- Timestamp:
- 2022-01-25T12:47:02+13:00 (2 years ago)
- Location:
- main/trunk/greenstone3
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/resources/tomcat/greenstone3.xml.svn
r35354 r36023 1 <!-- For deployment-time modifications ensure that you are editing greenstone3.xml.in, found in resources/tomcat. --> 1 2 <!-- set allowLinking to true if you want to use symlinks to files or directories outside the docBase directory --> 2 3 <!-- set reloadable to false for a production version. if true, automatically reloads the webapp if it detects changes in classes or lib directories --> … … 10 11 allowLinking="@allowlinking@" 11 12 xmlBlockExternal="false"> 13 12 14 <Resources allowLinking="@allowlinking@" /> 13 15 14 <!-- 15 For embedded derby db: 16 driverName="org.apache.derby.jdbc.EmbeddedDriver" 17 connectionURL="jdbc:derby:@gsdl3webhome@/etc/usersDB" 18 --> 19 <Realm className="org.greenstone.gsdl3.GoogleSigninJDBCRealm" 20 driverName="org.apache.derby.jdbc.ClientDriver" 21 connectionURL="jdbc:derby://@derbyserver@:@derbyserverport@/@gsdl3webhome@/etc/usersDB" 22 userTable="users" userNameCol="username" userCredCol="password" 23 userRoleTable="roles" roleNameCol="role" 24 userEmailCol="email" 25 googlesigninClientId="@googlesigninclientid@" 26 /> 16 <!-- 17 For embedded derby db: 18 driverName="org.apache.derby.jdbc.EmbeddedDriver" 19 connectionURL="jdbc:derby:@gsdl3webhome@/etc/usersDB" 20 --> 21 <!-- 22 JNDI resources require the validationQuery parameter if you are using validations (which we are). 23 A list of values for this parameter, depending on your database driver, can be found here: 24 https://stackoverflow.com/questions/10684244/dbcp-validationquery-for-different-databases 25 For more info about why you need the parameter value, see here: 26 https://stackoverflow.com/a/41232124 27 --> 28 <Resource 29 name="jdbc/realmDB" 30 auth="Container" 31 type="javax.sql.DataSource" 32 maxActive="10" 33 maxIdle="4" 34 maxWaitMillis="10000" 35 validationQuery="values 1" 36 driverClassName="org.apache.derby.jdbc.ClientDriver" 37 url="jdbc:derby://@derbyserver@:@derbyserverport@/@gsdl3webhome@/etc/usersDB" /> 38 39 <Realm className="org.apache.catalina.realm.LockOutRealm"> 40 <Realm 41 className="org.greenstone.gsdl3.GoogleSigninJDBCRealm" 42 userTable="USERS" userNameCol="USERNAME" userCredCol="PASSWORD" 43 userRoleTable="ROLES" roleNameCol="ROLE" 44 userEmailCol="email" 45 googlesigninClientId="@googlesigninclientid@" 46 localDataSource="true" 47 dataSourceName="jdbc/realmDB" /> 48 </Realm> 49 27 50 <!-- Session Manager. Default values are used. See 28 51 packages/tomcat/webapps/docs/config/manager.html for more info. -
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/GoogleSigninJDBCRealm.java
r35350 r36023 21 21 22 22 import java.security.Principal; 23 import java.security.GeneralSecurityException;24 import java.security.SecureRandom;25 23 import java.sql.Connection; 26 import java.sql.Driver;27 24 import java.sql.PreparedStatement; 28 25 import java.sql.ResultSet; 29 26 import java.sql.SQLException; 30 import java.util.ArrayList;31 import java.util.Arrays;32 27 import java.util.Collections; 33 import java.util.Enumeration;34 import java.util.HashMap;35 import java.util.Hashtable;36 import java.util.Iterator;37 28 import java.util.List; 38 import java.util.Map; 39 40 import javax.servlet.http.HttpServletRequest; 41 import javax.servlet.http.HttpServletResponse; 42 import javax.servlet.http.HttpSession; 43 44 import org.apache.catalina.realm.JDBCRealm; 45 import org.apache.catalina.realm.GenericPrincipal; 29 30 import org.apache.catalina.realm.DataSourceRealm; 46 31 import org.apache.catalina.LifecycleException; 47 import org.apache.juli.logging.Log;48 import org.apache.juli.logging.LogFactory;49 32 import org.apache.tomcat.util.ExceptionUtils; 50 33 … … 58 41 59 42 60 import org.greenstone.gsdl3.util.GSParams; 61 62 63 // Custome Realm class desgin loosely based off (in order) details in: 43 // Custom Realm class desgin loosely based off (in order) details in: 64 44 // https://dzone.com/articles/how-to-implement-a-new-realm-in-tomcat 65 45 // https://blog.krybot.com/a?ID=01300-14edb945-73b0-433b-8e80-c6870e350cf2 … … 71 51 // 72 52 73 // In terms of addin in DEBUG statements, you need to trigger this through53 // In terms of adding in DEBUG statements, you need to trigger this through 74 54 // tomcat/conf/logging.properies: 75 55 // Otherwise even the 'old faithful' approach of printing all debug statements … … 106 86 107 87 108 public class GoogleSigninJDBCRealm extends JDBCRealm88 public class GoogleSigninJDBCRealm extends DataSourceRealm 109 89 { 110 90 … … 223 203 * @exception SQLException if a database error occurs 224 204 */ 225 protected PreparedStatement emailToUsername(Connection dbConnection, 226 String emailAddress)227 throws SQLException 228 {229 if (preparedEmailToUsername == null){205 protected PreparedStatement emailToUsername(Connection dbConnection, String emailAddress) 206 throws SQLException 207 { 208 if (preparedEmailToUsername == null) 209 { 230 210 StringBuilder sb = new StringBuilder("SELECT "); 231 211 sb.append(userNameCol); … … 259 239 * @return the username associated with the given principal's email address 260 240 */ 261 protected synchronized String getUsernameFromEmail(String email_address) {262 241 protected synchronized String getUsernameFromEmail(String email_address) 242 { 263 243 // Look up the username 264 244 String dbUsername = null; … … 274 254 int numberOfTries = 2; 275 255 276 // Note: The following code is based on that in JDBCRealm for running SQL queries, 277 // however, it has by changed from the try-resource code pattern to using 278 // to a more explictly laid out version so it is compatible with versions 279 // of JDK prior to 1.8 280 281 ResultSet rs = null; 282 while (numberOfTries > 0) { 283 try { 284 // Ensure that we have an open database connection 285 open(); 286 256 // Note: The following code is based on that in JDBCRealm for running SQL queries, 257 // however, it has by changed from the try-resource code pattern to using 258 // to a more explictly laid out version so it is compatible with versions 259 // of JDK prior to 1.8 260 // Note (cstephen, 14/01/2022): The code has been updated to work with a DataSourceRealm 261 262 ResultSet rs = null; 263 while (numberOfTries > 0) 264 { 265 Connection dbConnection = open(); 266 if (dbConnection == null) { 267 continue; 268 } 269 270 try 271 { 287 272 PreparedStatement stmt = emailToUsername(dbConnection, email_address); 288 rs = stmt.executeQuery(); 289 290 if (rs.next()) { 291 dbUsername = rs.getString(1); 292 } 293 294 dbConnection.commit(); 295 296 if (dbUsername != null) { 297 dbUsername = dbUsername.trim(); 298 } 299 300 rs.close(); 301 rs = null; 302 303 return dbUsername; 304 } 305 catch (SQLException e) { 273 rs = stmt.executeQuery(); 274 275 if (rs.next()) { 276 dbUsername = rs.getString(1); 277 } 278 279 dbConnection.commit(); 280 281 if (dbUsername != null) { 282 dbUsername = dbUsername.trim(); 283 } 284 285 rs.close(); 286 rs = null; 287 288 return dbUsername; 289 } 290 catch (SQLException e) 291 { 306 292 // Log the problem for posterity 307 containerLog.error(sm.getString("jdbcRealm.exception"), e); 308 309 } 310 311 if (rs != null) { 312 try { 313 rs.close(); 314 } 315 catch (SQLException e) { 316 containerLog.error(sm.getString("jdbcRealm.exception trying to close() ResultSet"), e); 317 } 318 rs = null; 319 } 293 containerLog.error(sm.getString("dataSourceRealm.exception"), e); 294 } 295 296 if (rs != null) 297 { 298 try { 299 rs.close(); 300 } 301 catch (SQLException e) { 302 containerLog.error(sm.getString("dataSourceRealm.exception trying to close() ResultSet"), e); 303 } 304 305 rs = null; 306 } 320 307 321 308 // Close the connection so that it gets reopened next time … … 420 407 } 421 408 else { 422 // Regular Greenstone3 User Login case 409 // Regular Greenstone3 User Login case 410 System.out.println("***> beginning normal authentication"); 423 411 principal = super.authenticate(username,credentials); 424 412 }
Note:
See TracChangeset
for help on using the changeset viewer.