public class JDBCUserDatabase extends AbstractUserDatabase
Implementation of UserDatabase that persists DefaultUserProfile
objects to a JDBC DataSource, as might typically be provided by a web
container. This implementation looks up the JDBC DataSource using JNDI. The
JNDI name of the datasource, backing table and mapped columns used by this
class can be overridden by adding settings in jspwiki.properties.
Configurable properties are these:
| Property | Default | Definition | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
jspwiki.userdatabase.datasource |
jdbc/UserDatabase |
The JNDI name of the DataSource | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.table |
users |
The table that stores the user profiles | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.attributes |
attributes |
The CLOB column containing the profile's custom attributes, stored as key/value strings, each separated by newline. | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.created |
created |
The column containing the profile's creation timestamp | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.email |
email |
The column containing the user's e-mail address | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.fullName |
full_name |
The column containing the user's full name | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.loginName |
login_name |
The column containing the user's login id | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.password |
password |
The column containing the user's password | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.modified |
modified |
The column containing the profile's last-modified timestamp | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.uid |
uid |
The column containing the profile's unique identifier, as a long integer | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.wikiName |
wiki_name |
The column containing the user's wiki name | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.lockExpiry |
lock_expiry |
The column containing the date/time when the profile, if locked, should be unlocked. | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.roleTable |
roles |
The table that stores user roles. When a new user is created, a new record is inserted containing user's initial role. The table will have an ID column whose name and values correspond to the contents of the user table's login name column. It will also contain a role column (see next row). | ||||||||||||||||||||||||||||||||||||||||||
jspwiki.userdatabase.role |
role |
The column in the role table that stores user roles. When a new user is
created, this column will be populated with the value
Authenticated. Once created, JDBCUserDatabase does not use
this column again; it is provided strictly for the convenience of
container-managed authentication services. |
This class hashes passwords using SHA-1. All of the underying SQL commands used by this class are implemented using prepared statements, so it is immune to SQL injection attacks.
This class is typically used in conjunction with a web container's JNDI
resource factory. For example, Tomcat provides a basic
JNDI factory for registering DataSources. To give JSPWiki access to the JNDI
resource named by , you would declare the datasource resource
similar to this:
<Context ...>
...
<Resource name="jdbc/UserDatabase" auth="Container"
type="javax.sql.DataSource" username="dbusername" password="dbpassword"
driverClassName="org.hsql.jdbcDriver" url="jdbc:HypersonicSQL:database"
maxActive="8" maxIdle="4"/>
...
</Context>To configure JSPWiki to use JDBC support, first create a database with a structure similar to that provided by the HSQL and PostgreSQL scripts in src/main/config/db. If you have different table or column names you can either alias them with a database view and have JSPWiki use the views, or alter the WEB-INF/jspwiki.properties file: the jspwiki.userdatabase.* and jspwiki.groupdatabase.* properties change the names of the tables and columns that JSPWiki uses.
A JNDI datasource (named jdbc/UserDatabase by default but can be configured
in the jspwiki.properties file) will need to be created in your servlet container.
JDBC driver JARs should be added, e.g. in Tomcat's lib
directory. For more Tomcat JNDI configuration examples, see
http://tomcat.apache.org/tomcat-7.0-doc/jndi-resources-howto.html.
Once done, restart JSPWiki in the servlet container for it to read the
new properties and switch to JDBC authentication.
JDBCUserDatabase commits changes as transactions if the back-end database
supports them. If the database supports transactions, user profile changes
are saved to permanent storage only when the #commit() method is
called. If the database does not support transactions, then
changes are made immediately (during the save(UserProfile) method),
and the #commit() method no-ops. Thus, callers should always
call the #commit() method after saving a profile to guarantee
that changes are applied.
