Class NativeAuthenticationServiceImpl

java.lang.Object
org.apache.derby.impl.jdbc.authentication.AuthenticationServiceBase
org.apache.derby.impl.jdbc.authentication.NativeAuthenticationServiceImpl
All Implemented Interfaces:
UserAuthenticator, AuthenticationService, ModuleControl, ModuleSupportable, PropertySetCallback
public final class NativeAuthenticationServiceImpl extends AuthenticationServiceBase implements UserAuthenticator

This authentication service supports Derby NATIVE authentication.

To activate this service, set the derby.authentication.provider database or system property to a value beginning with the token "NATIVE:".

This service instantiates and calls the basic User authentication scheme at runtime.

User credentials are defined in the SYSUSERS table.

  • Field Details

    • _creatingCredentialsDB

      private boolean _creatingCredentialsDB
      ////////////////////////////////////////////////////////////////////////////////

    • _credentialsDB

      private String _credentialsDB

    • _authenticateDatabaseOperationsLocally

      private boolean _authenticateDatabaseOperationsLocally

    • _passwordLifetimeMillis

      private long _passwordLifetimeMillis

    • _passwordExpirationThreshold

      private double _passwordExpirationThreshold

    • _badlyFormattedPasswordProperty

      private String _badlyFormattedPasswordProperty

  • Constructor Details

    • NativeAuthenticationServiceImpl

      public NativeAuthenticationServiceImpl()

  • Method Details

    • canSupport

      public boolean canSupport(Properties properties)
      Check if we should activate this authentication service.
      Specified by:
      canSupport in interface ModuleSupportable
      Returns:
      true if this instance can be used, false otherwise.

    • parseNativeSpecification

      private void parseNativeSpecification(Properties properties)

      Parse the specification of NATIVE authentication. It can take 3 forms:

      • NATIVE:$credentialsDB - Here $credentialsDB is the name of a Derby database. This means that all authentication should take place in $credentialsDB.
      • NATIVE:$credentialsDB:LOCAL- This means that system-wide operations (like engine shutdown) are authenticated in $credentialsDB but connections to existing databases are authenticated in those databases.
      • NATIVE::LOCAL - This means that connections to a given database are authenticated in that database.

    • validAuthenticationProvider

      private boolean validAuthenticationProvider() throws StandardException

      Return true if AUTHENTICATION_PROVIDER_PARAMETER was well formatted. The property must have designated some database as the authentication authority.

      Throws:
      StandardException

    • boot

      public void boot(boolean create, Properties properties) throws StandardException
      Description copied from class: AuthenticationServiceBase
      Start this module. In this case, nothing needs to be done.
      Specified by:
      boot in interface ModuleControl
      Overrides:
      boot in class AuthenticationServiceBase
      Throws:
      StandardException - upon failure to load/boot the expected authentication service.
      See Also:

    • getSystemCredentialsDatabaseName

      public String getSystemCredentialsDatabaseName()
      Override behavior in superclass
      Specified by:
      getSystemCredentialsDatabaseName in interface AuthenticationService
      Overrides:
      getSystemCredentialsDatabaseName in class AuthenticationServiceBase

    • authenticateUser

      public boolean authenticateUser(String userName, String userPassword, String databaseName, Properties info) throws SQLException
      Authenticate the passed-in user's credentials.
      Specified by:
      authenticateUser in interface UserAuthenticator
      Parameters:
      userName - The user's name used to connect to JBMS system
      userPassword - The user's password used to connect to JBMS system
      databaseName - The database which the user wants to connect to.
      info - Additional jdbc connection info.
      Returns:
      false if the connection request should be denied, true if the connection request should proceed. If false is returned the connection attempt will receive a SQLException with SQL State 08004.
      Throws:
      SQLException - An exception processing the request, connection request will be denied. The SQL exception will be returned to the connection attempt.

    • authenticatingInThisDatabase

      private boolean authenticatingInThisDatabase(String userVisibleDatabaseName) throws StandardException

      Return true if we are authenticating in this database.

      Throws:
      StandardException

    • authenticatingInThisService

      private boolean authenticatingInThisService(String canonicalDatabaseName) throws StandardException

      Return true if we are authenticating in this service.

      Throws:
      StandardException

    • isCredentialsService

      private boolean isCredentialsService(String canonicalDatabaseName) throws StandardException

      Return true if the passed in service is the credentials database.

      Throws:
      StandardException

    • getCanonicalServiceName

      private String getCanonicalServiceName() throws StandardException
      Get the canonical name of the current database service
      Throws:
      StandardException

    • getCanonicalServiceName

      private String getCanonicalServiceName(String rawName) throws StandardException
      Turn a service name into its normalized, standard form
      Throws:
      StandardException

    • authenticateRemotely

      private boolean authenticateRemotely(String userName, String userPassword, String databaseName) throws StandardException, SQLWarning
      Authenticate the passed-in credentials against another Derby database. This is done by getting a connection to the credentials database using the supplied username and password. If the connection attempts succeeds, then authentication succeeds.
      Parameters:
      userName - The user's name used to connect to JBMS system
      userPassword - The user's password used to connect to JBMS system
      databaseName - The database which the user wants to connect to.
      Throws:
      StandardException
      SQLWarning

    • wrap

      private StandardException wrap(Throwable t)

    • authenticateLocally

      private boolean authenticateLocally(String userName, String userPassword, String databaseName) throws StandardException, SQLException
      Authenticate the passed-in credentials against the local database.
      Parameters:
      userName - The user's name used to connect to JBMS system
      userPassword - The user's password used to connect to JBMS system
      databaseName - The database which the user wants to connect to.
      Throws:
      StandardException
      SQLException

    • getMonitor

      private static ModuleFactory getMonitor()
      Privileged Monitor lookup. Must be private so that user code can't call this entry point.

    • getServiceName

      private static String getServiceName(Object serviceModule)
      Privileged Monitor lookup. Must be private so that user code can't call this entry point.