public boolean isExistingRole(String roleName) throws UserStoreException {

    Connection dbConnection = null;
    PreparedStatement prepStmt = null;
    ResultSet rs = null;
    boolean isExisting = false;
    try {
      dbConnection = DatabaseUtil.getDBConnection(dataSource);
      prepStmt = dbConnection.prepareStatement(SystemJDBCConstants.GET_ROLE_ID);
      prepStmt.setString(1, roleName);
      prepStmt.setInt(2, tenantId);
      rs = prepStmt.executeQuery();
      if (rs.next()) {
        int value = rs.getInt(1);
        if (value > -1) {
          isExisting = true;
        }
      }
      return isExisting;
    } catch (SQLException e) {
      String errorMessage = "Error occurred while checking is existing role : " + roleName;
      //            if (log.isDebugEnabled()) {
      //                log.debug(errorMessage, e);
      //            }
      throw new UserStoreException(errorMessage, e);
    } finally {
      DatabaseUtil.closeAllConnections(dbConnection, rs, prepStmt);
    }
  }
  private void updateStringValuesToDatabase(
      Connection dbConnection, String sqlStmt, Object... params) throws UserStoreException {
    PreparedStatement prepStmt = null;
    boolean localConnection = false;
    try {
      if (dbConnection == null) {
        localConnection = true;
        dbConnection = DatabaseUtil.getDBConnection(dataSource);
      }
      prepStmt = dbConnection.prepareStatement(sqlStmt);
      if (params != null && params.length > 0) {
        for (int i = 0; i < params.length; i++) {
          Object param = params[i];
          if (param == null) {
            throw new UserStoreException("Invalid data provided");
          } else if (param instanceof String) {
            prepStmt.setString(i + 1, (String) param);
          } else if (param instanceof Integer) {
            prepStmt.setInt(i + 1, (Integer) param);
          } else if (param instanceof Date) {
            // Timestamp timestamp = new Timestamp(((Date) param).getTime());
            // prepStmt.setTimestamp(i + 1, timestamp);
            prepStmt.setTimestamp(i + 1, new Timestamp(System.currentTimeMillis()));
          } else if (param instanceof Boolean) {
            prepStmt.setBoolean(i + 1, (Boolean) param);
          }
        }
      }
      int count = prepStmt.executeUpdate();
      //            if (count == 0) {
      //                log.info("No rows were updated");
      //            }
      //            if (log.isDebugEnabled()) {
      //                log.debug("Executed querry is " + sqlStmt + " and number of updated rows ::
      // "
      //                        + count);
      //            }

      if (localConnection) {
        dbConnection.commit();
      }
    } catch (SQLException e) {
      //            if (log.isDebugEnabled()) {
      //                log.debug(e.getMessage(), e);
      //            }
      throw new UserStoreException(e.getMessage(), e);
    } finally {
      if (localConnection) {
        DatabaseUtil.closeAllConnections(dbConnection);
      }
      DatabaseUtil.closeAllConnections(null, prepStmt);
    }
  }
Exemplo n.º 3
0
  public static void udpateUserRoleMappingInBatchMode(
      Connection dbConnection, String sqlStmt, Object... params) throws UserStoreException {
    PreparedStatement prepStmt = null;
    boolean localConnection = false;
    try {
      prepStmt = dbConnection.prepareStatement(sqlStmt);
      int batchParamIndex = -1;
      if (params != null && params.length > 0) {
        for (int i = 0; i < params.length; i++) {
          Object param = params[i];
          if (param == null) {
            throw new UserStoreException("Null data provided.");
          } else if (param instanceof String[]) {
            batchParamIndex = i;
          } else if (param instanceof String) {
            prepStmt.setString(i + 1, (String) param);
          } else if (param instanceof Integer) {
            prepStmt.setInt(i + 1, (Integer) param);
          }
        }
      }
      if (batchParamIndex != -1) {
        String[] values = (String[]) params[batchParamIndex];
        for (String value : values) {
          prepStmt.setString(batchParamIndex + 1, value);
          prepStmt.addBatch();
        }
      }

