Class PrincipalDatabaseAuthenticationManager<T extends PrincipalDatabaseAuthenticationManager<T>>
- java.lang.Object
-
- org.apache.qpid.server.model.AbstractConfiguredObject<T>
-
- org.apache.qpid.server.security.auth.manager.AbstractAuthenticationManager<T>
-
- org.apache.qpid.server.security.auth.manager.PrincipalDatabaseAuthenticationManager<T>
-
- All Implemented Interfaces:
EventLoggerProvider
,AuthenticationProvider<T>
,ConfiguredObject<T>
,ContextProvider
,ExternalFileBasedAuthenticationManager<T>
,ManagedInterface
,PasswordCredentialManagingAuthenticationProvider<T>
,PermissionedObject
,TaskExecutorProvider
,UsernamePasswordAuthenticationProvider<T>
- Direct Known Subclasses:
Base64MD5PasswordDatabaseAuthenticationManager
,PlainPasswordDatabaseAuthenticationManager
public abstract class PrincipalDatabaseAuthenticationManager<T extends PrincipalDatabaseAuthenticationManager<T>> extends AbstractAuthenticationManager<T> implements ExternalFileBasedAuthenticationManager<T>
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.apache.qpid.server.model.AbstractConfiguredObject
AbstractConfiguredObject.CallableWithArgument<V,A>, AbstractConfiguredObject.ChainedListenableFuture<V>, AbstractConfiguredObject.ChainedSettableFuture<V>, AbstractConfiguredObject.DuplicateIdException, AbstractConfiguredObject.DuplicateNameException
-
-
Field Summary
-
Fields inherited from class org.apache.qpid.server.model.AbstractConfiguredObject
SECURED_STRING_VALUE
-
Fields inherited from interface org.apache.qpid.server.model.ConfiguredObject
AWAIT_ATTAINMENT_TIMEOUT, CONTEXT, CREATED_BY, CREATED_TIME, DEFAULT_AWAIT_ATTAINMENT_TIMEOUT, DESCRIPTION, DESIRED_STATE, DURABLE, ID, LAST_UPDATED_BY, LAST_UPDATED_TIME, LIFETIME_POLICY, NAME, OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, STATE, TYPE
-
Fields inherited from interface org.apache.qpid.server.model.ExternalFileBasedAuthenticationManager
PATH
-
-
Constructor Summary
Constructors Modifier Constructor Description protected
PrincipalDatabaseAuthenticationManager(Map<String,Object> attributes, Container<?> broker)
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description com.google.common.util.concurrent.ListenableFuture<Void>
activate()
protected <C extends ConfiguredObject>
com.google.common.util.concurrent.ListenableFuture<C>addChildAsync(Class<C> childClass, Map<String,Object> attributes)
AuthenticationResult
authenticate(String username, String password)
Authenticates a user using their username and password.protected void
changeAttributes(Map<String,Object> attributes)
protected abstract PrincipalDatabase
createDatabase()
SaslNegotiator
createSaslNegotiator(String mechanism, SaslSettings saslSettings, NamedAddressSpace addressSpace)
boolean
createUser(String username, String password, Map<String,String> attributes)
void
deleteUser(String username)
List<String>
getMechanisms()
Gets the SASL mechanisms known to this manager.String
getPath()
PrincipalDatabase
getPrincipalDatabase()
Map<String,Map<String,String>>
getUsers()
void
initialise()
protected void
onCreate()
protected com.google.common.util.concurrent.ListenableFuture<Void>
onDelete()
protected void
onOpen()
protected void
postResolve()
void
reload()
Refreshes the cache of user and password data from the underlying storage.void
setPassword(String username, String password)
protected void
validateChange(ConfiguredObject<?> updatedObject, Set<String> changedAttributes)
protected void
validateOnCreate()
-
Methods inherited from class org.apache.qpid.server.security.auth.manager.AbstractAuthenticationManager
getAvailableMechanisms, getDisabledMechanisms, getEventLogger, getSecureOnlyMechanisms, logCreated, logDeleted, logOperation, logRecovered, logUpdated, onValidate, startQuiesced
-
Methods inherited from class org.apache.qpid.server.model.AbstractConfiguredObject
