Class BasicAuthenticationServiceImpl

java.lang.Object
org.apache.derby.impl.jdbc.authentication.AuthenticationServiceBase
org.apache.derby.impl.jdbc.authentication.BasicAuthenticationServiceImpl
All Implemented Interfaces:
UserAuthenticator, AuthenticationService, ModuleControl, ModuleSupportable, PropertySetCallback

public final class BasicAuthenticationServiceImpl extends AuthenticationServiceBase implements UserAuthenticator
This authentication service is the basic Derby user authentication level support. It is activated upon setting derby.authentication.provider database or system property to 'BUILTIN'.

It instantiates and calls the basic User authentication scheme at runtime.

In 2.0, users can now be defined as database properties. If derby.database.propertiesOnly is set to true, then in this case, only users defined as database properties for the current database will be considered.

  • Constructor Details

    • BasicAuthenticationServiceImpl

      public BasicAuthenticationServiceImpl()
  • Method Details

    • canSupport

      public boolean canSupport(Properties properties)
      Check if we should activate this authentication service.
      Specified by:
      canSupport in interface ModuleSupportable
      Returns:
      true if this instance can be used, false otherwise.
    • boot

      public void boot(boolean create, Properties properties) throws StandardException
      Description copied from class: AuthenticationServiceBase
      Start this module. In this case, nothing needs to be done.
      Specified by:
      boot in interface ModuleControl
      Overrides:
      boot in class AuthenticationServiceBase
      Throws:
      StandardException - upon failure to load/boot the expected authentication service.
      See Also:
    • authenticateUser

      public boolean authenticateUser(String userName, String userPassword, String databaseName, Properties info) throws SQLException
      Authenticate the passed-in user's credentials.
      Specified by:
      authenticateUser in interface UserAuthenticator
      Parameters:
      userName - The user's name used to connect to JBMS system
      userPassword - The user's password used to connect to JBMS system
      databaseName - The database which the user wants to connect to.
      info - Additional jdbc connection info.
      Returns:
      false if the connection request should be denied, true if the connection request should proceed. If false is returned the connection attempt will receive a SQLException with SQL State 08004.
      Throws:
      SQLException - An exception processing the request, connection request will be denied. The SQL exception will be returned to the connection attempt.
    • hashPasswordUsingStoredAlgorithm

      private String hashPasswordUsingStoredAlgorithm(String user, String password, String storedPassword) throws StandardException
      Hash a password using the same algorithm as we used to generate the stored password token.
      Parameters:
      user - the user whose password to hash
      password - the plaintext password
      storedPassword - the password token that's stored in the database
      Returns:
      a digest of the password created the same way as the stored password
      Throws:
      StandardException - if the password cannot be hashed with the requested algorithm