WebLogic Server 6.0 Code Examples, BEA Systems, Inc.

examples.security.rdbmsrealm
Class RDBMSRealm

java.lang.Object
  |
  +--weblogic.security.acl.AbstractListableRealm
        |
        +--weblogic.security.acl.AbstractManageableRealm
              |
              +--examples.security.rdbmsrealm.RDBMSRealm
All Implemented Interfaces:
weblogic.security.acl.BasicRealm, weblogic.security.acl.DebuggableRealm, weblogic.security.acl.DelegatedRealm, weblogic.security.acl.FlatGroup.Source, weblogic.security.acl.ListableRealm, weblogic.security.acl.ManageableRealm, java.io.Serializable

public class RDBMSRealm
extends weblogic.security.acl.AbstractManageableRealm
implements weblogic.security.acl.DebuggableRealm

This class represents empty groups or ACLs. For historical reasons, the database schema in the RDBMS code example does not allow empty groups or ACLs to be represented in the database. If you need to be able to represent empty groups or ACLs, you must rearrange the schema which may require some code changes to this class and the RDBMSDelegate class.

This realm class does not implement some realm methods (notably ACL creation and deletion).

Author:
Copyright (c) 1998-2000 by BEA Systems, Inc. All Rights Reserved.

Field Summary
(package private)  weblogic.logging.LogOutputStream log
          The debugging log.
 
Constructor Summary
RDBMSRealm()
          Creates a new RDBMS realm object.
 
Method Summary
(package private)  boolean addGroupMember(RDBMSGroup group, java.security.Principal member)
          Adds a member to a group.
protected  weblogic.security.acl.User authUserPassword(java.lang.String name, java.lang.String passwd)
          Authenticates the given user.
(package private)  RDBMSGroup createGroup(java.lang.String name, java.util.Hashtable members)
          Factory method for creating new group objects.
protected  weblogic.security.utils.Pool createPool(int size)
          Creates a pool of delegates.
(package private)  weblogic.security.acl.User createUser(java.lang.String name, java.lang.String passwd)
          Factory method for creating new user objects.
 void deleteGroup(java.security.acl.Group group)
          Deletes a group.
 void deleteUser(weblogic.security.acl.User user)
          Deletes a user.
 java.security.acl.Acl getAcl(java.lang.String name)
          Returns the ACL with the given name.
 java.util.Enumeration getAcls()
          Returns an enumeration of all ACLs in the database.
 weblogic.logging.LogOutputStream getDebugLog()
          Obtains the debug log, if it is enabled.
protected  RDBMSDelegate getDelegate()
          Obtains a delegate from the pool.
 java.security.acl.Group getGroup(java.lang.String name)
          Returns the group with the given name.
protected  java.util.Hashtable getGroupMembersInternal(java.lang.String name)
           
 java.util.Enumeration getGroups()
          Returns an enumeration of all groups in the database.
 java.security.acl.Permission getPermission(java.lang.String name)
          Gets a Permission that matches the specified name.
 java.util.Enumeration getPermissions()
          Returns an enumeration of all permissions in the database.
protected  java.security.Principal getPrincipal(java.lang.String name)
          Returns the principal with the given name.
 weblogic.security.acl.User getUser(java.lang.String name)
          Returns the user with the given name.
 java.util.Enumeration getUsers()
          Returns an enumeration of all users in the database.
 weblogic.security.acl.User newUser(java.lang.String name, java.lang.Object credential, java.lang.Object constraints)
          Creates a new User.
(package private)  boolean removeGroupMember(RDBMSGroup group, java.security.Principal member)
          Removes a member from a group.
protected  void returnDelegate(RDBMSDelegate delegate)
          Returns a delegate to the pool.
 void setDebug(boolean enable)
          Enables or disables debug logging.
 
