TrustedUserAuthenticator.java example

Explorer

gaiandb-master
- java
  - Asset
  - IntegrationSamples
    - com
      - ibm
        gaiandb
        distributed
        SampleProcedures.java
        SampleUDFs.java
        embedding
        SampleApplicationEmbeddingGaian.java
        policy
        SamplePolicyForClusterPrivacy.java
        SamplePolicyNoFilters.java
        vti
        SampleHelloWorldVTI.java
        SamplePluralizedVTI.java
  - PolicyPlugins
    - com
      - ibm
        gaiandb
        plugins
        dsm
        GaianNeighbourProvider.java
        OpinionsBasedRouterDSM.java
        wpml
        GenericPolicyPluginForWPML.java
        PerfTestingPlugin.java
        PolicyEnabledFilter.java
        Util.java
        schema
        AccessLogger.java
        Column.java
        DataSource.java
        IColumn.java
        IRow.java
        QueryContext.java
        RMG_specific_access.java
        Row.java
  - Prototype
    - Connectors
      - com
        ibm
        gaiandb
        clientseeker
        AbstractSeeker.java
        GaianRegistryDescriptorImpl.java
        NetworkUtils.java
        RegistryDescriptor.java
        RegistrySeeker.java
        ResourceNotFoundException.java
        jdbc
        discoveryclient
        ConnectionPoolDataSource.java
        DiscoveryDriver.java
        GaianConnectionSeeker.java
        GaianPooledConnection.java
        lite
        LiteConnection.java
        LiteDriver.java
        LiteGaianStatement.java
        LiteParameterMetaData.java
        LitePreparedStatement.java
        TableResultExtractor.java
        webserver
        WebServer.java
        windowsservice
        WindowsService.java
    - SVA-Security
      - com
        ibm
        gaiandb
        security
        client
        GSSPrivilegedAction.java
        GSSPrivilegedDelegateAction.java
        JavaAuth.java
        common
        KerberosToken.java
        SecurityToken.java
        server
        GSSServerPrivilegedAction.java
        authn
        KerberosUserAuthenticator.java
        TokenUserAuthenticator.java
        TrustedUserAuthenticator.java
    - UDPDriver
      - com
        ibm
        gaiandb
        udpdriver
        client
        ClientListener.java
        UDPConnection.java
        UDPDriver.java
        UDPDriverClientException.java
        UDPParameterMetaData.java
        UDPPreparedStatement.java
        UDPResultSet.java
        UDPResultSetMetaData.java
        UDPStatement.java
        ValuesDecoder.java
        common
        RowsFilter.java
        SocketHelper.java
        Util.java
        protocol
        CloseRequest.java
        ExecuteQueryRequest.java
        ExecuteQueryResponse.java
        Message.java
        MessageFactory.java
        MetaData.java
        NextValuesRequest.java
        NextValuesResponse.java
        QueryRequest.java
        ResponseWithValues.java
        UDPProtocolException.java
        server
        ClientState.java
        ConnectionManager.java
        RunnableWorker.java
        ServerListener.java
        SpecificByteArrayOutputStream.java
        UDPDriverServer.java
        UDPDriverServerException.java
        ValuesEncoder.java

/*
 * (C) Copyright IBM Corp. 2012
 *
 * LICENSE: Eclipse Public License v1.0
 * http://www.eclipse.org/legal/epl-v10.html
 */
package com.ibm.gaiandb.security.server.authn;
/*
 * An authenticator for the GaianDB identity assertion strategy.
 */
import java.sql.SQLException;
import java.util.Properties;

import org.apache.derby.authentication.UserAuthenticator;
import org.apache.derby.impl.jdbc.authentication.BasicAuthenticationServiceImpl;

import com.ibm.gaiandb.Logger;

public class TrustedUserAuthenticator implements UserAuthenticator {

//	Use PROPRIETARY notice if class contains a main() method, otherwise use COPYRIGHT notice.
	public static final String COPYRIGHT_NOTICE = "(c) Copyright IBM Corp. 2012";

	private static final Logger logger = new Logger( "TrustedUserAuthenticator", 30 );
	
	private static final String GAIAN_PROXYUID_KEY = "proxy-user";
	private static final String GAIAN_PROXYPWD_KEY = "proxy-pwd";
	
	private static final BasicAuthenticationServiceImpl basAuth = new BasicAuthenticationServiceImpl(); 

	/**
	 * authenticate a user with the credentials provided, fallback to basic authentication if needed
	 * @param String userName
	 * @param String passwordOrSid
	 * @param String dbName
	 * @param Properties info
	 * @return boolean whether or not the user is authenticated.
	 */
	@Override
	public boolean authenticateUser(String userName, String passwordOrSid, String dbName, Properties info) throws SQLException {
		boolean res = false;

		// authenticate assertor's identity, checking first that an identity has been asserted!
		if (null != userName && null != info) {
			String proxyUID = info.getProperty(GAIAN_PROXYUID_KEY);
			String proxyPwd = info.getProperty(GAIAN_PROXYPWD_KEY);

			if (null != proxyUID && null != proxyPwd) {
				// first call Derby DEFAULT authenticator
				res = basAuth.authenticateUser(proxyUID, proxyPwd, dbName, new Properties());
			}
		}
		if (!res) {
			logger.logInfo("Couldn't authenticate securely, falling back to basic auth");
			res = basAuth.authenticateUser(userName, passwordOrSid, dbName, new Properties());  // drop back to Basic if no asserted id
		}
		
		return res;
	}

}