Home » openejb-3.1.2-src » org.apache » openejb » core » security » jaas » [javadoc | source]
org.apache.openejb.core.security.jaas
public class: SQLLoginModule [javadoc | source]
java.lang.Object
   org.apache.openejb.core.security.jaas.SQLLoginModule

All Implemented Interfaces:
    LoginModule

A login module that loads security information from a SQL database. Expects to be run by a GenericSecurityRealm (doesn't work on its own).

This requires database connectivity information (either 1: a dataSourceName and optional dataSourceApplication or 2: a JDBC driver, URL, username, and password) and 2 SQL queries.

The userSelect query should return 2 values, the username and the password in that order. It should include one PreparedStatement parameter (a ?) which will be filled in with the username. In other words, the query should look like: SELECT user, password FROM credentials WHERE username=?

The groupSelect query should return 2 values, the username and the group name in that order (but it may return multiple rows, one per group). It should include one PreparedStatement parameter (a ?) which will be filled in with the username. In other words, the query should look like: SELECT user, role FROM user_roles WHERE username=?

This login module checks security credentials so the lifecycle methods must return true to indicate success or throw LoginException to indicate failure.

Method from org.apache.openejb.core.security.jaas.SQLLoginModule Summary:
abort,   commit,   initialize,   login,   logout
Methods from java.lang.Object:
clone,   equals,   finalize,   getClass,   hashCode,   notify,   notifyAll,   toString,   wait,   wait,   wait
Method from org.apache.openejb.core.security.jaas.SQLLoginModule Detail:
 public boolean abort() throws LoginException 
 public boolean commit() throws LoginException 
 public  void initialize(Subject subject,
    CallbackHandler callbackHandler,
    Map sharedState,
    Map options) 
 public boolean login() throws LoginException 
    This LoginModule is not to be ignored. So, this method should never return false.
 public boolean logout() throws LoginException