| Modifier and Type | Field and Description |
|---|---|
static String |
DEFAULT_DB_ATTRIBUTES |
static String |
DEFAULT_DB_CREATED |
static String |
DEFAULT_DB_EMAIL |
static String |
DEFAULT_DB_FULL_NAME |
static String |
DEFAULT_DB_JNDI_NAME |
static String |
DEFAULT_DB_LOCK_EXPIRY |
static String |
DEFAULT_DB_LOGIN_NAME |
static String |
DEFAULT_DB_MODIFIED |
static String |
DEFAULT_DB_PASSWORD |
static String |
DEFAULT_DB_ROLE |
static String |
DEFAULT_DB_ROLE_TABLE |
static String |
DEFAULT_DB_TABLE |
static String |
DEFAULT_DB_UID |
static String |
DEFAULT_DB_WIKI_NAME |
static String |
PROP_DB_ATTRIBUTES |
static String |
PROP_DB_CREATED |
static String |
PROP_DB_DATASOURCE |
static String |
PROP_DB_EMAIL |
static String |
PROP_DB_FULL_NAME |
static String |
PROP_DB_LOCK_EXPIRY |
static String |
PROP_DB_LOGIN_NAME |
static String |
PROP_DB_MODIFIED |
static String |
PROP_DB_PASSWORD |
static String |
PROP_DB_ROLE |
static String |
PROP_DB_ROLE_TABLE |
static String |
PROP_DB_TABLE |
static String |
PROP_DB_UID |
static String |
PROP_DB_WIKI_NAME |
log, SHA_PREFIX, SSHA_PREFIX| Constructor and Description |
|---|
JDBCUserDatabase() |
| Modifier and Type | Method and Description |
|---|---|
void |
deleteByLoginName(String loginName)
Looks up and deletes the first
UserProfile in the user database
that matches a profile having a given login name. |
UserProfile |
findByEmail(String index)
Looks up and returns the first
UserProfile in the user database
that matches a profile having a given e-mail address. |
UserProfile |
findByFullName(String index)
Looks up and returns the first
UserProfile in the user database
that matches a profile having a given full name. |
UserProfile |
findByLoginName(String index)
Looks up and returns the first
UserProfile in the user database
that matches a profile having a given login name. |
UserProfile |
findByUid(String uid)
Looks up and returns the first
UserProfile in the user database
that matches a profile having a given unique ID (uid). |
UserProfile |
findByWikiName(String index)
Looks up and returns the first
UserProfile in the user database
that matches a profile having a given wiki name. |
Principal[] |
getWikiNames()
Returns all WikiNames that are stored in the UserDatabase as an array of
WikiPrincipal objects.
|
void |
initialize(WikiEngine engine,
Properties props)
Initializes the user database based on values from a Properties object.
|
void |
rename(String loginName,
String newName)
Renames a
UserProfile in the user database by changing
the profile's login name. |
void |
save(UserProfile profile)
Saves a
UserProfileto the user database, overwriting the
existing profile if it exists. |
find, generateUid, getHash, getPrincipals, newProfile, parseLong, validatePasswordpublic static final String DEFAULT_DB_ATTRIBUTES
public static final String DEFAULT_DB_CREATED
public static final String DEFAULT_DB_EMAIL
public static final String DEFAULT_DB_FULL_NAME
public static final String DEFAULT_DB_JNDI_NAME
public static final String DEFAULT_DB_LOCK_EXPIRY
public static final String DEFAULT_DB_MODIFIED
public static final String DEFAULT_DB_ROLE
public static final String DEFAULT_DB_ROLE_TABLE
public static final String DEFAULT_DB_TABLE
public static final String DEFAULT_DB_LOGIN_NAME
public static final String DEFAULT_DB_PASSWORD
public static final String DEFAULT_DB_UID
public static final String DEFAULT_DB_WIKI_NAME
public static final String PROP_DB_ATTRIBUTES
public static final String PROP_DB_CREATED
public static final String PROP_DB_EMAIL
public static final String PROP_DB_FULL_NAME
public static final String PROP_DB_DATASOURCE
public static final String PROP_DB_LOCK_EXPIRY
public static final String PROP_DB_LOGIN_NAME
public static final String PROP_DB_MODIFIED
public static final String PROP_DB_PASSWORD
public static final String PROP_DB_UID
public static final String PROP_DB_ROLE
public static final String PROP_DB_ROLE_TABLE
public static final String PROP_DB_TABLE
public static final String PROP_DB_WIKI_NAME
public JDBCUserDatabase()
public void deleteByLoginName(String loginName) throws NoSuchPrincipalException, WikiSecurityException
UserProfile in the user database
that matches a profile having a given login name. If the user database
does not contain a user with a matching attribute, throws a
NoSuchPrincipalException. This method is intended to be atomic;
results cannot be partially committed. If the commit fails, it should
roll back its state appropriately. Implementing classes that persist to
the file system may wish to make this method synchronized.loginName - the login name of the user profile that shall be deletedNoSuchPrincipalExceptionWikiSecurityExceptionpublic UserProfile findByEmail(String index) throws NoSuchPrincipalException
AbstractUserDatabaseUserProfile in the user database
that matches a profile having a given e-mail address. If the user
database does not contain a user with a matching attribute, throws a
