FELIX-3981 Create a sample project for demonstrating Felix JAAS main features
Adding a LoginModuleFactory based example which uses an embedded DataBase (H2) to perform user authentication
git-svn-id: https://svn.apache.org/repos/asf/felix/trunk@1461132 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/examples/jaas/jdbc-h2/pom.xml b/examples/jaas/jdbc-h2/pom.xml
new file mode 100644
index 0000000..0444809
--- /dev/null
+++ b/examples/jaas/jdbc-h2/pom.xml
@@ -0,0 +1,124 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>felix-parent</artifactId>
+ <version>2.1</version>
+ <relativePath>../../../pom/pom.xml</relativePath>
+ </parent>
+
+ <groupId>org.apache.felix.example</groupId>
+ <artifactId>org.apache.felix.example.jaas.jdbc-h2</artifactId>
+ <version>0.0.1-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>JAAS Example - H2 Db</name>
+
+ <prerequisites>
+ <maven>3.0.3</maven>
+ </prerequisites>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ <version>2.3.5</version>
+ <extensions>true</extensions>
+ <configuration>
+ <obrRepository>NONE</obrRepository>
+ <instructions>
+ <Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
+ <Bundle-Activator>org.apache.felix.example.jaas.jdbc.internal.H2Activator</Bundle-Activator>
+ <Embed-Dependency>
+ h2
+ </Embed-Dependency>
+ <Import-Package>
+ org.osgi.service.jdbc.*;
+ org.apache.lucene.*;
+ javax.transaction.*;resolution:=optional,
+ *
+ </Import-Package>
+ </instructions>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-scr-plugin</artifactId>
+ <version>1.11.0</version>
+ <executions>
+ <execution>
+ <id>generate-scr-scrdescriptor</id>
+ <goals>
+ <goal>scr</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>1.6</source>
+ <target>1.6</target>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.rat</groupId>
+ <artifactId>apache-rat-plugin</artifactId>
+ <configuration>
+ <includes>
+ <include>src/**</include>
+ </includes>
+ <excludes>
+ <exclude>src/main/resources/*.csv</exclude>
+ </excludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.core</artifactId>
+ <version>4.2.0</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.compendium</artifactId>
+ <version>4.2.0</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.apache.felix.scr.annotations</artifactId>
+ <version>1.9.0</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ <version>2.4</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>com.h2database</groupId>
+ <artifactId>h2</artifactId>
+ <version>1.3.171</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <version>1.6.4</version>
+ <scope>provided</scope>
+ </dependency>
+ </dependencies>
+
+</project>
\ No newline at end of file
diff --git a/examples/jaas/jdbc-h2/src/main/java/org/apache/felix/example/jaas/jdbc/internal/H2Activator.java b/examples/jaas/jdbc-h2/src/main/java/org/apache/felix/example/jaas/jdbc/internal/H2Activator.java
new file mode 100644
index 0000000..321b16d
--- /dev/null
+++ b/examples/jaas/jdbc-h2/src/main/java/org/apache/felix/example/jaas/jdbc/internal/H2Activator.java
@@ -0,0 +1,96 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.felix.example.jaas.jdbc.internal;
+
+import java.sql.Connection;
+import java.sql.SQLException;
+import java.sql.Statement;
+import java.util.Dictionary;
+import java.util.Hashtable;
+
+import javax.servlet.Servlet;
+import javax.sql.DataSource;
+
+import org.h2.Driver;
+import org.h2.jdbcx.JdbcDataSource;
+import org.h2.server.web.WebServlet;
+import org.osgi.framework.BundleActivator;
+import org.osgi.framework.BundleContext;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class H2Activator implements BundleActivator
+{
+ private Logger log = LoggerFactory.getLogger(getClass());
+ private JdbcDataSource ds;
+ private Connection connection;
+
+ @Override
+ public void start(BundleContext context) throws Exception
+ {
+ ds = new JdbcDataSource();
+ ds.setURL("jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE");
+
+ Dictionary<String, String> props = new Hashtable<String, String>();
