Changeset 36023


Ignore:
Timestamp:
2022-01-25T12:47:02+13:00 (4 months ago)
Author:
cstephen
Message:

Migrated the GoogleSigninJDBCRealm to use a DataSourceRealm as a backing source.

The tomcat context file, greenstone3.xml, has been updated accordingly to setup the Realm correctly.

Location:
main/trunk/greenstone3
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone3/resources/tomcat/greenstone3.xml.svn

    r35354 r36023  
     1<!-- For deployment-time modifications ensure that you are editing greenstone3.xml.in, found in resources/tomcat. -->
    12<!-- set allowLinking to true if you want to use symlinks to files or directories outside the docBase directory -->
    23<!-- set reloadable to false for a production version. if true, automatically reloads the webapp if it detects changes in classes or lib directories -->
     
    1011    allowLinking="@allowlinking@"
    1112    xmlBlockExternal="false">
     13
    1214    <Resources allowLinking="@allowlinking@" />
    1315
    14 <!--
    15    For embedded derby db:
    16    driverName="org.apache.derby.jdbc.EmbeddedDriver"
    17    connectionURL="jdbc:derby:@gsdl3webhome@/etc/usersDB"
    18 --> 
    19     <Realm className="org.greenstone.gsdl3.GoogleSigninJDBCRealm"
    20         driverName="org.apache.derby.jdbc.ClientDriver"
    21         connectionURL="jdbc:derby://@derbyserver@:@derbyserverport@/@gsdl3webhome@/etc/usersDB"
    22         userTable="users" userNameCol="username" userCredCol="password"     
    23         userRoleTable="roles" roleNameCol="role"
    24         userEmailCol="email"
    25         googlesigninClientId="@googlesigninclientid@"
    26         />
     16    <!--
     17        For embedded derby db:
     18        driverName="org.apache.derby.jdbc.EmbeddedDriver"
     19        connectionURL="jdbc:derby:@gsdl3webhome@/etc/usersDB"
     20    -->
     21    <!--
     22        JNDI resources require the validationQuery parameter if you are using validations (which we are).
     23        A list of values for this parameter, depending on your database driver, can be found here:
     24        https://stackoverflow.com/questions/10684244/dbcp-validationquery-for-different-databases
     25        For more info about why you need the parameter value, see here:
     26        https://stackoverflow.com/a/41232124
     27    -->
     28    <Resource
     29        name="jdbc/realmDB"
     30        auth="Container"
     31        type="javax.sql.DataSource"
     32        maxActive="10"
     33        maxIdle="4"
     34        maxWaitMillis="10000"
     35        validationQuery="values 1"
     36        driverClassName="org.apache.derby.jdbc.ClientDriver"
     37        url="jdbc:derby://@derbyserver@:@derbyserverport@/@gsdl3webhome@/etc/usersDB" />
     38
     39    <Realm className="org.apache.catalina.realm.LockOutRealm">
     40        <Realm
     41            className="org.greenstone.gsdl3.GoogleSigninJDBCRealm"
     42            userTable="USERS" userNameCol="USERNAME" userCredCol="PASSWORD"
     43            userRoleTable="ROLES" roleNameCol="ROLE"
     44            userEmailCol="email"
     45            googlesigninClientId="@googlesigninclientid@"
     46            localDataSource="true"
     47            dataSourceName="jdbc/realmDB" />
     48    </Realm>
     49
    2750    <!-- Session Manager. Default values are used. See
    2851         packages/tomcat/webapps/docs/config/manager.html for more info.
  • main/trunk/greenstone3/src/java/org/greenstone/gsdl3/GoogleSigninJDBCRealm.java

    r35350 r36023  
    2121
    2222import java.security.Principal;
    23 import java.security.GeneralSecurityException;
    24 import java.security.SecureRandom;
    2523import java.sql.Connection;
    26 import java.sql.Driver;
    2724import java.sql.PreparedStatement;
    2825import java.sql.ResultSet;
    2926import java.sql.SQLException;
    30 import java.util.ArrayList;
    31 import java.util.Arrays;
    3227import java.util.Collections;
    33 import java.util.Enumeration;
    34 import java.util.HashMap;
    35 import java.util.Hashtable;
    36 import java.util.Iterator;
    3728import java.util.List;
    38 import java.util.Map;
    39 
    40 import javax.servlet.http.HttpServletRequest;
    41 import javax.servlet.http.HttpServletResponse;
    42 import javax.servlet.http.HttpSession;
    43 
    44 import org.apache.catalina.realm.JDBCRealm;
    45 import org.apache.catalina.realm.GenericPrincipal;
     29
     30import org.apache.catalina.realm.DataSourceRealm;
    4631import org.apache.catalina.LifecycleException;
    47 import org.apache.juli.logging.Log;
    48 import org.apache.juli.logging.LogFactory;
    4932import org.apache.tomcat.util.ExceptionUtils;
    5033
     
