Package org.h2.security.auth
Class DefaultAuthenticator
- java.lang.Object
-
- org.h2.security.auth.DefaultAuthenticator
-
- All Implemented Interfaces:
Authenticator
public class DefaultAuthenticator extends java.lang.Object implements Authenticator
Default authenticator implementation.When client connectionInfo contains property AUTHREALM={realName} credentials (typically user id and password) are validated by
CredentialsValidator
configured for that realm.When client connectionInfo doesn't contains AUTHREALM property credentials are validated internally on the database
Rights assignment can be managed through
UserToRolesMapper
Default configuration has a realm H2 that validate credentials through JAAS api (appName=h2). To customize configuration set h2.authConfigFile system property to refer a valid h2auth.xml config file
-
-
Field Summary
Fields Modifier and Type Field Description private boolean
allowUserRegistration
private boolean
createMissingRoles
static java.lang.String
DEFAULT_REALMNAME
private boolean
initialized
private static DefaultAuthenticator
instance
private boolean
persistUsers
private java.util.Map<java.lang.String,CredentialsValidator>
realms
private boolean
skipDefaultInitialization
private java.util.List<UserToRolesMapper>
userToRolesMappers
-
Constructor Summary
Constructors Constructor Description DefaultAuthenticator()
Create the Authenticator with default configurationsDefaultAuthenticator(boolean skipDefaultInitialization)
Create authenticator and optionally skip the default configuration.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addRealm(java.lang.String name, CredentialsValidator credentialsValidator)
Add an authentication realm.User
authenticate(AuthenticationInfo authenticationInfo, Database database)
Perform user authentication.private void
configureFrom(H2AuthConfig config)
void
configureFromUrl(java.net.URL configUrl)
Configure the authenticator from a configuration fileprivate void
defaultConfiguration()
protected static DefaultAuthenticator
getInstance()
java.util.List<UserToRolesMapper>
getUserToRolesMappers()
UserToRoleMappers assign roles to authenticated usersvoid
init(Database database)
Initializes the authenticator.boolean
isAllowUserRegistration()
If set create external users in the database if not present.boolean
isCreateMissingRoles()
When set create roles not found in the database.boolean
isPersistUsers()
If set save users externals defined during the authentication.void
setAllowUserRegistration(boolean allowUserRegistration)
If set totrue
creates external users in the database if not present.void
setCreateMissingRoles(boolean createMissingRoles)
Sets the flag that define behavior in case external roles not found in the database.void
setPersistUsers(boolean persistUsers)
If set totrue
saves users externals defined during the authentication.void
setUserToRolesMappers(UserToRolesMapper... userToRolesMappers)
private boolean
updateRoles(AuthenticationInfo authenticationInfo, User user, Database database)
-
-
-
Field Detail
-
DEFAULT_REALMNAME
public static final java.lang.String DEFAULT_REALMNAME
- See Also:
- Constant Field Values
-
realms
private java.util.Map<java.lang.String,CredentialsValidator> realms
-
userToRolesMappers
private java.util.List<UserToRolesMapper> userToRolesMappers
-
allowUserRegistration
private boolean allowUserRegistration
-
persistUsers
private boolean persistUsers
-
createMissingRoles
private boolean createMissingRoles
-
skipDefaultInitialization
private boolean skipDefaultInitialization
-
initialized
private boolean initialized
-
instance
private static DefaultAuthenticator instance
-
-
Constructor Detail
-
DefaultAuthenticator
public DefaultAuthenticator()
Create the Authenticator with default configurations
-
DefaultAuthenticator
public DefaultAuthenticator(boolean skipDefaultInitialization)
Create authenticator and optionally skip the default configuration. This option is useful when the authenticator is configured at code level- Parameters:
skipDefaultInitialization
- if true default initialization is skipped
-
-
Method Detail
-
getInstance
protected static final DefaultAuthenticator getInstance()
-
isPersistUsers
public boolean isPersistUsers()
If set save users externals defined during the authentication.- Returns:
true
if user will be persisted, otherwise returnsfalse
-
setPersistUsers
public void setPersistUsers(boolean persistUsers)
If set totrue
saves users externals defined during the authentication.- Parameters:
persistUsers
-true
if user will be persisted, otherwisefalse
.
-
isAllowUserRegistration
public boolean isAllowUserRegistration()
If set create external users in the database if not present.- Returns:
true
if creation external user is allowed, otherwise returnsfalse
-
setAllowUserRegistration
public void setAllowUserRegistration(boolean allowUserRegistration)
If set totrue
creates external users in the database if not present.- Parameters:
allowUserRegistration
-true
if creation external user is allowed, otherwise returnsfalse
-
isCreateMissingRoles
public boolean isCreateMissingRoles()
When set create roles not found in the database. If not set roles not found in the database are silently skipped.- Returns:
true
if not found roles will be created,false
roles are silently skipped.
-
setCreateMissingRoles
public void setCreateMissingRoles(boolean createMissingRoles)
Sets the flag that define behavior in case external roles not found in the database.- Parameters:
createMissingRoles
- when istrue
not found roles are created, when isfalse
roles are silently skipped.
-
addRealm
public void addRealm(java.lang.String name, CredentialsValidator credentialsValidator)
Add an authentication realm. Realms are case insensitive- Parameters:
name
- realm namecredentialsValidator
- credentials validator for realm
-
getUserToRolesMappers
public java.util.List<UserToRolesMapper> getUserToRolesMappers()
UserToRoleMappers assign roles to authenticated users- Returns:
- current UserToRoleMappers active
-
setUserToRolesMappers
public void setUserToRolesMappers(UserToRolesMapper... userToRolesMappers)
-
init
public void init(Database database) throws AuthConfigException
Initializes the authenticator. this method is skipped if skipDefaultInitialization is set Order of initialization is- Check h2.authConfigFile system property.
- Use the default configuration hard coded
- Specified by:
init
in interfaceAuthenticator
- Parameters:
database
- where authenticator is initialized- Throws:
AuthConfigException
-
defaultConfiguration
private void defaultConfiguration()
-
configureFromUrl
public void configureFromUrl(java.net.URL configUrl) throws AuthenticationException, org.xml.sax.SAXException, java.io.IOException, javax.xml.parsers.ParserConfigurationException
Configure the authenticator from a configuration file- Parameters:
configUrl
- URL of configuration file- Throws:
AuthenticationException
- on failureorg.xml.sax.SAXException
- on failurejava.io.IOException
- on failurejavax.xml.parsers.ParserConfigurationException
- on failure
-
configureFrom
private void configureFrom(H2AuthConfig config) throws AuthenticationException
- Throws:
AuthenticationException
-
updateRoles
private boolean updateRoles(AuthenticationInfo authenticationInfo, User user, Database database) throws AuthenticationException
- Throws:
AuthenticationException
-
authenticate
public final User authenticate(AuthenticationInfo authenticationInfo, Database database) throws AuthenticationException
Description copied from interface:Authenticator
Perform user authentication.- Specified by:
authenticate
in interfaceAuthenticator
- Parameters:
authenticationInfo
- authentication info.database
- target database instance.- Returns:
- valid database user or null if user doesn't exists in the database
- Throws:
AuthenticationException
- on failure
-
-