Package org.conical.common.bbl.auth

Class DatabaseAuthenticator

java.lang.Object
org.conical.common.bbl.auth.DatabaseAuthenticator
All Implemented Interfaces:
Authenticator
public class DatabaseAuthenticator extends Object implements Authenticator
Authenticates users and assigns access roles based on custom database tables. For now, that is:
  • Accesses the USERS table in Oracle for user attributes and password checking
  • Assigns COORDINATOR role via the COORDINATOR column in that table
  • Assigns all other roles via the USER_ROLES table
Author:
rdoherty

  • Constructor Details

    • DatabaseAuthenticator

      public DatabaseAuthenticator(AuthConfig config) throws AuthenticationException
      Creates a new instance with the given config
      Parameters:
      config - configuration (must be a database configuration)
      Throws:
      AuthenticationException - if error occurs creating the Authenticator

    • DatabaseAuthenticator

      public DatabaseAuthenticator(String jndiName) throws AuthenticationException
      Creates a new instance using a DataSource configured in JNDI. Looks up the resource using the passed name.
      Parameters:
      jndiName - JNDI name the desired data source is registered under
      Throws:
      AuthenticationException - if unable to look up data source

  • Method Details

    • getAuthenticatedUser

      public User getAuthenticatedUser(String username, String password) throws AuthenticationException
      Checks the password for the passed user. If valid, returns user attributes and all known roles. If not, returns null. Note that the caller is responsible for encrypting the password using the same algorithm used to store the password originally. No password transformation is performed.
      Specified by:
      getAuthenticatedUser in interface Authenticator
      Parameters:
      username - username to check
      password - password to check
      Returns:
      authenticated user, or null
      Throws:
      AuthenticationException - if an error occurs while authenticating

    • getUnauthenticatedUser

      public User getUnauthenticatedUser(String username) throws AuthenticationException
      Looks up user attributes without authenticating, and returns them. If no user with the passed name can be found, returns null
      Specified by:
      getUnauthenticatedUser in interface Authenticator
      Parameters:
      username - user for which to search
      Returns:
      unauthenticated user, or null
      Throws:
      AuthenticationException - if an error occurs while searching for the user

    • isValidUser

      public boolean isValidUser(String username, String password) throws AuthenticationException
      Checks if the given username and password represents a valid user. Same rules as getAuthenticatedUser().
      Specified by:
      isValidUser in interface Authenticator
      Parameters:
      username - username to check
      password - to check
      Returns:
      true if valid user, else false
      Throws:
      AuthenticationException - if an error occurs while authenticating

    • userHasRole

      public boolean userHasRole(String username, String role) throws AuthenticationException
      Returns true if user has the passed role, else false.
      Specified by:
      userHasRole in interface Authenticator
      Parameters:
      username - user to check
      role - role to check
      Returns:
      true if user has role, else false
      Throws:
      AuthenticationException - if an error occurs while looking up user or roles