<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!-- NewPage -->
<html lang="en">
<head>
<!-- Generated by javadoc (version 1.7.0_40) on Mon Oct 21 11:07:36 UTC 2013 -->
<meta http-equiv="Content-Type" content="text/html" charset="UTF-8">
<title>JaasAuthBean (HSQLDB 2.2.9 API)</title>
<meta name="date" content="2013-10-21">
<link rel="stylesheet" type="text/css" href="../../../javadoc.css" title="Style">
</head>
<body>
<script type="text/javascript"><!--
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="JaasAuthBean (HSQLDB 2.2.9 API)";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<!-- ========= START OF TOP NAVBAR ======= -->
<div class="topNav"><a name="navbar_top">
<!-- -->
</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../overview-summary.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/JaasAuthBean.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../index-all.html">Index</a></li>
<li><a href="../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li><a href="../../../org/hsqldb/auth/HsqldbSlaveAuthBean.html" title="class in org.hsqldb.auth"><span class="strong">Prev Class</span></a></li>
<li><a href="../../../org/hsqldb/auth/JaasAuthBean.UPCallbackHandler.html" title="class in org.hsqldb.auth"><span class="strong">Next Class</span></a></li>
</ul>
<ul class="navList">
<li><a href="../../../index.html?org/hsqldb/auth/JaasAuthBean.html" target="_top">Frames</a></li>
<li><a href="JaasAuthBean.html" target="_top">No Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_top");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<div>
<ul class="subNavList">
<li>Summary: </li>
<li><a href="#nested_class_summary">Nested</a> | </li>
<li>Field | </li>
<li><a href="#constructor_summary">Constr</a> | </li>
<li><a href="#method_summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail: </li>
<li>Field | </li>
<li><a href="#constructor_detail">Constr</a> | </li>
<li><a href="#method_detail">Method</a></li>
</ul>
</div>
<a name="skip-navbar_top">
<!-- -->
</a></div>
<!-- ========= END OF TOP NAVBAR ========= -->
<!-- ======== START OF CLASS DATA ======== -->
<div class="header">
<div class="subTitle">org.hsqldb.auth</div>
<h2 title="Class JaasAuthBean" class="title">Class JaasAuthBean</h2>
</div>
<div class="contentContainer">
<ul class="inheritance">
<li>java.lang.Object</li>
<li>
<ul class="inheritance">
<li>org.hsqldb.auth.JaasAuthBean</li>
</ul>
</li>
</ul>
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Implemented Interfaces:</dt>
<dd><a href="../../../org/hsqldb/auth/AuthFunctionBean.html" title="interface in org.hsqldb.auth">AuthFunctionBean</a></dd>
</dl>
<hr>
<br>
<pre>public class <span class="strong">JaasAuthBean</span>
extends java.lang.Object
implements <a href="../../../org/hsqldb/auth/AuthFunctionBean.html" title="interface in org.hsqldb.auth">AuthFunctionBean</a></pre>
<div class="block">Provides authentication and authorization (roles and initial schema)
according to JAAS modules configured by the runtime JAAS implementation.
<P>
<b>JAAS modules used must have both a NameCallback and a PasswordCallback.</b>
This is how we pass the JDBC-provided user name and password to the module.
</P> <P>
JAAS setup is Java-implementation-specific.
For Sun Java, you set up a JAAS configuration file which resides at
<code>$HOME/.java.login.config</code> or at the location that you set with
Java system property <code>java.security.auth.login.config</code>.
</P> <P>
You can use this bean to manage just access, or also to manage roles or
initial schemas.
To use for roles or initial schemas, you must set the roleSchemaValuePattern
property to distinguish which of the JAAS-module-provided values to use.
By default, all JAAS-module-provided Principles will be candidates.
If you set property roleSchemaViaCredential to true, then all
JAAS-module-provided public Credentials will be candidates instead.