      int[] count = prepStmt.executeBatch();
      if (log.isDebugEnabled()) {
        log.debug(
            "Executed a batch update. Query is : "
                + sqlStmt
                + ": and result is"
                + Arrays.toString(count));
      }
      if (localConnection) {
        dbConnection.commit();
      }
    } catch (SQLException e) {
      log.error(e.getMessage(), e);
      log.error("Using sql : " + sqlStmt);
      throw new UserStoreException(e.getMessage(), e);
    } finally {
      if (localConnection) {
        DatabaseUtil.closeAllConnections(dbConnection);
      }
      DatabaseUtil.closeAllConnections(null, prepStmt);
    }
  }
Exemplo n.º 4
0
  public static void udpateUserRoleMappingWithExactParams(
      Connection dbConnection,
      String sqlStmt,
      String[] roles,
      String userName,
      Integer[] tenantIds,
      int currentTenantId)
      throws UserStoreException {
    PreparedStatement ps = null;
    boolean localConnection = false;
    try {
      ps = dbConnection.prepareStatement(sqlStmt);
      byte count = 0;
      byte index = 0;

      for (String role : roles) {
        count = 0;
        ps.setString(++count, role);
        ps.setInt(++count, tenantIds[index]);
        ps.setString(++count, userName);
        ps.setInt(++count, currentTenantId);
        ps.setInt(++count, currentTenantId);
        ps.setInt(++count, tenantIds[index]);

        ps.addBatch();
        ++index;
      }

      int[] cnt = ps.executeBatch();
      if (log.isDebugEnabled()) {
        log.debug(
            "Executed a batch update. Query is : "
                + sqlStmt
                + ": and result is"
                + Arrays.toString(cnt));
      }
      if (localConnection) {
        dbConnection.commit();
      }
    } catch (SQLException e) {
      log.error(e.getMessage(), e);
      log.error("Using sql : " + sqlStmt);
      throw new UserStoreException(e.getMessage(), e);
    } finally {
      if (localConnection) {
        DatabaseUtil.closeAllConnections(dbConnection);
      }
      DatabaseUtil.closeAllConnections(null, ps);
    }
  }
Exemplo n.º 5
0
 public static int getIntegerValueFromDatabase(
     Connection dbConnection, String sqlStmt, Object... params) throws UserStoreException {
   PreparedStatement prepStmt = null;
   ResultSet rs = null;
   int value = -1;
   try {
     prepStmt = dbConnection.prepareStatement(sqlStmt);
     if (params != null && params.length > 0) {
       for (int i = 0; i < params.length; i++) {
         Object param = params[i];
         if (param == null) {
           throw new UserStoreException("Null data provided.");
         } else if (param instanceof String) {
           prepStmt.setString(i + 1, (String) param);
         } else if (param instanceof Integer) {
           prepStmt.setInt(i + 1, (Integer) param);
         }
       }
     }
     rs = prepStmt.executeQuery();
     if (rs.next()) {
       value = rs.getInt(1);
     }
     return value;
   } catch (SQLException e) {
     log.error(e.getMessage(), e);
     log.error("Using sql : " + sqlStmt);
     throw new UserStoreException(e.getMessage(), e);
   } finally {
     DatabaseUtil.closeAllConnections(null, rs, prepStmt);
   }
 }
Exemplo n.º 6
0
 public void testStuff() throws Exception {
   DatabaseUtil.closeDatabasePoolConnection();
   initRealmStuff();
   doUserStuff();
   doUserRoleStuff();
   doAuthorizationStuff();
   doClaimStuff();
 }
 public String[] getSystemRoles() throws UserStoreException {
   String sqlStmt = SystemJDBCConstants.GET_ROLES;
   Connection dbConnection = null;
   try {
     dbConnection = DatabaseUtil.getDBConnection(dataSource);
     String[] roles = DatabaseUtil.getStringValuesFromDatabase(dbConnection, sqlStmt, tenantId);
     return UserCoreUtil.addDomainToNames(roles, UserCoreConstants.SYSTEM_DOMAIN_NAME);
   } catch (SQLException e) {
     String errorMessage = "Error occurred while getting system roles";
     //            if (log.isDebugEnabled()) {
     //                log.debug(errorMessage, e);
     //            }
     throw new UserStoreException(errorMessage, e);
   } finally {
     DatabaseUtil.closeAllConnections(dbConnection);
   }
 }
  public void addSystemUser(String userName, Object credential, String[] roleList)
      throws UserStoreException {

