Beispiel #1
0
  public String[] getAuthenticationSQL() {

    HsqlArrayList list = new HsqlArrayList();
    String[] array;

    if (pwCheckFunction != null) {
      StringBuffer sb = new StringBuffer();

      sb.append(Tokens.T_SET).append(' ').append(Tokens.T_DATABASE);
      sb.append(' ').append(Tokens.T_PASSWORD).append(' ');
      sb.append(Tokens.T_CHECK).append(' ').append(Tokens.T_FUNCTION);
      sb.append(' ');
      sb.append(pwCheckFunction.getSQLBodyDefinition());
      list.add(sb.toString());
    }

    if (extAuthenticationFunction != null) {
      StringBuffer sb = new StringBuffer();

      sb.append(Tokens.T_SET).append(' ').append(Tokens.T_DATABASE);
      sb.append(' ').append(Tokens.T_AUTHENTICATION).append(' ');
      sb.append(Tokens.T_FUNCTION).append(' ');
      sb.append(extAuthenticationFunction.getSQLBodyDefinition());
      list.add(sb.toString());
    }

    array = new String[list.size()];

    list.toArray(array);

    return array;
  }
Beispiel #2
0
  public boolean checkComplexity(Session session, String password) {

    if (session == null || pwCheckFunction == null) {
      return true;
    }

    Result result = pwCheckFunction.invoke(session, new Object[] {password}, null, true);
    Boolean check = (Boolean) result.getValueObject();

    if (check == null || !check.booleanValue()) {
      return false;
    }

    return true;
  }
Beispiel #3
0
  /** Returns the User object with the specified name and password from this object's set. */
  public User getUser(String name, String password) {

    if (name == null) {
      name = "";
    }

    if (password == null) {
      password = "";
    }

    User user = (User) userList.get(name);
    boolean isLocal = user != null && user.isLocalOnly;

    if (extAuthenticationFunction == null || isLocal) {
      user = get(name);

      user.checkPassword(password);

      return user;
    }

    /*
     * Authentication returns String[]. When null, use the existing
     * user object only, with existing privileges.
     * When not null, ignore if user exists. Otherwise create a user and
     * assign the list of roles to the user.
     */
    Result result =
        extAuthenticationFunction.invokeJavaMethodDirect(
            new String[] {granteeManager.database.getUniqueName(), name, password});

    if (result.isError()) {
      throw Error.error(ErrorCode.X_28501, result.getMainString());
    }

    Object[] roles = (Object[]) result.getValueObject();

    if (user == null) {
      HsqlName hsqlName =
          granteeManager.database.nameManager.newHsqlName(name, true, SchemaObject.GRANTEE);

      user = createUser(null, hsqlName, "", false);
      user.isExternalOnly = true;
    }

    if (roles == null) {
      user.updateAllRights();

      return user;
    }

    // this clears all existing privileges of the user
    user.clearPrivileges();

    // assigns the roles to the user
    for (int i = 0; i < roles.length; i++) {
      try {
        Grantee role = granteeManager.getRole((String) roles[i]);

        user.grant(role);
      } catch (HsqlException e) {
      }
    }

    user.updateAllRights();

    for (int i = 0; i < roles.length; i++) {
      Schema schema = granteeManager.database.schemaManager.findSchema((String) roles[i]);

      if (schema != null) {
        user.setInitialSchema(schema.getName());

        break;
      }
    }

    return user;
  }