tigase.db.jdbc

Class TigaseCustomAuth

java.lang.Object

tigase.db.jdbc.TigaseCustomAuth

All Implemented Interfaces:

AuthRepository, Repository

Direct Known Subclasses:

TigaseSPAuth

public class TigaseCustomAuth
extends Object
implements AuthRepository

The user authentication connector allows for customized SQL queries to be used. Queries are defined in the configuration file and they can be either plain SQL queries or stored procedures. If the query starts with characters: { call then the server assumes this is a stored procedure call, otherwise it is executed as a plain SQL query. Each configuration value is stripped from white characters on both ends before processing. Please don't use semicolon ';' at the end of the query as many JDBC drivers get confused and the query may not work for unknown obvious reason. Some queries take arguments. Arguments are marked by question marks '?' in the query. Refer to the configuration parameters description for more details about what parameters are expected in each query. Example configuration. The first example shows how to put a stored procedure as a query with 2 required parameters.

 add-user-query={ call TigAddUserPlainPw(?, ?) }
 

The same query with plain SQL parameters instead:

 add-user-query=insert into users (user_id, password) values (?, ?)
 

Created: Sat Nov 11 22:22:04 2006

Version:

$Rev$

Author:

Artur Hefczyc

Nested Class Summary

Nested classes/interfaces inherited from interface tigase.db.Repository

Repository.Meta

Field Summary

Fields

Modifier and Type	Field and Description
static String	DEF_ADDUSER_KEY Query adding a new user to the database.
static String	DEF_ADDUSER_QUERY Field description
static String	DEF_CONNVALID_KEY Query executing periodically to ensure active connection with the database.
static String	DEF_DELUSER_KEY Removes a user from the database.
static String	DEF_DELUSER_QUERY Field description
static String	DEF_DISABLEACCOUNT_KEY
static String	DEF_DISABLEACCOUNT_QUERY
static String	DEF_ENABLEACCOUNT_KEY
static String	DEF_ENABLEACCOUNT_QUERY
static String	DEF_GETPASSWORD_KEY Retrieves user password from the database for given user_id (JID).
static String	DEF_GETPASSWORD_QUERY Field description
static String	DEF_INITDB_KEY Database initialization query which is run after the server is started.
static String	DEF_INITDB_QUERY Field description
static String	DEF_LISTDISABLEDACCOUNTS_KEY
static String	DEF_LISTDISABLEDACCOUNTS_QUERY
static String	DEF_NONSASL_MECHS Field description
static String	DEF_NONSASL_MECHS_KEY Comma separated list of NON-SASL authentication mechanisms.
static String	DEF_SASL_MECHS Field description
static String	DEF_SASL_MECHS_KEY Comma separated list of SASL authentication mechanisms.
static String	DEF_UPDATEPASSWORD_KEY Updates (changes) password for a given user_id (JID).
static String	DEF_UPDATEPASSWORD_QUERY Field description
static String	DEF_USERLOGIN_KEY Performs user login.
static String	DEF_USERLOGIN_QUERY Field description
static String	DEF_USERLOGOUT_KEY This query is called when user logs out or disconnects.
static String	DEF_USERLOGOUT_QUERY Field description
static String	DEF_USERS_COUNT_KEY Field description
static String	DEF_USERS_COUNT_QUERY Field description
static String	DEF_USERS_DOMAIN_COUNT_KEY Field description
static String	DEF_USERS_DOMAIN_COUNT_QUERY Field description
static String	NO_QUERY
static String	SP_STARTS_WITH Field description

Fields inherited from interface tigase.db.AuthRepository

DATA_KEY, DIGEST_ID_KEY, DIGEST_KEY, MACHANISM_KEY, PASSWORD_KEY, PROTOCOL_KEY, PROTOCOL_VAL_NONSASL, PROTOCOL_VAL_SASL, REALM_KEY, RESULT_KEY, SERVER_NAME_KEY, USER_ID_KEY, USERNAME_KEY

Constructor Summary

Constructors

Constructor and Description
TigaseCustomAuth()