    Connection dbConnection = null;
    String password = (String) credential;
    try {
      dbConnection = DatabaseUtil.getDBConnection(dataSource);
      String sqlStmt1 = SystemJDBCConstants.ADD_USER_SQL;

      String saltValue = null;
      try {
        SecureRandom secureRandom = SecureRandom.getInstance(SHA_1_PRNG);
        byte[] bytes = new byte[16];
        // secureRandom is automatically seeded by calling nextBytes
        secureRandom.nextBytes(bytes);
        //                saltValue = Base64.encode(bytes);
      } catch (NoSuchAlgorithmException e) {
        throw new RuntimeException("SHA1PRNG algorithm could not be found.");
      }

      password = this.preparePassword(password, saltValue);

      this.updateStringValuesToDatabase(
          dbConnection, sqlStmt1, userName, password, saltValue, false, new Date(), tenantId);

      // add user to role.
      updateSystemRoleListOfUser(userName, null, roleList);

      dbConnection.commit();
    } catch (Throwable e) {
      try {
        if (dbConnection != null) {
          dbConnection.rollback();
        }
      } catch (SQLException e1) {
        //                log.error("Error while rollbacking add system user operation", e1);
      }
      //            if (log.isDebugEnabled()) {
      //                log.debug(e.getMessage(), e);
      //            }
      throw new UserStoreException(e.getMessage(), e);
    } finally {
      DatabaseUtil.closeAllConnections(dbConnection);
    }
  }
 public void testStuff() throws Exception {
   DatabaseUtil.closeDatabasePoolConnection();
   initRealmStuff();
   doRoleStuff();
   /*commenting out following since
   1. earlier cached stuff by other test cases causes test failure.
   2. there is no way to clear authorization cache from the test case*/
   // doAuthorizationStuff();
 }
  public void updateSystemRoleListOfUser(String user, String[] deletedRoles, String[] addRoles)
      throws UserStoreException {

    String sqlStmt1 = SystemJDBCConstants.REMOVE_ROLE_FROM_USER_SQL;
    String sqlStmt2 = SystemJDBCConstants.ADD_ROLE_TO_USER_SQL;
    Connection dbConnection = null;
    try {
      dbConnection = DatabaseUtil.getDBConnection(dataSource);
      String type = null;
      if (UserCoreConstants.MSSQL_TYPE.equals(type)) {
        sqlStmt2 = SystemJDBCConstants.ADD_ROLE_TO_USER_SQL_MSSQL;
      }
      if (deletedRoles != null && deletedRoles.length > 0) {
        DatabaseUtil.udpateUserRoleMappingInBatchMode(
            dbConnection, sqlStmt1, deletedRoles, tenantId, user, tenantId);
      }
      if (addRoles != null && addRoles.length > 0) {
        if (UserCoreConstants.OPENEDGE_TYPE.equals(type)) {
          sqlStmt2 = SystemJDBCConstants.ADD_ROLE_TO_USER_SQL_OPENEDGE;
          DatabaseUtil.udpateUserRoleMappingInBatchMode(
              dbConnection, sqlStmt2, user, tenantId, addRoles, tenantId);
        } else {
          DatabaseUtil.udpateUserRoleMappingInBatchMode(
              dbConnection, sqlStmt2, addRoles, tenantId, user, tenantId);
        }
      }
      dbConnection.commit();
    } catch (SQLException e) {
      String errorMessage = "Error occurred while getting system role list of user : "******"Error occurred while getting database type from DB connection";
      //            if (log.isDebugEnabled()) {
      //                log.debug(errorMessage, e);
      //            }
      throw new UserStoreException(errorMessage, e);
    } finally {
      DatabaseUtil.closeAllConnections(dbConnection);
    }
  }
  public String[] getUserListOfSystemRole(String roleName) throws UserStoreException {

