[jboss-user] [Security & JAAS/JBoss] - JBoss SSO and Oracle
edgoquist
do-not-reply at jboss.com
Thu Feb 26 17:37:45 EST 2009
I'm trying to get SSO working with my Oracle database. According to the documentation I've seen so far, I'll need to implement a LoginProvider. Before I get too far, I'd like to make sure I'm on the right track.
I'm assuming that all of the elements that are defined in the sso.cfg.xml will be available to my LoginProvider thanks to the SSO mechanism that will call the setProperties() method of my provider.
(I know that the following are incomplete)
sso.cfg.xml :
| <jboss-sso>
| <identity-management>
| <login>
| <provider id="si:my:oracle:login" class="my.security.OracleLoginProvider">
| <property name="connectionURL">jdbc:oracle:thin:@localhost:1521:orcl</property>
| <property name="username">user</property>
| <property name="password">pass</property>
| <property name="existsSQL">select 'ok' from user_table where login_id=?</property>
| <property name="loginSQL">select 'ok' from user_table where login_id=? and password=?</property>
| </provider>
| </login>
| </identity-management>
| </jboss-sso>
|
Here's what I have so far for the LoginProvider:
|
| package my.security;
|
| import org.jboss.security.idm.*;
| import java.security.Principal;
| import java.util.Collection;
| import java.sql.*;
|
| public class OracleLoginProvider implements LoginProvider {
|
| static { // is there a better way to do this?
| java.sql.DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());
| }
|
| private Properties props;
| private String id;
|
| public OracleLoginProvider() {
| }
|
| public String setId(String id) throws IdentityException {
| this.id = id;
| }
|
| public String getId() throws IdentityException {
| return id;
| }
|
| public boolean exists(Principal principal) throws IdentityException, SQLException {
| return exists(principal.getName());
| }
|
| public boolean exists(String username) throws IdentityException, SQLException {
| Connection conn = connect();
|
| // username and existsQuery are set in sso.cfg.xml
| String username = props.getProperty("username");
| String sql = props.getProperty("existsQuery");
|
| try {
| PreparedStatement ps = conn.prepareStatement(sql);
| ps.setString(1, username);
| ResultSet rs = ps.executeQuery();
| return rs.next();
| }
| finally { conn.close(); }
| }
|
| public Identity read(Principal principal) throws IdentityException {
| return read(principal.getName());
| }
|
| public Identity read(String username) throws IdentityException {
| Identity ident = new Identity();
| ident.setUserName(username);
| // need to set roles too.
| return ident;
| }
|
|
| public boolean login(Principal principal,byte[] password) throws IdentityException;
|
| public boolean login(String username,byte[] password) throws IdentityException;
|
| public Collection readAllRoles() throws IdentityException;
|
| public void setProperties(Properties props) {
| this.props = props;
| }
|
| private java.sql.Connection connect () {
| // connectionURL, username and password are set in sso.cfg.xml
| String url = props.getProperty("connectionURL");
| String username = props.getProperty("username");
| String password = props.getProperty("password");
|
| return DriverManager.getConnection(url, username, password);
| }
|
| }
|
Does that look right?
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4213543#4213543
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4213543
More information about the jboss-user
mailing list