+ props.put("dataSourceName", "test");
+ context.registerService(DataSource.class.getName(), ds, props);
+
+ loadData(ds);
+
+ //Register the H2 console servlet
+ Dictionary<String, String> servletProps = new Hashtable<String, String>();
+ servletProps.put("alias", "/h2");
+ servletProps.put("init.webAllowOthers", "true");
+
+ context.registerService(Servlet.class.getName(), new WebServlet(), servletProps);
+ }
+
+ private void loadData(JdbcDataSource ds) throws SQLException
+ {
+ //Load the default data of user and roles
+ connection = ds.getConnection();
+ Statement stmt = connection.createStatement();
+ stmt.execute("CREATE TABLE USERS AS SELECT * FROM CSVREAD('classpath:users.csv',null,'lineComment=#')");
+ stmt.execute("CREATE TABLE ROLES AS SELECT * FROM CSVREAD('classpath:roles.csv',null,'lineComment=#')");
+ stmt.close();
+ log.info("Successfully imported default user and roles");
+ }
+
+ @Override
+ public void stop(BundleContext context) throws Exception
+ {
+ if (connection != null)
+ {
+ Statement stat = connection.createStatement();
+ stat.execute("SHUTDOWN");
+ stat.close();
+
+ try
+ {
+ connection.close();
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ }
+ }
+ Driver.unload();
+ }
+}
diff --git a/examples/jaas/jdbc-h2/src/main/resources/roles.csv b/examples/jaas/jdbc-h2/src/main/resources/roles.csv
new file mode 100644
index 0000000..b073c09
--- /dev/null
+++ b/examples/jaas/jdbc-h2/src/main/resources/roles.csv
@@ -0,0 +1,5 @@
+#Default role to user mapping
+ROLE,USERNAME
+ADMIN,foo
+ADMIN,admin
+USER,bob
\ No newline at end of file
diff --git a/examples/jaas/jdbc-h2/src/main/resources/users.csv b/examples/jaas/jdbc-h2/src/main/resources/users.csv
new file mode 100644
index 0000000..83f1676
--- /dev/null
+++ b/examples/jaas/jdbc-h2/src/main/resources/users.csv
@@ -0,0 +1,4 @@
+USERNAME,PASSWORD
+foo,bar
+bob,password
+admin,password
\ No newline at end of file
diff --git a/examples/jaas/launcher/src/main/bundles/list.xml b/examples/jaas/launcher/src/main/bundles/list.xml
index 35d6d3e..649ef91 100644
--- a/examples/jaas/launcher/src/main/bundles/list.xml
+++ b/examples/jaas/launcher/src/main/bundles/list.xml
@@ -52,6 +52,16 @@
<artifactId>org.apache.felix.example.jaas.lm-config</artifactId>
<version>${jaas.example.version}</version>
</bundle>
+ <bundle>
+ <groupId>org.apache.felix.example</groupId>
+ <artifactId>org.apache.felix.example.jaas.lm-jdbc</artifactId>
+ <version>${jaas.example.version}</version>
+ </bundle>
+ <bundle>
+ <groupId>org.apache.felix.example</groupId>
+ <artifactId>org.apache.felix.example.jaas.jdbc-h2</artifactId>
+ <version>${jaas.example.version}</version>
+ </bundle>
<!-- Bundles lrequired for Sling Installer Support -->
<bundle>
diff --git a/examples/jaas/launcher/src/main/config/org.apache.felix.example.jaas.jdbc.factory-h2.cfg b/examples/jaas/launcher/src/main/config/org.apache.felix.example.jaas.jdbc.factory-h2.cfg
new file mode 100644
index 0000000..e0e8980
--- /dev/null
+++ b/examples/jaas/launcher/src/main/config/org.apache.felix.example.jaas.jdbc.factory-h2.cfg
@@ -0,0 +1,22 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+jaas.realmName=sample
+jaas.controlFlag=sufficient
+
+datasourceName=test
diff --git a/examples/jaas/launcher/src/main/config/org.apache.felix.jaas.Configuration.factory-simple.cfg b/examples/jaas/launcher/src/main/config/org.apache.felix.jaas.Configuration.factory-simple.cfg
index 6e19a73..055c554 100644
--- a/examples/jaas/launcher/src/main/config/org.apache.felix.jaas.Configuration.factory-simple.cfg
+++ b/examples/jaas/launcher/src/main/config/org.apache.felix.jaas.Configuration.factory-simple.cfg
@@ -18,6 +18,6 @@
#
jaas.classname=org.apache.felix.example.jaas.config.internal.SampleConfigLoginModule
-jaas.controlFlag=required
+jaas.controlFlag=sufficient
jaas.ranking=0
jaas.realmName=sample
diff --git a/examples/jaas/launcher/src/main/sling/common.properties b/examples/jaas/launcher/src/main/sling/common.properties