NoSuchPrincipalException.findByEmail in interface UserDatabasefindByEmail in class AbstractUserDatabaseindex - the e-mail address of the desired user profileNoSuchPrincipalExceptionUserDatabase.findByEmail(java.lang.String)public UserProfile findByFullName(String index) throws NoSuchPrincipalException
AbstractUserDatabaseUserProfile in the user database
that matches a profile having a given full name. If the user database
does not contain a user with a matching attribute, throws a
NoSuchPrincipalException.findByFullName in interface UserDatabasefindByFullName in class AbstractUserDatabaseindex - the fill name of the desired user profileNoSuchPrincipalExceptionUserDatabase.findByFullName(java.lang.String)public UserProfile findByLoginName(String index) throws NoSuchPrincipalException
AbstractUserDatabaseUserProfile in the user database
that matches a profile having a given login name. If the user database
does not contain a user with a matching attribute, throws a
NoSuchPrincipalException.findByLoginName in interface UserDatabasefindByLoginName in class AbstractUserDatabaseindex - the login name of the desired user profileNoSuchPrincipalExceptionUserDatabase.findByLoginName(java.lang.String)public UserProfile findByUid(String uid) throws NoSuchPrincipalException
UserDatabaseUserProfile in the user database
that matches a profile having a given unique ID (uid). If the user database
does not contain a user with a unique ID, it throws a
NoSuchPrincipalException.uid - the unique identifier of the desired user profileNoSuchPrincipalExceptionUserDatabase.findByWikiName(String)public UserProfile findByWikiName(String index) throws NoSuchPrincipalException
AbstractUserDatabaseUserProfile in the user database
that matches a profile having a given wiki name. If the user database
does not contain a user with a matching attribute, throws a
NoSuchPrincipalException.findByWikiName in interface UserDatabasefindByWikiName in class AbstractUserDatabaseindex - the wiki name of the desired user profileNoSuchPrincipalExceptionUserDatabase.findByWikiName(String)public Principal[] getWikiNames() throws WikiSecurityException
WikiSecurityExceptionpublic void initialize(WikiEngine engine, Properties props) throws NoRequiredPropertyException, WikiSecurityException
AbstractUserDatabaseinitialize in interface UserDatabaseinitialize in class AbstractUserDatabaseNoRequiredPropertyExceptionWikiSecurityExceptionUserDatabase.initialize(org.apache.wiki.WikiEngine,
java.util.Properties)public void rename(String loginName, String newName) throws NoSuchPrincipalException, DuplicateUserException, WikiSecurityException
UserDatabaseRenames a UserProfile in the user database by changing
the profile's login name. Because the login name is the profile's unique
identifier, implementations should verify that the identifier is
"safe" to change before actually changing it. Specifically: the profile
with the supplied login name must already exist, and the proposed new
name must not be in use by another profile.
This method is intended to be atomic; results cannot be partially committed.
If the commit fails, it should roll back its state appropriately.
Implementing classes that persist to the file system may wish to make
this method synchronized.
loginName - the existing login name for the profilenewName - the proposed new login nameNoSuchPrincipalException - if the user profile identified by
loginName does not existDuplicateUserException - if another user profile with the
proposed new login name already existsWikiSecurityException - if the profile cannot be renamed for
any reason, such as an I/O error, database connection failure
or lack of support for renames.UserDatabase.rename(String, String)public void save(UserProfile profile) throws WikiSecurityException
AbstractUserDatabase
Saves a UserProfileto the user database, overwriting the
existing profile if it exists. The user name under which the profile
should be saved is returned by the supplied profile's
UserProfile.getLoginName() method.
The database implementation is responsible for detecting potential duplicate user profiles; specifically, the login name, wiki name, and full name must be unique. The implementation is not required to check for validity of passwords or e-mail addresses. Special case: if the profile already exists and the password is null, it should retain its previous value, rather than being set to null.
Implementations are required to time-stamp the creation or modification fields of the UserProfile./p>
This method is intended to be atomic; results cannot be partially committed.
If the commit fails, it should roll back its state appropriately.
Implementing classes that persist to the file system may wish to make
this method synchronized.
save in interface UserDatabasesave in class AbstractUserDatabaseprofile - the user profile to saveWikiSecurityException - if the profile cannot be savedUserDatabase.save(org.apache.wiki.auth.user.UserProfile)Copyright © 2001-2019 The Apache Software Foundation. All rights reserved.