📄 jdbcrealm.java
字号:
/**
* If there are any errors with the JDBC connection, executing
* the query or anything we return false (don't authenticate). This
* event is also logged.
*
* If there is some SQL exception the connection is set to null.
* This will allow a retry on the next auth attempt. This might not
* be the best thing to do but it will keep tomcat from needing a
* restart if the database goes down.
*
* @param username Username of the Principal to look up
* @param credentials Password or other credentials to use in
* authenticating this username
*/
public synchronized boolean authenticate(String username, String credentials) {
try {
if (!checkConnection()) {
return false;
}
// Create the authentication search prepared statement if necessary
if (preparedAuthenticate == null) {
String sql = "SELECT " + userCredCol + " FROM " + userTable +
" WHERE " + userNameCol + " = ?";
if (debug >= 1)
log("JDBCRealm.authenticate: " + sql);
preparedAuthenticate = dbConnection.prepareStatement(sql);
}
// Perform the authentication search
preparedAuthenticate.setString(1, username);
ResultSet rs1 = preparedAuthenticate.executeQuery();
boolean found = false;
if (rs1.next()) {
if (credentials.equals(rs1.getString(1).trim())) {
if (debug >= 2)
log(sm.getString("jdbcRealm.authenticateSuccess",
username));
return true;
}
}
rs1.close();
if (debug >= 2)
log(sm.getString("jdbcRealm.authenticateFailure",
username));
return false;
} catch( SQLException ex ) {
// Log the problem for posterity
log(sm.getString("jdbcRealm.authenticateSQLException",
username));
log("SQLException: " + ex);
close();
// Return "not authenticated" for this request
return false;
}
}
public synchronized String[] getUserRoles(String username) {
try {
if( !checkConnection()) {
return null;
}
if (preparedRoles == null) {
String sql = "SELECT " + roleNameCol + " FROM " +
userRoleTable + " WHERE " + userNameCol + " = ?";
if (debug >= 1)
log("JDBCRealm.roles: " + sql);
preparedRoles = dbConnection.prepareStatement(sql);
}
preparedRoles.clearParameters();
preparedRoles.setString(1, username);
ResultSet rs = preparedRoles.executeQuery();
// Next we convert the resultset into a String[]
Vector vrol=new Vector();
while (rs.next()) {
vrol.addElement(rs.getString(1).trim());
}
String[] res=new String[vrol.size()];
for(int i=0 ; i<vrol.size() ; i++ )
res[i]=(String)vrol.elementAt(i);
return res;
}
catch( SQLException ex ) {
// Set the connection to null.
// Next time we will try to get a new connection.
log(sm.getString("jdbcRealm.getUserRolesSQLException",
username));
log("SQLException: " + ex);
close();
}
return null;
}
public void contextInit(Context ctx)
throws org.apache.tomcat.core.TomcatException {
// Validate and update our current component state
if (!started && checkConnection() ) {
started = true;
log(sm.getString("jdbcRealm.started"));
}
}
public void contextShutdown(Context ctx)
throws org.apache.tomcat.core.TomcatException {
// Validate and update our current component state
if (started) {
started=false;
close();
}
}
public void setContextManager( ContextManager cm ) {
super.setContextManager( cm );
this.cm=cm;
// set-up a per/container note for maps
try {
// XXX make the name a "global" static - after everything is stable!
reqRolesNote = cm.getNoteId( ContextManager.REQUEST_NOTE
, "required.roles");
} catch( TomcatException ex ) {
ex.printStackTrace();
throw new RuntimeException( "Invalid state ");
}
}
public int authenticate( Request req, Response response ) {
// Extract the credentials
Hashtable cred=new Hashtable();
SecurityTools.credentials( req, cred );
// This realm will use only username and password callbacks
String user=(String)cred.get("username");
String password=(String)cred.get("password");
if( user !=null && password !=null ){
if ( authenticate( user, password ) ) {
if( debug > 0 ) log( "Auth ok, user=" + user );
req.setRemoteUser( user );
req.setUserPrincipal(new SimplePrincipal(user));
Context ctx = req.getContext();
if (ctx != null)
req.setAuthType(ctx.getAuthMethod());
}
}
return 0;
}
public int authorize( Request req, Response response, String roles[] )
{
if( roles==null ) {
// request doesn't need authentication
return 0;
}
Context ctx=req.getContext();
String userRoles[]=null;
String user=req.getRemoteUser();
if( user==null )
return 401; //HttpServletResponse.SC_UNAUTHORIZED
if( debug > 0 )
log( "Controled access for " + user + " " + req + " "
+ req.getContainer() );
userRoles = getUserRoles( user );
req.setUserRoles( userRoles );
if( debug > 0 ) {
if ((userRoles != null) && (userRoles.length > 0))
log( "Auth ok, first role=" + userRoles[0] );
else
log( "Auth ok, user has no roles");
}
if( SecurityTools.haveRole( userRoles, roles ))
return 0;
if( debug > 0 ) {
if ((roles != null) && (roles.length > 0))
log( "UnAuthorized " + roles[0] );
else
log( "UnAuthorized - no roles specified");
}
return 401; //HttpServletResponse.SC_UNAUTHORIZED
// XXX check transport
}
private boolean checkConnection(){
if (started) log(sm.getString("jdbcRealm.checkConnectionDBClosed"));
else log(sm.getString("jdbcRealm.starting"));
try {
if( (dbConnection == null) || dbConnection.isClosed() ) {
Class.forName(driverName);
if ((connectionName == null || connectionName.equals("")) ||
(connectionPassword == null || connectionPassword.equals(""))) {
dbConnection = DriverManager.getConnection(connectionURL);
} else {
dbConnection = DriverManager.getConnection(connectionURL,
connectionName,
connectionPassword);
}
if( dbConnection == null || dbConnection.isClosed() ) {
log(sm.getString("jdbcRealm.checkConnectionDBReOpenFail"));
return false;
}
}
return true;
}catch (SQLException ex){
log(sm.getString("jdbcRealm.checkConnectionSQLException"));
log ("SQLException: "+ex);
close();
return false;
}
catch( ClassNotFoundException ex ) {
throw new RuntimeException("JDBCRealm.checkConnection: " + ex);
}
}
private void close() {
// Clean up the JDBC objects so that they get recreated next time
if (preparedRoles != null) {
try {
preparedRoles.close();
} catch (Throwable t) {
;
}
preparedRoles = null;
}
if (preparedAuthenticate != null) {
try {
preparedAuthenticate.close();
} catch (Throwable t) {
;
}
preparedAuthenticate = null;
}
if (dbConnection != null) {
try {
dbConnection.close();
} catch (Throwable t) {
;
}
dbConnection = null;
}
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -