Changes for page org.clazzes.login.sql

Summary

• Page properties (1 modified, 0 added, 0 removed)
• Objects (1 modified, 0 added, 0 removed)
  • Confluence.Code.ConfluencePageClass[0]

Details

Page properties

Content

...	...	@@ -16,8 +16,10 @@
16	16
17	17	=== {{id name="org.clazzes.login.sql-Functionality"/}}Functionality ===
18	18
19		-The SQL login service authenticates against users in a SQL database.
	19	+The SQL login service authenticates against users in a SQL database, using configurable SQL queries.
20	20
	21	+There are no plans to support authentication domains, because typical standalone login systems do not care for domains.
	22	+
21	21	=== {{id name="org.clazzes.login.sql-Configuration"/}}Configuration ===
22	22
23	23	The SQL login service may be configured using the OSGi configuration PID {{code language="none"}}org.clazzes.login.sql{{/code}} using these configuration values:
...	...	@@ -24,6 +24,8 @@
24	24
25	25	(% class="wiki-content" %)
26	26	(((
	29	+
	30	+
27	27	|=(((
28	28	(% class="tablesorter-header-inner" %)
29	29	(((
...	...	@@ -32,22 +32,103 @@
32	32	)))|=(((
33	33	(% class="tablesorter-header-inner" %)
34	34	(((
35		-Default Value
36		-)))
37		-)))|=(((
38		-(% class="tablesorter-header-inner" %)
39		-(((
40	40	Description
41	41	)))
42	42	)))
43	43	|(((
44	44	{{code language="none"}}
	44	+deactivateUserStatement
	45	+{{/code}}
	46	+)))|(((
	47	+Not implemented yet. Optional. Required for //deactivateUser// feature.
	48	+
	49	+SQL template for a prepared statement to deactivate a user.
	50	+
	51	+Example:
	52	+{{code language="none"}}UPDATE users SET encryptedPassword='{disabled}' WHERE userId=?{{/code}}
	53	+)))
	54	+|(((
	55	+{{code language="none"}}
45	45	defaultDomain
46	46	{{/code}}
47	47	)))|(((
48		-(% style="font-family: monospace;" %)-
	59	+Optional. Defaults to an empty string.
	60	+
	61	+If set to an empty string, the domain parameter of request queries does not get checked but is filled in in returned principals.
	62	+
	63	+If set to a non-empty string, requests for other domains are refused.
	64	+
	65	+Support for databases maintaining multiple authentication domains might be added in the future, but I do not believe multi-domain setups even exist outside the LDAP/ADS world.
	66	+)))
	67	+|(((
	68	+{{code language="none"}}
	69	+groupsByUserIdQuery
	70	+{{/code}}
49	49	)))|(((
50		-The login domain to use for principals, which do not contain a domain.
51		-May be left null for domain-less databases
	72	+Optional. Required for //getGroups// feature.
	73	+
	74	+SQL template for a prepared statement to query the group IDs and group names of the groups of which the user specified by a userId is a member.
	75	+
	76	+Example:
	77	+{{code language="none"}}SELECT g.groupId, g.groupName FROM groups AS g, users AS u, memberships AS mgroupName
	78	+ WHERE u.userId=?
	79	+AND m.userId = u.id
	80	+ AND g.id = m.groupId
	81	+ ORDER BY g.groupId {{/code}}
52	52	)))
	83	+|(((
	84	+{{code language="none"}}
	85	+defaultPasswordAlgorithm
	86	+{{/code}}
	87	+)))|(((
	88	+Optional. Defaults to {{code language="none"}}crypt{{/code}}
	89	+
	90	+Values supported so far: {{code language="none"}}crypt{{/code}}, {{code language="none"}}ssha1{{/code}}, {{code language="none"}}plain{{/code}}.
	91	+
	92	+Password fields may contain:
	93	+
	94	+* the password encrypted using the default password algorithm, or
	95	+* a LDAP style algorithm prefix and the password encrypted with the algorithm specified in the prefix. Example: {{code language="none"}}{PLAIN}badPassword{{/code}}
53	53	)))
	97	+|(((
	98	+{{code language="none"}}
	99	+setUserPasswordStatement
	100	+{{/code}}
	101	+)))|(((
	102	+Optional. Required for //changePassword// feature.
	103	+
	104	+SQL template for a prepared statement to set a new password for the user.
	105	+
	106	+Example:
	107	+{{code language="none"}}UPDATE users SET encryptedPassword=? WHERE userId=?{{/code}}
	108	+)))
	109	+|(((
	110	+{{code language="none"}}
	111	+userByUserIdQuery
	112	+{{/code}}
	113	+)))|(((
	114	+SQL template for a prepared statement to query userId, encrypted password, pretty name and e-mail address of a user specified by a userId.
	115	+If the pretty name is not part of the database, reuse the userId field.
	116	+If the e-mail address is not part of the database, use a constant like '' or null.
	117	+
	118	+Example:
	119	+{{code language="none"}}SELECT userId, encryptedPassword, userName, mailAdr FROM users WHERE userId=?{{/code}}
	120	+)))
	121	+|(((
	122	+{{code language="none"}}
	123	+usersByGroupIdQuery
	124	+{{/code}}
	125	+)))|(((
	126	+Optional. Required for //getGroupMembers// feature.
	127	+
	128	+SQL template for a prepared statement to query the user IDs, user names and e-mail-addresses of the members of the group specified by a groupId.
	129	+
	130	+Example:
	131	+{{code language="none"}}SELECT u.userId, u.userName, u.mailAdr
	132	+ FROM groups AS g, users AS u, memberships AS mgroupName
	133	+ WHERE g.groupId=?
	134	+AND m.groupId = g.id
	135	+ AND u.id = m.userId
	136	+ ORDER BY g.userId {{/code}}
	137	+)))
	138	+)))

Confluence.Code.ConfluencePageClass[0]

Id

...	...	@@ -1,1 +1,1 @@
1		-688785
	1	+688979

URL

...	...	@@ -1,1 +1,1 @@
1		-https://clazzes.atlassian.net/wiki/spaces/LOGIN/pages/688785/org.clazzes.login.sql (work in progress)
	1	+https://clazzes.atlassian.net/wiki/spaces/LOGIN/pages/688979/org.clazzes.login.sql (work in progress)