    String sqlStmt = SystemJDBCConstants.GET_USER_LIST_OF_ROLE_SQL;
    Connection dbConnection = null;
    try {
      dbConnection = DatabaseUtil.getDBConnection(dataSource);
      String[] users =
          DatabaseUtil.getStringValuesFromDatabase(
              dbConnection, sqlStmt, roleName, tenantId, tenantId);
      return UserCoreUtil.addDomainToNames(users, UserCoreConstants.SYSTEM_DOMAIN_NAME);
    } catch (SQLException e) {
      String errorMessage = "Error occurred while getting user list of system role : " + roleName;
      //            if (log.isDebugEnabled()) {
      //                log.debug(errorMessage, e);
      //            }
      throw new UserStoreException(errorMessage, e);
    } finally {
      DatabaseUtil.closeAllConnections(dbConnection);
    }
  }
 public void addSystemRole(String roleName, String[] userList) throws UserStoreException {
   Connection dbConnection = null;
   try {
     dbConnection = DatabaseUtil.getDBConnection(dataSource);
     if (!this.isExistingRole(roleName)) {
       DatabaseUtil.updateDatabase(
           dbConnection, SystemJDBCConstants.ADD_ROLE_SQL, roleName, tenantId);
     }
     if (userList != null) {
       String sql = SystemJDBCConstants.ADD_USER_TO_ROLE_SQL;
       String type = null;
       if (UserCoreConstants.MSSQL_TYPE.equals(type)) {
         sql = SystemJDBCConstants.ADD_USER_TO_ROLE_SQL_MSSQL;
       }
       if (UserCoreConstants.OPENEDGE_TYPE.equals(type)) {
         sql = SystemJDBCConstants.ADD_USER_TO_ROLE_SQL_OPENEDGE;
         DatabaseUtil.udpateUserRoleMappingInBatchMode(
             dbConnection, sql, userList, tenantId, roleName, tenantId);
       } else {
         DatabaseUtil.udpateUserRoleMappingInBatchMode(
             dbConnection, sql, userList, roleName, tenantId, tenantId);
       }
     }
     dbConnection.commit();
   } catch (SQLException e) {
     String errorMessage = "Error occurred while adding system role : " + roleName;
     //            if (log.isDebugEnabled()) {
     //                log.debug(errorMessage, e);
     //            }
     throw new UserStoreException(errorMessage, e);
   } catch (Exception e) {
     String errorMessage = "Error occurred while getting database type from DB connection";
     //            if (log.isDebugEnabled()) {
     //                log.debug(errorMessage, e);
     //            }
     throw new UserStoreException(errorMessage, e);
   } finally {
     DatabaseUtil.closeAllConnections(dbConnection);
   }
 }
Exemplo n.º 13
0
 /*This retrieves two parameters, combines them and send back*/
 public static String[] getStringValuesFromDatabaseForInternalRoles(
     Connection dbConnection, String sqlStmt, Object... params) throws UserStoreException {
   String[] values = new String[0];
   PreparedStatement prepStmt = null;
   ResultSet rs = null;
   try {
     prepStmt = dbConnection.prepareStatement(sqlStmt);
     if (params != null && params.length > 0) {
       for (int i = 0; i < params.length; i++) {
         Object param = params[i];
         if (param == null) {
           throw new UserStoreException("Null data provided.");
