Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * Copyright 2014 JBoss Inc
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *      http://www.apache.org/licenses/LICENSE-2.0
   *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package io.apiman.gateway.engine.policies.auth;
 
 
 import java.util.Set;
 
 
An identity validator that uses the static information in the config to validate the user.

Author(s):
eric.wittmann@redhat.com
 
 public class JDBCIdentityValidator implements IIdentityValidator<JDBCIdentitySource> {

    
Constructor.
 
     public JDBCIdentityValidator() {
     }

    
 
     @Override
     public void validate(String usernameString passwordServiceRequest requestIPolicyContext context,
             JDBCIdentitySource configIAsyncResultHandler<Booleanhandler) {
         DataSource ds = null;
         try {
             ds = lookupDatasource(config);
         } catch (Throwable t) {
             handler.handle(AsyncResultImpl.create(tBoolean.class));
             return;
         }
         String sqlPwd = password;
         switch (config.getHashAlgorithm()) {
         case :
             sqlPwd = DigestUtils.md5Hex(password);
             break;
         case :
             sqlPwd = DigestUtils.sha1Hex(password);
             break;
         case :
             sqlPwd = DigestUtils.sha256Hex(password);
             break;
         case :
             sqlPwd = DigestUtils.sha384Hex(password);
             break;
         case :
             sqlPwd = DigestUtils.sha512Hex(password);
             break;
         case :
         default:
             break;
         }
         String query = config.getQuery();
         Connection conn = null;
         boolean validated = false;
         try {
             // Get a JDBC connection
             conn = ds.getConnection();
             conn.setReadOnly(true);
 
             // Validate the user exists and the password matches.
             PreparedStatement statement = conn.prepareStatement(query);
             statement.setString(1, username);
             statement.setString(2, sqlPwd);
             ResultSet resultSet = statement.executeQuery();
             if (resultSet.next()) {
                validated = true;
            }
            resultSet.close();
            statement.close();
            // Extract roles from the DB
            if (config.isExtractRoles()) {
                statement = conn.prepareStatement(config.getRoleQuery());
                statement.setString(1, username);
                resultSet = statement.executeQuery();
                Set<StringextractedRoles = new HashSet<>();
                while (resultSet.next()) {
                    String roleName = resultSet.getString(1);
                    extractedRoles.add(roleName);
                }
                resultSet.close();
                statement.close();
                // Save the extracted roles to the policy context for use by e.g.
                // the Authorization policy (if configured).
                context.setAttribute(.extractedRoles);
            }
            handler.handle(AsyncResultImpl.create(validated));
        } catch (Exception e) {
            handler.handle(AsyncResultImpl.create(eBoolean.class));
        } finally {
            if (conn != null) {
                try { conn.close(); } catch (SQLException e) { }
            }
        }
    }

    
Lookup the datasource from JNDI.

Parameters:
config
    private DataSource lookupDatasource(JDBCIdentitySource config) {
        DataSource ds = null;
        try {
            InitialContext ctx = new InitialContext();
            ds = lookupDS(ctxconfig.getDatasourcePath());
            if (ds == null) {
                ds = lookupDS(ctx"java:comp/env/" + config.getDatasourcePath()); //$NON-NLS-1$
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
        if (ds == null) {
            throw new RuntimeException("Datasource not found: " + config.getDatasourcePath()); //$NON-NLS-1$
        }
        return ds;
    }

    
Lookup the datasource from JNDI.

Parameters:
ctx
path
    private DataSource lookupDS(InitialContext ctxString path) {
        try {
            return (DataSourcectx.lookup(path);
        } catch (NamingException e) {
            return null;
        }
    }
New to GrepCode? Check out our FAQ X