Methods inherited from class weblogic.security.acl.AbstractManageableRealm
deleteAcl, deletePermission, newAcl, newGroup, newPermission, setPermission
 
Methods inherited from class weblogic.security.acl.AbstractListableRealm
authCertificates, authenticate, authInternal, authSSLCertificates, getAcl, getAclOwner, getDelegator, getGroupMembers, getName, getUser, init, load, save, setDelegator
 
Methods inherited from class java.lang.Object
, clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface weblogic.security.acl.BasicRealm
getAcl, getAclOwner, getName, getUser, init, load, save
 

Field Detail

log

weblogic.logging.LogOutputStream log
The debugging log. This may be null.
Constructor Detail

RDBMSRealm

public RDBMSRealm()
Creates a new RDBMS realm object.
Method Detail

addGroupMember

boolean addGroupMember(RDBMSGroup group,
                       java.security.Principal member)
Adds a member to a group.
Parameters:
group - the group to add to
principal - the principal to add
Returns:
true
Throws:
RDBMSException - an error occurred in communicating with the database

authUserPassword

protected weblogic.security.acl.User authUserPassword(java.lang.String name,
                                                      java.lang.String passwd)
Authenticates the given user. If authentication is successful, a User object is returned for that user. Otherwise, null is returned.
Overrides:
authUserPassword in class weblogic.security.acl.AbstractListableRealm
Returns:
the authenticated user, or null
Throws:
RDBMSException - an error occurred in communicating with the database

createGroup

RDBMSGroup createGroup(java.lang.String name,
                       java.util.Hashtable members)
Factory method for creating new group objects.

createPool

protected weblogic.security.utils.Pool createPool(int size)
Creates a pool of delegates. The objects returned by the pool's factory method must extend the RDBMSDelegate class or the server will not start.
Parameters:
size - the number of pool instances to maintain

createUser

weblogic.security.acl.User createUser(java.lang.String name,
                                      java.lang.String passwd)
Factory method for creating new user objects.

deleteGroup

public void deleteGroup(java.security.acl.Group group)
                 throws java.lang.SecurityException
Deletes a group. Deletes the group from both the group membership table and the ACL entry table.

Warning: Due to the database schema, if you delete a group that is the only member of one or more ACLs, those ACLs will also disappear! This may cause unexpected exceptions at runtime.

Overrides:
deleteGroup in class weblogic.security.acl.AbstractManageableRealm
Parameters:
group - the group to delete
Throws:
java.lang.SecurityException - invalid group

deleteUser

public void deleteUser(weblogic.security.acl.User user)
                throws java.lang.SecurityException
Deletes a user. This removes the user from the users table, from the group membership, and ACL entry tables.

Warning: Due to the database schema, if you delete a user that is the only member of one or more groups or ACLs those groups or ACLs will also disappear! This may cause unexpected exceptions at runtime.

Overrides:
deleteUser in class weblogic.security.acl.AbstractManageableRealm
Parameters:
user - the user to delete
Throws:
java.lang.SecurityException - invalid user

getAcl

public java.security.acl.Acl getAcl(java.lang.String name)
Returns the ACL with the given name. Returns null if the ACL does not exist in the database.
Overrides:
getAcl in class weblogic.security.acl.AbstractListableRealm
Parameters:
name - the name to obtain
Returns:
the ACL, or null if none
Throws:
RDBMSException - an error occurred in communicating with the database

getAcls

public java.util.Enumeration getAcls()
Returns an enumeration of all ACLs in the database. Each element of the Enumeration is an Acl object. The RDBMS security realm, does not support empty ACLs.
Overrides:
getAcls in class weblogic.security.acl.AbstractListableRealm
Returns:
all ACLs
Throws:
RDBMSException - an error occurred in communicating with the database
See Also:
Acl

getDebugLog

public weblogic.logging.LogOutputStream getDebugLog()
Obtains the debug log, if it is enabled.
Specified by:
getDebugLog in interface weblogic.security.acl.DebuggableRealm

getDelegate

protected RDBMSDelegate getDelegate()
Obtains a delegate from the pool. If the pool is empty, this may cause a new delegate to be created and handed back to us. If a fatal error occurs when you are using a delegate, do not return it to the pool. You can do this by setting your reference to the delegate to null and calling returnDelegate() as usual; it will do the right thing.
Throws:
RDBMSException - an error occurred in communicating with the database
See Also:
returnDelegate(examples.security.rdbmsrealm.RDBMSDelegate)