</P></div>
<dl><dt><span class="strong">Since:</span></dt>
<dd>2.0.1</dd>
<dt><span class="strong">Author:</span></dt>
<dd>Blaine Simpson (blaine dot simpson at admc dot com)</dd>
<dt><span class="strong">See Also:</span></dt><dd><a href="../../../org/hsqldb/auth/AuthFunctionBean.html" title="interface in org.hsqldb.auth"><code>AuthFunctionBean</code></a>,
<code>NameCallback</code>,
<code>PasswordCallback</code></dd></dl>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- ======== NESTED CLASS SUMMARY ======== -->
<ul class="blockList">
<li class="blockList"><a name="nested_class_summary">
<!-- -->
</a>
<h3>Nested Class Summary</h3>
<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Nested Class Summary table, listing nested classes, and an explanation">
<caption><span>Nested Classes</span><span class="tabEnd"> </span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colLast" scope="col">Class and Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static class </code></td>
<td class="colLast"><code><strong><a href="../../../org/hsqldb/auth/JaasAuthBean.UPCallbackHandler.html" title="class in org.hsqldb.auth">JaasAuthBean.UPCallbackHandler</a></strong></code> </td>
</tr>
</table>
</li>
</ul>
<!-- ======== CONSTRUCTOR SUMMARY ======== -->
<ul class="blockList">
<li class="blockList"><a name="constructor_summary">
<!-- -->
</a>
<h3>Constructor Summary</h3>
<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
<caption><span>Constructors</span><span class="tabEnd"> </span></caption>
<tr>
<th class="colOne" scope="col">Constructor and Description</th>
</tr>
<tr class="altColor">
<td class="colOne"><code><strong><a href="../../../org/hsqldb/auth/JaasAuthBean.html#JaasAuthBean()">JaasAuthBean</a></strong>()</code> </td>
</tr>
</table>
</li>
</ul>
<!-- ========== METHOD SUMMARY =========== -->
<ul class="blockList">
<li class="blockList"><a name="method_summary">
<!-- -->
</a>
<h3>Method Summary</h3>
<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
<caption><span>Methods</span><span class="tabEnd"> </span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colLast" scope="col">Method and Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code>java.lang.String[]</code></td>
<td class="colLast"><code><strong><a href="../../../org/hsqldb/auth/JaasAuthBean.html#authenticate(java.lang.String, java.lang.String)">authenticate</a></strong>(java.lang.String userName,
java.lang.String password)</code>
<div class="block">Return a list of authorized roles or null to indicate that the
implementation does not intend to produce a specific role list but only
to indicate whether to allow access or not.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>void</code></td>
<td class="colLast"><code><strong><a href="../../../org/hsqldb/auth/JaasAuthBean.html#init()">init</a></strong>()</code> </td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>void</code></td>
<td class="colLast"><code><strong><a href="../../../org/hsqldb/auth/JaasAuthBean.html#setApplicationKey(java.lang.String)">setApplicationKey</a></strong>(java.lang.String applicationKey)</code>
<div class="block">Set the key into the JAAS runtime configuration.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>void</code></td>
<td class="colLast"><code><strong><a href="../../../org/hsqldb/auth/JaasAuthBean.html#setRoleSchemaValuePattern(java.util.regex.Pattern)">setRoleSchemaValuePattern</a></strong>(java.util.regex.Pattern roleSchemaValuePattern)</code>
<div class="block">Assign a pattern to both detect honored values, and optionally
to map from a single principal name or public credential string
to a single HyperSQL role or schema string.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>void</code></td>
<td class="colLast"><code><strong><a href="../../../org/hsqldb/auth/JaasAuthBean.html#setRoleSchemaValuePatternString(java.lang.String)">setRoleSchemaValuePatternString</a></strong>(java.lang.String patternString)</code>
<div class="block">String wrapper for method setRoleSchemaValuePattern(Pattern)
Use the (x?) Pattern constructs to set options.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>void</code></td>
<td class="colLast"><code><strong><a href="../../../org/hsqldb/auth/JaasAuthBean.html#setRoleSchemaViaCredential(boolean)">setRoleSchemaViaCredential</a></strong>(boolean roleSchemaViaCredential)</code>
<div class="block">By default, If roleSchemaValuePattern is set, then role and schema
values are obtained from principle values; otherwise existing account
privileges are used (if any).</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_java.lang.Object">
<!-- -->
</a>
<h3>Methods inherited from class java.lang.Object</h3>
<code>equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ========= CONSTRUCTOR DETAIL ======== -->
<ul class="blockList">
<li class="blockList"><a name="constructor_detail">
<!-- -->
</a>
<h3>Constructor Detail</h3>
<a name="JaasAuthBean()">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>JaasAuthBean</h4>
<pre>public JaasAuthBean()</pre>
</li>
</ul>
</li>
</ul>
<!-- ============ METHOD DETAIL ========== -->
<ul class="blockList">
<li class="blockList"><a name="method_detail">
<!-- -->
</a>
<h3>Method Detail</h3>
<a name="setRoleSchemaViaCredential(boolean)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>setRoleSchemaViaCredential</h4>
<pre>public void setRoleSchemaViaCredential(boolean roleSchemaViaCredential)</pre>
<div class="block">By default, If roleSchemaValuePattern is set, then role and schema
values are obtained from principle values; otherwise existing account
privileges are used (if any).