addChangeListener, addFutureCallback, applyToChildren, asObjectRecord, attainState, attributesAsString, attributeSet, authorise, authorise, authorise, authoriseCreateChild, awaitChildClassToAttainState, awaitChildClassToAttainState, beforeClose, beforeDelete, childAdded, childRemoved, close, closeAsync, closeChildren, create, createAsync, createChild, createChildAsync, decryptSecrets, delete, deleteAsync, deleteChildren, deleteNoChecks, doAfter, doAfter, doAfter, doAfter, doAfter, doAfter, doAfterAlways, doAfterAlways, doCreation, doOnConfigThread, doOpening, doResolution, doSync, doSync, doValidation, findConfiguredObject, forceUpdateAllSecureAttributes, getAccessControl, getActualAttributes, getAncestor, getAttainedChildById, getAttainedChildByName, getAttribute, getAttributeNames, getCategoryClass, getChildById, getChildByName, getChildExecutor, getChildren, getContext, getContextKeys, getContextValue, getContextValue, getCreatedBy, getCreatedTime, getDescription, getDesiredState, getId, getLastOpenedTime, getLastUpdatedBy, getLastUpdatedTime, getLifetimePolicy, getModel, getName, getObjectFactory, getParent, getState, getStatistics, getStatistics, getSubjectWithAddedSystemRights, getSystemPrincipal, getSystemTaskControllerContext, getSystemTaskSubject, getSystemTaskSubject, getTaskExecutor, getType, getTypeClass, getUserPreferences, handleExceptionOnOpen, hasEncrypter, isDurable, isSystemProcess, isSystemSubject, managesChildStorage, newToken, notifyStateChanged, onClose, onExceptionInOpen, onResolve, open, openAsync, postResolveChildren, postSetAttributes, registerWithParents, removeChangeListener, removeContextVariable, rethrowRuntimeExceptionsOnOpen, runTask, setAttributes, setAttributesAsync, setContextVariable, setEncrypter, setState, setUserPreferences, start, startAsync, stop, toString, updateModel, validateChildDelete
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface org.apache.qpid.server.model.AuthenticationProvider
getAvailableMechanisms, getDisabledMechanisms, getSecureOnlyMechanisms
-
Methods inherited from interface org.apache.qpid.server.model.ConfiguredObject
addChangeListener, asObjectRecord, authorise, authorise, authorise, close, closeAsync, createChild, createChildAsync, decryptSecrets, delete, deleteAsync, findConfiguredObject, getActualAttributes, getAttainedChildById, getAttainedChildByName, getAttribute, getAttributeNames, getCategoryClass, getChildById, getChildByName, getChildExecutor, getChildren, getContext, getCreatedBy, getCreatedTime, getDescription, getDesiredState, getId, getLastOpenedTime, getLastUpdatedBy, getLastUpdatedTime, getLifetimePolicy, getModel, getName, getObjectFactory, getParent, getState, getStatistics, getStatistics, getType, getTypeClass, getUserPreferences, hasEncrypter, isDurable, managesChildStorage, newToken, open, openAsync, removeChangeListener, removeContextVariable, setAttributes, setAttributesAsync, setContextVariable, setUserPreferences
-
Methods inherited from interface org.apache.qpid.server.model.ContextProvider
getContextKeys, getContextValue, getContextValue
-
Methods inherited from interface org.apache.qpid.server.logging.EventLoggerProvider
getEventLogger
-
Methods inherited from interface org.apache.qpid.server.model.TaskExecutorProvider
getTaskExecutor
-
-
-
-
Method Detail
-
validateOnCreate
protected void validateOnCreate()
- Overrides:
validateOnCreate
in classAbstractConfiguredObject<T extends PrincipalDatabaseAuthenticationManager<T>>
-
onCreate
protected void onCreate()
- Overrides:
onCreate
in classAbstractConfiguredObject<T extends PrincipalDatabaseAuthenticationManager<T>>
-
onOpen
protected void onOpen()
- Overrides:
onOpen
in classAbstractConfiguredObject<T extends PrincipalDatabaseAuthenticationManager<T>>
-
postResolve
protected void postResolve()
- Overrides:
postResolve
in classAbstractConfiguredObject<T extends PrincipalDatabaseAuthenticationManager<T>>
-
createDatabase
protected abstract PrincipalDatabase createDatabase()
-
getPath
public String getPath()
- Specified by:
getPath
in interfaceExternalFileBasedAuthenticationManager<T extends PrincipalDatabaseAuthenticationManager<T>>
-
initialise
public void initialise()
-
getMechanisms
public List<String> getMechanisms()
Description copied from interface:AuthenticationProvider
Gets the SASL mechanisms known to this manager.- Specified by:
getMechanisms
in interfaceAuthenticationProvider<T extends PrincipalDatabaseAuthenticationManager<T>>
- Returns:
- SASL mechanism names, space separated.