Method Summary

Modifier and Type	Method and Description
void	addUser(BareJID user, String password) Describe addUser method here.
boolean	digestAuth(BareJID user, String digest, String id, String alg) Deprecated.
protected String	getParamWithDef(Map<String,String> params, String key, String def)
String	getPassword(BareJID user)
String	getResourceUri() getResourceUri method returns database connection string.
long	getUsersCount() getUsersCount method is thread safe.
long	getUsersCount(String domain) This method is only used by the server statistics component to report number of registered users for given domain.
void	initRepository(String connection_str, Map<String,String> params) The method is called to initialize the data repository.
boolean	isUserDisabled(BareJID user)
void	logout(BareJID user) Describe logout method here.
boolean	otherAuth(Map<String,Object> props) Describe otherAuth method here.
boolean	plainAuth(BareJID user, String password) Deprecated.
void	queryAuth(Map<String,Object> authProps) queryAuth returns mechanisms available for authentication.
void	removeUser(BareJID user) Describe removeUser method here.
void	setUserDisabled(BareJID user, Boolean value)
void	updatePassword(BareJID user, String password) Describe updatePassword method here.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEF_CONNVALID_KEY

public static final String DEF_CONNVALID_KEY

Query executing periodically to ensure active connection with the database. Takes no arguments. Example query:

 select 1
 

See Also:

Constant Field Values

DEF_INITDB_KEY

public static final String DEF_INITDB_KEY

Database initialization query which is run after the server is started. Takes no arguments. Example query:

 update tig_users set online_status = 0
 

See Also:

Constant Field Values

DEF_ADDUSER_KEY

public static final String DEF_ADDUSER_KEY

Query adding a new user to the database. Takes 2 arguments: (user_id (JID), password) Example query:

 insert into tig_users (user_id, user_pw) values (?, ?)
 

See Also:

Constant Field Values

DEF_DELUSER_KEY

public static final String DEF_DELUSER_KEY

Removes a user from the database. Takes 1 argument: (user_id (JID)) Example query:

 delete from tig_users where user_id = ?
 

See Also:

Constant Field Values

DEF_GETPASSWORD_KEY

public static final String DEF_GETPASSWORD_KEY

Retrieves user password from the database for given user_id (JID). Takes 1 argument: (user_id (JID)) Example query:

 select user_pw from tig_users where user_id = ?
 

See Also:

Constant Field Values

DEF_UPDATEPASSWORD_KEY

public static final String DEF_UPDATEPASSWORD_KEY

Updates (changes) password for a given user_id (JID). Takes 2 arguments: (password, user_id (JID)) Example query:

 update tig_users set user_pw = ? where user_id = ?
 

See Also:

Constant Field Values

DEF_USERLOGIN_KEY

public static final String DEF_USERLOGIN_KEY

Performs user login. Normally used when there is a special SP used for this purpose. This is an alternative way to a method requiring retrieving user password. Therefore at least one of those queries must be defined: user-login-query or get-password-query. If both queries are defined then user-login-query is used. Normally this method should be only used with plain text password authentication or sasl-plain. The Tigase server expects a result set with user_id to be returned from the query if login is successful and empty results set if the login is unsuccessful. Takes 2 arguments: (user_id (JID), password) Example query:

 select user_id from tig_users where (user_id = ?) AND (user_pw = ?)
 

See Also:

Constant Field Values

DEF_USERLOGOUT_KEY

public static final String DEF_USERLOGOUT_KEY

This query is called when user logs out or disconnects. It can record that event in the database. Takes 1 argument: (user_id (JID)) Example query:

 update tig_users, set online_status = online_status - 1 where user_id = ?
 

See Also:

Constant Field Values

DEF_USERS_COUNT_KEY

public static final String DEF_USERS_COUNT_KEY

Field description

See Also:

Constant Field Values

DEF_USERS_DOMAIN_COUNT_KEY

public static final String DEF_USERS_DOMAIN_COUNT_KEY

Field description

See Also:

Constant Field Values

DEF_LISTDISABLEDACCOUNTS_KEY

public static final String DEF_LISTDISABLEDACCOUNTS_KEY

See Also:

Constant Field Values

DEF_DISABLEACCOUNT_KEY

public static final String DEF_DISABLEACCOUNT_KEY

See Also:

Constant Field Values

DEF_ENABLEACCOUNT_KEY

public static final String DEF_ENABLEACCOUNT_KEY

See Also:

Constant Field Values

DEF_NONSASL_MECHS_KEY

public static final String DEF_NONSASL_MECHS_KEY

Comma separated list of NON-SASL authentication mechanisms. Possible mechanisms are: password and digest. digest mechanism can work only with get-password-query active and only when password are stored in plain text format in the database.