    5841
    5942
    60 import org.greenstone.gsdl3.util.GSParams;
    61 
    62 
    63 // Custome Realm class desgin loosely based off (in order) details in:
     43// Custom Realm class desgin loosely based off (in order) details in:
    6444//   https://dzone.com/articles/how-to-implement-a-new-realm-in-tomcat
    6545//   https://blog.krybot.com/a?ID=01300-14edb945-73b0-433b-8e80-c6870e350cf2
     
    7151//
    7252
    73 // In terms of addin in DEBUG statements, you need to trigger this through
     53// In terms of adding in DEBUG statements, you need to trigger this through
    7454//   tomcat/conf/logging.properies:
    7555// Otherwise even the 'old faithful' approach of printing all debug statements
     
    10686
    10787       
    108 public class GoogleSigninJDBCRealm extends JDBCRealm
     88public class GoogleSigninJDBCRealm extends DataSourceRealm
    10989{
    11090
     
    223203     * @exception SQLException if a database error occurs
    224204     */
    225     protected PreparedStatement emailToUsername(Connection dbConnection,
    226                         String emailAddress)
    227     throws SQLException
    228     {
    229         if (preparedEmailToUsername == null) {
     205    protected PreparedStatement emailToUsername(Connection dbConnection, String emailAddress)
     206        throws SQLException
     207    {
     208        if (preparedEmailToUsername == null)
     209        {
    230210            StringBuilder sb = new StringBuilder("SELECT ");
    231211            sb.append(userNameCol);
     
    259239     * @return the username associated with the given principal's email address
    260240     */
    261     protected synchronized String getUsernameFromEmail(String email_address) {
    262 
     241    protected synchronized String getUsernameFromEmail(String email_address)
     242    {
    263243        // Look up the username
    264244        String dbUsername = null;
     
    274254        int numberOfTries = 2;
    275255
    276     // Note: The following code is based on that in JDBCRealm for running SQL queries,
    277     //       however, it has by changed from the try-resource code pattern to using
    278     //       to a more explictly laid out version so it is compatible with versions
    279     //       of JDK prior to 1.8
    280    
    281     ResultSet rs = null;
    282         while (numberOfTries > 0) {
    283             try {
    284                 // Ensure that we have an open database connection
    285                 open();
    286 
     256        // Note: The following code is based on that in JDBCRealm for running SQL queries,
     257        //       however, it has by changed from the try-resource code pattern to using
     258        //       to a more explictly laid out version so it is compatible with versions
     259        //       of JDK prior to 1.8
     260        // Note (cstephen, 14/01/2022): The code has been updated to work with a DataSourceRealm
     261       
     262        ResultSet rs = null;
     263        while (numberOfTries > 0)
     264        {
     265            Connection dbConnection = open();
     266            if (dbConnection == null) {
     267                continue;
     268            }
     269
     270            try
     271            {
    287272                PreparedStatement stmt = emailToUsername(dbConnection, email_address);
    288         rs = stmt.executeQuery();
    289        
    290         if (rs.next()) {
    291             dbUsername = rs.getString(1);
    292         }
    293        
    294         dbConnection.commit();
    295        
    296         if (dbUsername != null) {
    297             dbUsername = dbUsername.trim();
    298         }
    299        
    300         rs.close();
    301         rs = null;
    302        
    303         return dbUsername;
    304         }
    305         catch (SQLException e) {
     273                rs = stmt.executeQuery();
     274       
     275                if (rs.next()) {
     276                    dbUsername = rs.getString(1);
     277                }
     278               
     279                dbConnection.commit();
     280               
     281                if (dbUsername != null) {
     282                    dbUsername = dbUsername.trim();
     283                }
     284               
     285                rs.close();
     286                rs = null;
     287               
     288                return dbUsername;
     289            }
     290            catch (SQLException e)
     291            {
    306292                // Log the problem for posterity
    307                 containerLog.error(sm.getString("jdbcRealm.exception"), e);
    308        
    309             }
    310 
    311         if (rs != null) {
    312         try {
    313             rs.close();
    314         }
    315         catch (SQLException e) {
    316             containerLog.error(sm.getString("jdbcRealm.exception trying to close() ResultSet"), e);
    317         }
    318         rs = null;
    319         }
     293                containerLog.error(sm.getString("dataSourceRealm.exception"), e);
     294            }
     295
     296            if (rs != null)
     297            {
     298                try {
     299                    rs.close();
     300                }
     301                catch (SQLException e) {
     302                    containerLog.error(sm.getString("dataSourceRealm.exception trying to close() ResultSet"), e);
     303                }
     304
     305                rs = null;
     306            }
    320307
    321308            // Close the connection so that it gets reopened next time
     
    420407    }
    421408    else {
    422         // Regular Greenstone3 User Login case
     409        // Regular Greenstone3 User Login case
     410        System.out.println("***> beginning normal authentication");
    423411        principal = super.authenticate(username,credentials);
    424412    }
Note: See TracChangeset for help on using the changeset viewer.