-
createSaslNegotiator
public SaslNegotiator createSaslNegotiator(String mechanism, SaslSettings saslSettings, NamedAddressSpace addressSpace)
- Specified by:
createSaslNegotiator
in interfaceAuthenticationProvider<T extends PrincipalDatabaseAuthenticationManager<T>>
-
authenticate
public AuthenticationResult authenticate(String username, String password)
Description copied from interface:UsernamePasswordAuthenticationProvider
Authenticates a user using their username and password.- Specified by:
authenticate
in interfaceUsernamePasswordAuthenticationProvider<T extends PrincipalDatabaseAuthenticationManager<T>>
- Parameters:
username
- usernamepassword
- password- Returns:
- authentication result
- See Also:
UsernamePasswordAuthenticationProvider.authenticate(String, String)
-
getPrincipalDatabase
public PrincipalDatabase getPrincipalDatabase()
-
activate
public com.google.common.util.concurrent.ListenableFuture<Void> activate()
- Overrides:
activate
in classAbstractAuthenticationManager<T extends PrincipalDatabaseAuthenticationManager<T>>
-
onDelete
protected com.google.common.util.concurrent.ListenableFuture<Void> onDelete()
- Overrides:
onDelete
in classAbstractConfiguredObject<T extends PrincipalDatabaseAuthenticationManager<T>>
-
createUser
public boolean createUser(String username, String password, Map<String,String> attributes)
- Specified by:
createUser
in interfacePasswordCredentialManagingAuthenticationProvider<T extends PrincipalDatabaseAuthenticationManager<T>>
-
deleteUser
public void deleteUser(String username) throws AccountNotFoundException
- Specified by:
deleteUser
in interfacePasswordCredentialManagingAuthenticationProvider<T extends PrincipalDatabaseAuthenticationManager<T>>
- Throws:
AccountNotFoundException
-
setPassword
public void setPassword(String username, String password) throws AccountNotFoundException
- Specified by:
setPassword
in interfacePasswordCredentialManagingAuthenticationProvider<T extends PrincipalDatabaseAuthenticationManager<T>>
- Throws:
AccountNotFoundException
-
getUsers
public Map<String,Map<String,String>> getUsers()
- Specified by:
getUsers
in interfacePasswordCredentialManagingAuthenticationProvider<T extends PrincipalDatabaseAuthenticationManager<T>>
-
reload
public void reload() throws IOException
Description copied from interface:PasswordCredentialManagingAuthenticationProvider
Refreshes the cache of user and password data from the underlying storage. If there is a failure whilst reloading the data, the implementation must throw anIOException
and revert to using the previous cached username and password data. In this way, the broker will remain usable.- Specified by:
reload
in interfacePasswordCredentialManagingAuthenticationProvider<T extends PrincipalDatabaseAuthenticationManager<T>>
- Throws:
IOException
-
addChildAsync
protected <C extends ConfiguredObject> com.google.common.util.concurrent.ListenableFuture<C> addChildAsync(Class<C> childClass, Map<String,Object> attributes)
- Overrides:
addChildAsync
in classAbstractConfiguredObject<T extends PrincipalDatabaseAuthenticationManager<T>>
-
validateChange
protected void validateChange(ConfiguredObject<?> updatedObject, Set<String> changedAttributes)
- Overrides:
validateChange
in classAbstractConfiguredObject<T extends PrincipalDatabaseAuthenticationManager<T>>
-
changeAttributes
protected void changeAttributes(Map<String,Object> attributes)
- Overrides:
changeAttributes
in classAbstractConfiguredObject<T extends PrincipalDatabaseAuthenticationManager<T>>
-
-