Skip to Content

Changes for page org.clazzes.login.sql

Last modified by christoph_lechleitner@iteg_at on 2013-07-15 01.30:42
From version 10.1
edited by christoph_lechleitner@iteg_at
on 2013-07-15 01.30:42
Change comment: There is no comment for this version
To version 2.1
edited by christoph_lechleitner@iteg_at
on 2013-01-18 05.10:06
Change comment: First throw at hopefully complete configuration specs

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -org.clazzes.login.sql
1 +org.clazzes.login.sql (work in progress)
Content
... ... @@ -1,7 +1,5 @@
1 -= {{id name="org.clazzes.login.sql-Introduction"/}}Introduction =
1 +The jaas-login-service is provided as an OSGi bundle, which may be activated by
2 2  
3 -The {{code language="none"}}sql-login-service{{/code}} is provided as an OSGi bundle, which may be activated by
4 -
5 5  (% class="code" %)
6 6  (((
7 7  obr:addurl http:~/~/maven.clazzes.org/repository.xml
... ... @@ -16,18 +16,108 @@
16 16  <artifactId>sql-login-service</artifactId>
17 17  )))
18 18  
19 -= {{id name="org.clazzes.login.sql-Functionality"/}}Functionality =
17 +=== {{id name="org.clazzes.login.sql-Functionality"/}}Functionality ===
20 20  
21 21  The SQL login service authenticates against users in a SQL database, using configurable SQL queries.
22 22  
23 23  There are no plans to support authentication domains, because typical standalone login systems do not care for domains.
24 24  
25 -= {{id name="org.clazzes.login.sql-Configuration"/}}Configuration =
23 +=== {{id name="org.clazzes.login.sql-Configuration"/}}Configuration ===
26 26  
27 -With version 1.2 we introducted a new feature (support for multiple authentication domains covered by distinct databases) and switched to [[JDBC-Provider>>doc:UTIL.Multi-DataSource pooling with JDBC-Provider.WebHome]] as DataSource pool.
25 +The SQL login service may be configured using the OSGi configuration PID {{code language="none"}}org.clazzes.login.sql{{/code}} using these configuration values:
28 28  
29 -Therefor the configuration depends on the version of {{code language="none"}}sql-login-service{{/code}} used:
27 +(% class="wiki-content" %)
28 +(((
29 +
30 30  
31 -(% style="list-style-type: square;" %)
32 -* [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.sql.Configuring org\.clazzes\.login\.sql 1\.0 to 1\.1.WebHome]]
33 -* [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.sql.Configuring org\.clazzes\.login\.sql 1\.2+.WebHome]]
31 +|=(((
32 +(% class="tablesorter-header-inner" %)
33 +(((
34 +Key
35 +)))
36 +)))|=(((
37 +(% class="tablesorter-header-inner" %)
38 +(((
39 +Description
40 +)))
41 +)))
42 +|(((
43 +{{code language="none"}}
44 +defaultDomain
45 +{{/code}}
46 +)))|(((
47 +Optional. Defaults to an empty string.
48 +
49 +The login domain to use for principals when the request did not contain a domain.
50 +)))
51 +|(((
52 +{{code language="none"}}
53 +groupsByUserIdQuery
54 +{{/code}}
55 +)))|(((
56 +Optional. Required for //getGroups// feature.
57 +
58 +SQL template for a prepared statement to query the group IDs and group names of the groups of which the user specified by a userId is a member.
59 +
60 +Example:
61 +{{code language="none"}}SELECT g.groupId, g.groupName FROM groups AS g, users AS u, memberships AS mgroupName
62 + WHERE u.userId=?
63 +AND m.userId = u.id
64 + AND g.id = m.groupId
65 + ORDER BY g.groupId {{/code}}
66 +)))
67 +|(((
68 +{{code language="none"}}
69 +defaultPasswordAlgorithm
70 +{{/code}}
71 +)))|(((
72 +Optional. Defaults to {{code language="none"}}crypt{{/code}}
73 +
74 +Values supported so far: {{code language="none"}}crypt{{/code}}, {{code language="none"}}ssha1{{/code}}, {{code language="none"}}plain{{/code}}.
75 +
76 +Password fields may contain:
77 +
78 +* the password encrypted using the default password algorithm, or
79 +* a LDAP style algorithm prefix and the password encrypted with the algorithm specified in the prefix. Example: {{code language="none"}}{PLAIN}badPassword{{/code}}
80 +)))
81 +|(((
82 +{{code language="none"}}
83 +setUserPasswordStatement
84 +{{/code}}
85 +)))|(((
86 +Optional. Required for //changePassword// feature.
87 +
88 +SQL template for a prepared statement to set a new password for the user.
89 +
90 +Example:
91 +{{code language="none"}}UPDATE users SET encryptedPassword=? WHERE userId=?{{/code}}
92 +)))
93 +|(((
94 +{{code language="none"}}
95 +userByUserIdQuery
96 +{{/code}}
97 +)))|(((
98 +SQL template for a prepared statement to query userId, encrypted password, pretty name and e-mail address of a user specified by a userId.
99 +If the pretty name is not part of the database, reuse the userId field.
100 +If the e-mail address is not part of the database, use a constant like '' or null.
101 +
102 +Example:
103 +{{code language="none"}}SELECT userId, encryptedPassword, userName, mailAdr FROM users WHERE userId=?{{/code}}
104 +)))
105 +|(((
106 +{{code language="none"}}
107 +userIdsByGroupIdQuery
108 +{{/code}}
109 +)))|(((
110 +Optional. Required for //getGroupMembers// feature.
111 +
112 +SQL template for a prepared statement to query the user IDs of the members of the group specified by a groupId.
113 +
114 +Example:
115 +{{code language="none"}}SELECT u.userId FROM groups AS g, users AS u, memberships AS mgroupName
116 + WHERE g.groupId=?
117 +AND m.groupId = g.id
118 + AND u.id = m.userId
119 + ORDER BY g.userId {{/code}}
120 +)))
121 +)))
Confluence.Code.ConfluencePageClass[0]
Id
... ... @@ -1,1 +1,1 @@
1 -688660
1 +688791
Title
... ... @@ -1,1 +1,1 @@
1 -org.clazzes.login.sql
1 +org.clazzes.login.sql (work in progress)
URL
... ... @@ -1,1 +1,1 @@
1 -https://clazzes.atlassian.net/wiki/spaces/LOGIN/pages/688660/org.clazzes.login.sql
1 +https://clazzes.atlassian.net/wiki/spaces/LOGIN/pages/688791/org.clazzes.login.sql (work in progress)