org.apache.derby.impl.jdbc.authentication
Class AuthenticationServiceBase

java.lang.Object
  extended byorg.apache.derby.impl.jdbc.authentication.AuthenticationServiceBase
All Implemented Interfaces:
AuthenticationService, ModuleControl, ModuleSupportable, PropertySetCallback
Direct Known Subclasses:
BasicAuthenticationServiceImpl, JNDIAuthenticationService, NoneAuthenticationServiceImpl, SpecificAuthenticationServiceImpl

public abstract class AuthenticationServiceBase
extends java.lang.Object
implements AuthenticationService, ModuleControl, ModuleSupportable, PropertySetCallback

This is the authentication service base class.

There can be 1 Authentication Service for the whole Cloudscape system and/or 1 authentication per database. In a near future, we intend to allow multiple authentication services per system and/or per database.

It should be extended by the specialized authentication services. IMPORTANT NOTE: -------------- User passwords are encrypted using SHA-1 message digest algorithm if they're stored in the database; otherwise they are not encrypted if they were defined at the system level. SHA-1 digest is single hash (one way) digest and is considered very secure (160 bits).

Author:
Francois

Field Summary
protected  UserAuthenticator authenticationScheme
           
static java.lang.String AuthenticationTrace
          Trace flag to trace authentication operations
static java.lang.String ID_PATTERN_NEW_SCHEME
          Pattern that is prefixed to the stored password in the new authentication scheme
static int MAGICLEN_NEWENCRYPT_SCHEME
          Length of the encrypted password in the new authentication scheme See Beetle4601
private  AccessFactory store
           
 
Fields inherited from interface org.apache.derby.iapi.jdbc.AuthenticationService
MODULE
 
Constructor Summary
AuthenticationServiceBase()
           
 
Method Summary
 Serviceable apply(java.lang.String key, java.io.Serializable value, java.util.Dictionary p)
          Apply a property change.
 boolean authenticate(java.lang.String databaseName, java.util.Properties userInfo)
          Authenticate a User inside JBMS.T his is an overload method.
 void boot(boolean create, java.util.Properties properties)
          Start this module.
protected  java.lang.String encryptPassword(java.lang.String plainTxtUserPassword)
          This method encrypts a clear user password using a Single Hash algorithm such as SHA-1 (SHA equivalent) (it is a 160 bits digest) The digest is returned as an object string.
 java.lang.String getDatabaseProperty(java.lang.String key)
           
 java.lang.String getProperty(java.lang.String key)
          Returns a property if it was set at the database or system level.
 java.lang.String getSystemProperty(java.lang.String key)
           
 void init(boolean dbOnly, java.util.Dictionary p)
          Initialize the properties for this callback.
 java.io.Serializable map(java.lang.String key, java.io.Serializable value, java.util.Dictionary p)
          Map a proposed new value for a property to an official value.
protected  boolean requireAuthentication(java.util.Properties properties)
           
protected  void setAuthenticationService(UserAuthenticator aScheme)
           
 void stop()
          Stop the module.
static byte[] toHexByte(java.lang.String str, int offset, int length)
          Convert a string into a byte array in hex format.
 boolean validate(java.lang.String key, java.io.Serializable value, java.util.Dictionary p)
          Validate a property change.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.derby.iapi.services.monitor.ModuleSupportable
canSupport
 

Field Detail

authenticationScheme

protected UserAuthenticator authenticationScheme

store

private AccessFactory store

AuthenticationTrace

public static final java.lang.String AuthenticationTrace
Trace flag to trace authentication operations


ID_PATTERN_NEW_SCHEME

public static final java.lang.String ID_PATTERN_NEW_SCHEME
Pattern that is prefixed to the stored password in the new authentication scheme

See Also:
Constant Field Values

MAGICLEN_NEWENCRYPT_SCHEME

public static final int MAGICLEN_NEWENCRYPT_SCHEME
Length of the encrypted password in the new authentication scheme See Beetle4601

See Also:
Constant Field Values
Constructor Detail

AuthenticationServiceBase

public AuthenticationServiceBase()
Method Detail

setAuthenticationService

protected void setAuthenticationService(UserAuthenticator aScheme)

boot

public void boot(boolean create,
                 java.util.Properties properties)
          throws StandardException
Start this module. In this case, nothing needs to be done.

Specified by:
boot in interface ModuleControl
Throws:
StandardException - upon failure to load/boot the expected authentication service.
See Also:
ModuleControl.boot(boolean, java.util.Properties)

stop

public void stop()
Description copied from interface: ModuleControl
Stop the module. The module may be found via a findModule() method until some time after this method returns. Therefore the factory must be prepared to reject requests to it once it has been stopped. In addition other modules may cache a reference to the module and make requests of it after it has been stopped, these requests should be rejected as well.