If roleSchemaViaCredential is set to true and roleSchemaValuePattern is
set, then credential values will be used instead.
<P>
Do not set roleSchemaViaCredential to true unless roleSchemaValuePattern
is set.
</P></div>
</li>
</ul>
<a name="init()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>init</h4>
<pre>public void init()</pre>
<dl><dt><span class="strong">Throws:</span></dt>
<dd><code>java.lang.IllegalStateException</code> - if any required setting has not been set.</dd></dl>
</li>
</ul>
<a name="setApplicationKey(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>setApplicationKey</h4>
<pre>public void setApplicationKey(java.lang.String applicationKey)</pre>
<div class="block">Set the key into the JAAS runtime configuration.
For Sun's JAAS implementation, this is the "application" identifier for
a stanza in the JAAS configuration file.</div>
</li>
</ul>
<a name="setRoleSchemaValuePattern(java.util.regex.Pattern)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>setRoleSchemaValuePattern</h4>
<pre>public void setRoleSchemaValuePattern(java.util.regex.Pattern roleSchemaValuePattern)</pre>
<div class="block">Assign a pattern to both detect honored values, and optionally
to map from a single principal name or public credential string
to a single HyperSQL role or schema string.
Do not use this method if you are using this JaasAuthBean only to
permit or reject access (with roles and schema being determined by
pre-existing local HyperSQL accounts).
On that case, simple success of the login() method method will allow
access as the specified user.
<P>
If every principal name or public credentials holds only the String
values precisely as HyperSQL needs them, then set the pattern to ".+".
For example, if the JAAS module returns principals (or credentials) with
values "one", "two", "three", then if you set this pattern to ".+",
HyperSQL will attempt to assign initial schema and roles for the values
"one", "two", and "three".
</P><P>
These are two distinct and important purposes for the specified Pattern.
<OL>
<LI>
Values that do not successfully match the pattern will be ignored.
If the pattern does match, then the entire principal or credential
value will be used to assign initial schema or role (as long as it
is a valid schema name or role name in the local database).
<LI>
Optionally uses parentheses to specify a single capture group
(if you use parentheses to specify more than one matching group, we
will only capture for the first).
What is captured by this group is exactly the role or schema that
HyperSQL will attempt to assign.
If no capture parens are given then the Pattern is only used for the
acceptance decision, and the JAAS-provided value will be returned
verbatim.
</OL>
</P><P>
N.b. this Pattern will be used for the matches() operation, therefore it
must match the entire candidate value strings (this is different than
the find operation which does not need to satisfy the entire candidate
value).
</P><P>Example1 :<CODE><PRE>
cn=([^,]+),ou=dbRole,dc=admc,dc=com
</PRE></CODE>
will extract the CN value from matching attribute values.
</P><P>Example1 :<CODE><PRE>
cn=[^,]+,ou=dbRole,dc=admc,dc=com
</PRE></CODE>
will return the entire <CODE>cn...com</CODE> string for matching
attribute values.