         } else if (param instanceof String) {
           prepStmt.setString(i + 1, (String) param);
         } else if (param instanceof Integer) {
           prepStmt.setInt(i + 1, (Integer) param);
         }
       }
     }
     rs = prepStmt.executeQuery();
     List<String> lst = new ArrayList<String>();
     while (rs.next()) {
       String name = rs.getString(1);
       String domain = rs.getString(2);
       if (domain != null) {
         UserCoreUtil.addDomainToName(name, domain);
       }
       lst.add(name);
     }
     if (lst.size() > 0) {
       values = lst.toArray(new String[lst.size()]);
     }
     return values;
   } catch (SQLException e) {
     log.error(e.getMessage(), e);
     log.error("Using sql : " + sqlStmt);
     throw new UserStoreException(e.getMessage(), e);
   } finally {
     DatabaseUtil.closeAllConnections(null, rs, prepStmt);
   }
 }
Exemplo n.º 14
0
 public static void updateDatabase(Connection dbConnection, String sqlStmt, Object... params)
     throws UserStoreException {
   PreparedStatement prepStmt = null;
   try {
     prepStmt = dbConnection.prepareStatement(sqlStmt);
     if (params != null && params.length > 0) {
       for (int i = 0; i < params.length; i++) {
         Object param = params[i];
         if (param == null) {
           // allow to send null data since null allowed values can be in the table. eg: domain
           // name
           prepStmt.setString(i + 1, null);
           // throw new UserStoreException("Null data provided.");
         } else if (param instanceof String) {
           prepStmt.setString(i + 1, (String) param);
         } else if (param instanceof Integer) {
           prepStmt.setInt(i + 1, (Integer) param);
         } else if (param instanceof Short) {
           prepStmt.setShort(i + 1, (Short) param);
         } else if (param instanceof Date) {
           Date date = (Date) param;
           Timestamp time = new Timestamp(date.getTime());
           prepStmt.setTimestamp(i + 1, time);
         }
       }
     }
     int count = prepStmt.executeUpdate();
     /*if (log.isDebugEnabled()) {
         log.debug("Executed Query is " + sqlStmt + " and number of updated rows :: "
                 + count);
     }*/
   } catch (SQLException e) {
     log.error("Error! " + e.getMessage(), e);
     log.error("Using sql : " + sqlStmt);
     throw new UserStoreException("Error! " + e.getMessage(), e);
   } finally {
     DatabaseUtil.closeAllConnections(null, prepStmt);
   }
 }
Exemplo n.º 15
0
  public boolean validate(String userName, String password) {
    userName = userName.replace("&#64;", "@");
    Connection dbConnection = null;
    ResultSet rs = null;
    PreparedStatement prepStmt = null;
    String sqlstmt = null;
    boolean isAuthed = false;
    try {
      dbConnection = this.getConnection();
      dbConnection.setAutoCommit(false);
      sqlstmt = this.getSelectUser();
      if (log.isDebugEnabled()) {
        log.debug(sqlstmt);
      }
      prepStmt = dbConnection.prepareStatement(sqlstmt);
      prepStmt.setString(1, userName);
      prepStmt.setString(2, this.preparePassword(password));

