most cases representing the database connection string.params- is aMapwith repository properties necessary to initialize and perform all the functions. The initialization parameters are implementation dependent.- Throws:
DBInitException- if there was an error during repository initialization. Some implementations, though, perform so called lazy initialization so even though there is a problem with the underlying repository it may not be signaled through this method call.
-
isMechanismSupported
- Specified by:
isMechanismSupportedin interfaceAuthRepository- Overrides:
isMechanismSupportedin classAbstractAuthRepositoryWithCredentials
-
loggedIn
Description copied from interface:AuthRepositoryDo some actions on repository, when user logs in. (for example updatelast_login_time)- Specified by:
loggedInin interfaceAuthRepository- Parameters:
user- JID of logged user.- Throws:
TigaseDBException- if an error occurs
-
logout
- Specified by:
logoutin interfaceAuthRepository- Throws:
TigaseDBException
-
otherAuth
- Specified by:
otherAuthin interfaceAuthRepository- Throws:
TigaseDBExceptionAuthorizationException
-
queryAuth
Description copied from interface:AuthRepositoryqueryAuthreturns mechanisms available for authentication.- Specified by:
queryAuthin interfaceAuthRepository- Parameters:
authProps- aMapvalue with parameters for authentication.
-
removeCredential
- Specified by:
removeCredentialin interfaceAuthRepository- Throws:
TigaseDBException
-
removeUser
- Specified by:
removeUserin interfaceAuthRepository- Throws:
TigaseDBException
-
setAccountStatus
public void setAccountStatus(BareJID user, AuthRepository.AccountStatus value) throws TigaseDBException - Specified by:
setAccountStatusin interfaceAuthRepository- Throws:
TigaseDBException
-
setDataSource
Description copied from interface:DataSourceAwareMethod called to provide class with instance of a data source.- Specified by:
setDataSourcein interfaceDataSourceAware<DataRepository>- Throws:
DBInitException
-
updateCredential
public void updateCredential(BareJID user, String credentialId, String password) throws TigaseDBException - Specified by:
updateCredentialin interfaceAuthRepository- Throws:
TigaseDBException
-
updateCredential
public void updateCredential(BareJID user, String credentialId, String mechanism, String data) throws TigaseDBException - Specified by:
updateCredentialin interfaceAuthRepository- Throws:
TigaseDBException
-
updatePassword
- Specified by:
updatePasswordin interfaceAuthRepository- Throws:
TigaseDBException
-