See Also:

Constant Field Values

DEF_SASL_MECHS_KEY

public static final String DEF_SASL_MECHS_KEY

Comma separated list of SASL authentication mechanisms. Possible mechanisms are all mechanisms supported by Java implementation. The most common are: PLAIN, DIGEST-MD5, CRAM-MD5. "Non-PLAIN" mechanisms will work only with the get-password-query active and only when passwords are stored in plain text format in the database.

See Also:

Constant Field Values

NO_QUERY

public static final String NO_QUERY

See Also:

Constant Field Values

DEF_INITDB_QUERY

public static final String DEF_INITDB_QUERY

Field description

See Also:

Constant Field Values

DEF_ADDUSER_QUERY

public static final String DEF_ADDUSER_QUERY

Field description

See Also:

Constant Field Values

DEF_DELUSER_QUERY

public static final String DEF_DELUSER_QUERY

Field description

See Also:

Constant Field Values

DEF_GETPASSWORD_QUERY

public static final String DEF_GETPASSWORD_QUERY

Field description

See Also:

Constant Field Values

DEF_UPDATEPASSWORD_QUERY

public static final String DEF_UPDATEPASSWORD_QUERY

Field description

See Also:

Constant Field Values

DEF_USERLOGIN_QUERY

public static final String DEF_USERLOGIN_QUERY

Field description

See Also:

Constant Field Values

DEF_USERLOGOUT_QUERY

public static final String DEF_USERLOGOUT_QUERY

Field description

See Also:

Constant Field Values

DEF_USERS_COUNT_QUERY

public static final String DEF_USERS_COUNT_QUERY

Field description

See Also:

Constant Field Values

DEF_USERS_DOMAIN_COUNT_QUERY

public static final String DEF_USERS_DOMAIN_COUNT_QUERY

Field description

See Also:

Constant Field Values

DEF_LISTDISABLEDACCOUNTS_QUERY

public static final String DEF_LISTDISABLEDACCOUNTS_QUERY

See Also:

Constant Field Values

DEF_DISABLEACCOUNT_QUERY

public static final String DEF_DISABLEACCOUNT_QUERY

See Also:

Constant Field Values

DEF_ENABLEACCOUNT_QUERY

public static final String DEF_ENABLEACCOUNT_QUERY

See Also:

Constant Field Values

DEF_NONSASL_MECHS

public static final String DEF_NONSASL_MECHS

Field description

See Also:

Constant Field Values

DEF_SASL_MECHS

public static final String DEF_SASL_MECHS

Field description

See Also:

Constant Field Values

SP_STARTS_WITH

public static final String SP_STARTS_WITH

Field description

See Also:

Constant Field Values

Constructor Detail

TigaseCustomAuth

public TigaseCustomAuth()

Method Detail

addUser

public void addUser(BareJID user,
                    String password)
             throws UserExistsException,
                    TigaseDBException

Description copied from interface: AuthRepository

Describe addUser method here.

Specified by:

addUser in interface AuthRepository

Parameters:

user - a BareJID value

password - a String value

Throws:

UserExistsException - if an error occurs

TigaseDBException - if an error occurs

digestAuth

@Deprecated
public boolean digestAuth(BareJID user,
                                      String digest,
                                      String id,
                                      String alg)
                               throws UserNotFoundException,
                                      TigaseDBException,
                                      AuthorizationException

Deprecated.

Description copied from interface: AuthRepository

digestAuth method performs non-sasl, digest authentication as described in non-sasl authentication XEP-0078 For now it is empty and always returns false as I don't have description for database with passwords.

Specified by:

digestAuth in interface AuthRepository

Parameters:

user - a BareJID value of user name

digest - a String value password digest sum

id - a String value session ID used for digest sum calculation.

alg - a String value of algorithm ID used for digest sum calculation.

Returns:

a boolean value true on successful authentication, false on authentication failure.

Throws:

UserNotFoundException - if an given user name is not found in the authentication repository.

TigaseDBException - if an error occurs during during accessing database;

AuthorizationException - if an error occurs during authentication process.

getResourceUri

public String getResourceUri()

Description copied from interface: AuthRepository

getResourceUri method returns database connection string.

Specified by:

getResourceUri in interface AuthRepository

Returns:

a String value of database connection string.

getUsersCount

public long getUsersCount()

getUsersCount method is thread safe. It uses local variable for storing Statement.