      rs = prepStmt.executeQuery();

      if (rs.next() == true) {
        int count = rs.getInt("COUNT(*)");
        if (count > 0) {
          isAuthed = true;
        }
      }
    } catch (SQLException e) {
      log.error(e.getMessage(), e);
      log.error("Using sql : " + sqlstmt);
    } finally {
      DatabaseUtil.closeAllConnections(dbConnection, rs, prepStmt);
    }
    if (log.isDebugEnabled()) {
      log.debug("User " + userName + " login attempt. Login success :: " + isAuthed);
    }
    return isAuthed;
  }
  public String[] getSystemUsers() throws UserStoreException {

    Connection dbConnection = null;
    String sqlStmt = null;
    PreparedStatement prepStmt = null;
    ResultSet rs = null;
    String filter = "*";
    int maxItemLimit = 100;

    String[] systemsUsers = new String[0];
    try {

      if (filter != null && filter.trim().length() != 0) {
        filter = filter.trim();
        filter = filter.replace("*", "%");
        filter = filter.replace("?", "_");
      } else {
        filter = "%";
      }

      List<String> lst = new LinkedList<String>();

      dbConnection = DatabaseUtil.getDBConnection(dataSource);

      if (dbConnection == null) {
        throw new UserStoreException("null connection");
      }
      dbConnection.setAutoCommit(false);
      dbConnection.setTransactionIsolation(Connection.TRANSACTION_READ_COMMITTED);
      sqlStmt = SystemJDBCConstants.GET_SYSTEM_USER_FILTER_SQL;

      prepStmt = dbConnection.prepareStatement(sqlStmt);
      prepStmt.setString(1, filter);
      if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
        prepStmt.setInt(2, tenantId);
      }

      rs = prepStmt.executeQuery();

      int i = 0;
      while (rs.next()) {
        if (i < maxItemLimit) {
          String name = rs.getString(1);
          lst.add(name);
        } else {
          break;
        }
        i++;
      }
      rs.close();

      if (lst.size() > 0) {
        systemsUsers = lst.toArray(new String[lst.size()]);
      }
      Arrays.sort(systemsUsers);
      systemsUsers =
          UserCoreUtil.addDomainToNames(systemsUsers, UserCoreConstants.SYSTEM_DOMAIN_NAME);
    } catch (SQLException e) {
      String errorMessage = "Error occurred while getting system users";
      //            if (log.isDebugEnabled()) {
      //                log.debug(errorMessage, e);
      //            }
      throw new UserStoreException(errorMessage, e);
    } finally {
      DatabaseUtil.closeAllConnections(dbConnection, rs, prepStmt);
    }
    return systemsUsers;
  }
Exemplo n.º 17
0
  public static void udpateUserRoleMappingInBatchModeForInternalRoles(
      Connection dbConnection, String sqlStmt, String primaryDomain, Object... params)
      throws UserStoreException {
    PreparedStatement prepStmt = null;
    boolean localConnection = false;
    try {
      prepStmt = dbConnection.prepareStatement(sqlStmt);
      int batchParamIndex = -1;
      if (params != null && params.length > 0) {
        for (int i = 0; i < params.length; i++) {
          Object param = params[i];
          if (param == null) {
            throw new UserStoreException("Null data provided.");
          } else if (param instanceof String[]) {
            batchParamIndex = i;
          } else if (param instanceof String) {
            prepStmt.setString(i + 1, (String) param);
          } else if (param instanceof Integer) {
            prepStmt.setInt(i + 1, (Integer) param);
          }
        }
      }
      if (batchParamIndex != -1) {
        String[] values = (String[]) params[batchParamIndex];
        for (String value : values) {
          String strParam = (String) value;
          // add domain if not set
          strParam = UserCoreUtil.addDomainToName(strParam, primaryDomain);
          // get domain from name
          String domainParam = UserCoreUtil.extractDomainFromName(strParam);
          if (domainParam != null) {
            domainParam = domainParam.toUpperCase();
          }
          // set domain to sql
          prepStmt.setString(params.length + 1, domainParam);
          // remove domain before persisting
          String nameWithoutDomain = UserCoreUtil.removeDomainFromName(strParam);
          // set name in sql
          prepStmt.setString(batchParamIndex + 1, nameWithoutDomain);
          prepStmt.addBatch();
        }
      }

      int[] count = prepStmt.executeBatch();
      if (log.isDebugEnabled()) {
        log.debug(
            "Executed a batch update. Query is : "
                + sqlStmt
                + ": and result is"
                + Arrays.toString(count));
      }
      if (localConnection) {
        dbConnection.commit();
      }
    } catch (SQLException e) {
      log.error(e.getMessage(), e);
      log.error("Using sql : " + sqlStmt);
      throw new UserStoreException(e.getMessage(), e);
    } finally {
      if (localConnection) {
        DatabaseUtil.closeAllConnections(dbConnection);
      }
      DatabaseUtil.closeAllConnections(null, prepStmt);
    }
  }