Specified by:
stop in interface ModuleControl
See Also:
ModuleControl.stop()

authenticate

public boolean authenticate(java.lang.String databaseName,
                            java.util.Properties userInfo)
                     throws java.sql.SQLException
Authenticate a User inside JBMS.T his is an overload method. We're passed-in a Properties object containing user credentials information (as well as database name if user needs to be validated for a certain database access).

Specified by:
authenticate in interface AuthenticationService
Parameters:
userInfo - Connection properties info. failure.
Throws:
java.sql.SQLException
See Also:
AuthenticationService.authenticate(java.lang.String, java.util.Properties)

getProperty

public java.lang.String getProperty(java.lang.String key)
Returns a property if it was set at the database or system level. Treated as SERVICE property by default.

Returns:
a property string value.

getDatabaseProperty

public java.lang.String getDatabaseProperty(java.lang.String key)

getSystemProperty

public java.lang.String getSystemProperty(java.lang.String key)

init

public void init(boolean dbOnly,
                 java.util.Dictionary p)
Description copied from interface: PropertySetCallback
Initialize the properties for this callback. Called when addPropertySetNotification() is called with a non-null transaction controller. This allows code to set read its initial property values at boot time.

Code within an init() method should use the 3 argument PropertyUtil method getPropertyFromSet() to obtain a property's value.

Specified by:
init in interface PropertySetCallback
Parameters:
dbOnly - true if only per-database properties are to be looked at
p - the complete set of per-database properties.

validate

public boolean validate(java.lang.String key,
                        java.io.Serializable value,
                        java.util.Dictionary p)
Description copied from interface: PropertySetCallback
Validate a property change.

Specified by:
validate in interface PropertySetCallback
Parameters:
key - Property key for the property being set
value - proposed new value for the property being set or null if the property is being dropped.
p - Property set before the change. SettingProperty may read but must never change p.
Returns:
true if this object was interested in this property, false otherwise.
See Also:
PropertySetCallback.validate(java.lang.String, java.io.Serializable, java.util.Dictionary)

apply

public Serviceable apply(java.lang.String key,
                         java.io.Serializable value,
                         java.util.Dictionary p)
Description copied from interface: PropertySetCallback
Apply a property change. Will only be called after validate has been called and only if validate returned true. If this method is called then the new value is the value to be used, ie. the property is not set in the overriding JVM system set.

Specified by:
apply in interface PropertySetCallback
Parameters:
key - Property key for the property being set
value - proposed new value for the property being set or null if the property is being dropped.
p - Property set before the change. SettingProperty may read but must never change p.
Returns:
post commit work for the property change.
See Also:
PropertySetCallback.validate(java.lang.String, java.io.Serializable, java.util.Dictionary)

map

public java.io.Serializable map(java.lang.String key,
                                java.io.Serializable value,
                                java.util.Dictionary p)
                         throws StandardException
Description copied from interface: PropertySetCallback
Map a proposed new value for a property to an official value. Will only be called after apply() has been called.

Specified by:
map in interface PropertySetCallback
Parameters:
key - Property key for the property being set
value - proposed new value for the property being set or null if the property is being dropped.
p - Property set before the change. SettingProperty may read but must never change p.
Returns:
new value for the change
Throws:
StandardException - Thrown on error.
See Also:
PropertySetCallback.map(java.lang.String, java.io.Serializable, java.util.Dictionary)

requireAuthentication

protected final boolean requireAuthentication(java.util.Properties properties)

encryptPassword

protected java.lang.String encryptPassword(java.lang.String plainTxtUserPassword)
This method encrypts a clear user password using a Single Hash algorithm such as SHA-1 (SHA equivalent) (it is a 160 bits digest) The digest is returned as an object string.

Parameters:
plainTxtUserPassword - Plain text user password
Returns:
encrypted user password (digest) as a String object

toHexByte

public static byte[] toHexByte(java.lang.String str,
                               int offset,
                               int length)
Convert a string into a byte array in hex format.
For each character (b) two bytes are generated, the first byte represents the high nibble (4 bits) in hexidecimal (b & 0xf0), the second byte represents the low nibble (b & 0x0f).
The character at str.charAt(0) is represented by the first two bytes in the returned String.

Parameters:
str - string
offset - starting character (zero based) to convert.
length - number of characters to convert.
Returns:
the byte[] (with hexidecimal format) form of the string (str)

Built on Mon 2007-06-04 09:58:47+0400, from revision ???

Apache Derby V10.1 Engine Documentation - Copyright © 1997,2005 The Apache Software Foundation or its licensors, as applicable.