</P></div>
<dl><dt><span class="strong">See Also:</span></dt><dd><code>Matcher.matches()</code></dd></dl>
</li>
</ul>
<a name="setRoleSchemaValuePatternString(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>setRoleSchemaValuePatternString</h4>
<pre>public void setRoleSchemaValuePatternString(java.lang.String patternString)</pre>
<div class="block">String wrapper for method setRoleSchemaValuePattern(Pattern)
Use the (x?) Pattern constructs to set options.</div>
<dl><dt><span class="strong">Throws:</span></dt>
<dd><code>java.util.regex.PatternSyntaxException</code></dd><dt><span class="strong">See Also:</span></dt><dd><a href="../../../org/hsqldb/auth/JaasAuthBean.html#setRoleSchemaValuePattern(java.util.regex.Pattern)"><code>setRoleSchemaValuePattern(Pattern)</code></a></dd></dl>
</li>
</ul>
<a name="authenticate(java.lang.String, java.lang.String)">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>authenticate</h4>
<pre>public java.lang.String[] authenticate(java.lang.String userName,
java.lang.String password)
throws org.hsqldb.auth.DenyException</pre>
<div class="block"><strong>Description copied from interface: <code><a href="../../../org/hsqldb/auth/AuthFunctionBean.html#authenticate(java.lang.String, java.lang.String)">AuthFunctionBean</a></code></strong></div>
<div class="block">Return a list of authorized roles or null to indicate that the
implementation does not intend to produce a specific role list but only
to indicate whether to allow access or not.
A return value of String[0] is different from returning null, and means
that the user should not be granted any roles.</div>
<dl>
<dt><strong>Specified by:</strong></dt>
<dd><code><a href="../../../org/hsqldb/auth/AuthFunctionBean.html#authenticate(java.lang.String, java.lang.String)">authenticate</a></code> in interface <code><a href="../../../org/hsqldb/auth/AuthFunctionBean.html" title="interface in org.hsqldb.auth">AuthFunctionBean</a></code></dd>
<dt><span class="strong">Returns:</span></dt><dd>null or String[] according to the contract of HyperSQL
authentication function contract, except that the role/schema
list is returned as a String[] instead of a java.sql.Array.</dd>
<dt><span class="strong">Throws:</span></dt>
<dd><code>org.hsqldb.auth.DenyException</code></dd><dt><span class="strong">See Also:</span></dt><dd><a href="../../../org/hsqldb/auth/AuthFunctionBean.html#authenticate(java.lang.String, java.lang.String)"><code>AuthFunctionBean.authenticate(String, String)</code></a></dd></dl>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
</div>
<!-- ========= END OF CLASS DATA ========= -->
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<div class="bottomNav"><a name="navbar_bottom">
<!-- -->
</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../overview-summary.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/JaasAuthBean.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../index-all.html">Index</a></li>
<li><a href="../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li><a href="../../../org/hsqldb/auth/HsqldbSlaveAuthBean.html" title="class in org.hsqldb.auth"><span class="strong">Prev Class</span></a></li>
<li><a href="../../../org/hsqldb/auth/JaasAuthBean.UPCallbackHandler.html" title="class in org.hsqldb.auth"><span class="strong">Next Class</span></a></li>
</ul>
<ul class="navList">
<li><a href="../../../index.html?org/hsqldb/auth/JaasAuthBean.html" target="_top">Frames</a></li>
<li><a href="JaasAuthBean.html" target="_top">No Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_bottom");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<div>
<ul class="subNavList">
<li>Summary: </li>
<li><a href="#nested_class_summary">Nested</a> | </li>
<li>Field | </li>
<li><a href="#constructor_summary">Constr</a> | </li>
<li><a href="#method_summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail: </li>
<li>Field | </li>
<li><a href="#constructor_detail">Constr</a> | </li>
<li><a href="#method_detail">Method</a></li>
</ul>
</div>
<a name="skip-navbar_bottom">
<!-- -->
</a></div>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
<p class="legalCopy"><small><i>Copyright �� 2001 - 2010 HSQL Development Group.</i></small></p>
</body>
</html>