getGroup

public java.security.acl.Group getGroup(java.lang.String name)
Returns the group with the given name. Returns null if the group does not exist in the database.
Overrides:
getGroup in class weblogic.security.acl.AbstractListableRealm
Parameters:
name - the name to obtain
Returns:
the group, or null if none
Throws:
RDBMSException - an error occurred in communicating with the database

getGroupMembersInternal

protected java.util.Hashtable getGroupMembersInternal(java.lang.String name)
Overrides:
getGroupMembersInternal in class weblogic.security.acl.AbstractListableRealm

getGroups

public java.util.Enumeration getGroups()
Returns an enumeration of all groups in the database. Each element of the enumeration is a Group object. Note that in the RDBMS security realm, empty groups cannot currently exist.
Overrides:
getGroups in class weblogic.security.acl.AbstractListableRealm
Returns:
all groups
Throws:
RDBMSException - an error occurred in communicating with the database
See Also:
Group

getPermission

public java.security.acl.Permission getPermission(java.lang.String name)
Gets a Permission that matches the specified name. If no such permission exists in the database, null is returned.
Overrides:
getPermission in class weblogic.security.acl.AbstractListableRealm
Parameters:
name - the name of the permission
Returns:
permission object, or nullp
Throws:
RDBMSException - an error occurred in communicating with the database

getPermissions

public java.util.Enumeration getPermissions()
Returns an enumeration of all permissions in the database. Each element of the Enumeration is a Permission object.
Overrides:
getPermissions in class weblogic.security.acl.AbstractListableRealm
Returns:
all permissions
Throws:
RDBMSException - an error occurred in communicating with the database
See Also:
Permission

getPrincipal

protected java.security.Principal getPrincipal(java.lang.String name)
Returns the principal with the given name. Returns null if the principal does not exist in the database.
Parameters:
name - the name to obtain
Returns:
the principal, or null if none
Throws:
RDBMSException - an error occurred in communicating with the database

getUser

public weblogic.security.acl.User getUser(java.lang.String name)
Returns the user with the given name. Returns null if the user does not exist in the database.
Overrides:
getUser in class weblogic.security.acl.AbstractListableRealm
Parameters:
name - the name to obtain
Returns:
the user, or null if none
Throws:
RDBMSException - an error occurred in communicating with the database

getUsers

public java.util.Enumeration getUsers()
Returns an enumeration of all users in the database. Each element of the Enumeration is a User object.
Overrides:
getUsers in class weblogic.security.acl.AbstractListableRealm
Returns:
all users
Throws:
RDBMSException - an error occurred in communicating with the database
See Also:
User

newUser

public weblogic.security.acl.User newUser(java.lang.String name,
                                          java.lang.Object credential,
                                          java.lang.Object constraints)
                                   throws java.lang.SecurityException
Creates a new User.
Overrides:
newUser in class weblogic.security.acl.AbstractManageableRealm
Parameters:
name - the name of the new user
credential - the credential for the user (must be a plaintext password)
constraints - null, for this realm
Returns:
the new User
Throws:
java.lang.SecurityException - invalid credential or constraint

removeGroupMember

boolean removeGroupMember(RDBMSGroup group,
                          java.security.Principal member)
Removes a member from a group.
Parameters:
group - the group to remove from
principal - the principal to remove
Returns:
true
Throws:
RDBMSException - an error occurred in communicating with the database

returnDelegate

protected void returnDelegate(RDBMSDelegate delegate)
Returns a delegate to the pool. If the delegate was set to null because of errors nothing is done.
See Also:
getDelegate()

setDebug

public void setDebug(boolean enable)
Enables or disables debug logging.
Specified by:
setDebug in interface weblogic.security.acl.DebuggableRealm

Documentation is available at
http://e-docs.bea.com/wls/docs60

Copyright © 2000 BEA Systems, Inc. All Rights Reserved.