Specified by:

getUsersCount in interface AuthRepository

Returns:

a long number of user accounts in database.

getUsersCount

public long getUsersCount(String domain)

Description copied from interface: AuthRepository

This method is only used by the server statistics component to report number of registered users for given domain.

Specified by:

getUsersCount in interface AuthRepository

Returns:

a long number of registered users in the repository.

initRepository

public void initRepository(String connection_str,
                           Map<String,String> params)
                    throws DBInitException

Description copied from interface: Repository

The method is called to initialize the data repository. Depending on the implementation all the initialization parameters can be passed either via resource_uri parameter as the database connection string or via params map if the required repository parameters are more complex or both.

Specified by:

initRepository in interface Repository

Parameters:

connection_str - value in most cases representing the database connection string.

params - is a Map with repository properties necessary to initialize and perform all the functions. The initialization parameters are implementation dependent.

Throws:

DBInitException - if there was an error during repository initialization. Some implementations, though, perform so called lazy initialization so even though there is a problem with the underlying repository it may not be signaled through this method call.

logout

public void logout(BareJID user)
            throws UserNotFoundException,
                   TigaseDBException

Description copied from interface: AuthRepository

Describe logout method here.

Specified by:

logout in interface AuthRepository

Parameters:

user - a BareJID value

Throws:

UserNotFoundException - if an error occurs

TigaseDBException - if an error occurs

otherAuth

public boolean otherAuth(Map<String,Object> props)
                  throws UserNotFoundException,
                         TigaseDBException,
                         AuthorizationException

Description copied from interface: AuthRepository

Describe otherAuth method here.

Specified by:

otherAuth in interface AuthRepository

Parameters:

props - a Map value

Returns:

a boolean value

Throws:

UserNotFoundException - if an error occurs

TigaseDBException - if an error occurs

AuthorizationException - if an error occurs

plainAuth

@Deprecated
public boolean plainAuth(BareJID user,
                                     String password)
                              throws UserNotFoundException,
                                     TigaseDBException,
                                     AuthorizationException

Deprecated.

Description copied from interface: AuthRepository

plainAuth method performs non-sasl, plain authentication as described in non-sasl authentication XEP-0078.

Specified by:

plainAuth in interface AuthRepository

Parameters:

user - a BareJID value of user name

password - a String value of plain user password.

Returns:

a boolean value true on successful authentication, false on authentication failure.

Throws:

UserNotFoundException - if an given user name is not found in the authentication repository.

TigaseDBException - if an error occurs during during accessing database;

AuthorizationException - if an error occurs during authentication process.

queryAuth

public void queryAuth(Map<String,Object> authProps)

Description copied from interface: AuthRepository

queryAuth returns mechanisms available for authentication.

Specified by:

queryAuth in interface AuthRepository

Parameters:

authProps - a Map value with parameters for authentication.

removeUser

public void removeUser(BareJID user)
                throws UserNotFoundException,
                       TigaseDBException

Description copied from interface: AuthRepository

Describe removeUser method here.

Specified by:

removeUser in interface AuthRepository

Parameters:

user - a BareJID value

Throws:

UserNotFoundException - if an error occurs

TigaseDBException - if an error occurs

updatePassword

public void updatePassword(BareJID user,
                           String password)
                    throws UserNotFoundException,
                           TigaseDBException

Description copied from interface: AuthRepository

Describe updatePassword method here.

Specified by:

updatePassword in interface AuthRepository

Parameters:

user - a BareJID value

password - a String value

Throws:

UserNotFoundException

TigaseDBException - if an error occurs

getParamWithDef

protected String getParamWithDef(Map<String,String> params,
                                 String key,
                                 String def)

getPassword

public String getPassword(BareJID user)
                   throws UserNotFoundException,
                          TigaseDBException

Specified by:

getPassword in interface AuthRepository

Throws:

UserNotFoundException

TigaseDBException

isUserDisabled

public boolean isUserDisabled(BareJID user)
                       throws UserNotFoundException,
                              TigaseDBException

Specified by:

isUserDisabled in interface AuthRepository

Throws:

UserNotFoundException

TigaseDBException

setUserDisabled

public void setUserDisabled(BareJID user,
                            Boolean value)
                     throws UserNotFoundException,
                            TigaseDBException

Specified by:

setUserDisabled in interface AuthRepository

Throws:

UserNotFoundException

TigaseDBException