index 9c59295..4e2d212 100644
--- a/examples/jaas/launcher/src/main/sling/common.properties
+++ b/examples/jaas/launcher/src/main/sling/common.properties
@@ -16,6 +16,7 @@
# specific language governing permissions and limitations
# under the License.
#
-
+# suppress inspection "UnusedProperty" for whole file
sling.bootdelegation.class.org.apache.felix.jaas.boot.ProxyLoginModule = \
- org.apache.felix.jaas.boot
\ No newline at end of file
+ org.apache.felix.jaas.boot
+sling.home = jaas-sample
diff --git a/examples/jaas/lm-jdbc/pom.xml b/examples/jaas/lm-jdbc/pom.xml
new file mode 100644
index 0000000..9a0d016
--- /dev/null
+++ b/examples/jaas/lm-jdbc/pom.xml
@@ -0,0 +1,104 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>felix-parent</artifactId>
+ <version>2.1</version>
+ <relativePath>../../../pom/pom.xml</relativePath>
+ </parent>
+
+ <groupId>org.apache.felix.example</groupId>
+ <artifactId>org.apache.felix.example.jaas.lm-jdbc</artifactId>
+ <version>0.0.1-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>JAAS Example - JDBC based Login Module</name>
+
+ <prerequisites>
+ <maven>3.0.3</maven>
+ </prerequisites>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ <version>2.3.5</version>
+ <extensions>true</extensions>
+ <configuration>
+ <instructions>
+ <Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
+ <Embed-Dependency>
+ org.apache.sling.commons.osgi;inline=
+ org/apache/sling/commons/osgi/PropertiesUtil*.class
+ </Embed-Dependency>
+ </instructions>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-scr-plugin</artifactId>
+ <version>1.11.0</version>
+ <executions>
+ <execution>
+ <id>generate-scr-scrdescriptor</id>
+ <goals>
+ <goal>scr</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>1.6</source>
+ <target>1.6</target>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.core</artifactId>
+ <version>4.2.0</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.compendium</artifactId>
+ <version>4.2.0</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.apache.felix.scr.annotations</artifactId>
+ <version>1.9.0</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.apache.felix.jaas</artifactId>
+ <version>0.0.1-SNAPSHOT</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>org.apache.sling.commons.osgi</artifactId>
+ <version>2.2.0</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <version>1.6.4</version>
+ <scope>provided</scope>
+ </dependency>
+ </dependencies>
+
+</project>
\ No newline at end of file
diff --git a/examples/jaas/lm-jdbc/src/main/java/org/apache/felix/example/jaas/jdbc/JdbcLoginModule.java b/examples/jaas/lm-jdbc/src/main/java/org/apache/felix/example/jaas/jdbc/JdbcLoginModule.java
new file mode 100644
index 0000000..39c93bc
--- /dev/null
+++ b/examples/jaas/lm-jdbc/src/main/java/org/apache/felix/example/jaas/jdbc/JdbcLoginModule.java
@@ -0,0 +1,187 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.felix.example.jaas.jdbc;
+
+import java.io.IOException;
+import java.security.Principal;
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+import javax.sql.DataSource;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The code is based on org.apache.karaf.jaas.modules.jdbc.JDBCLoginModule
+ */
+public class JdbcLoginModule implements LoginModule {
+ private static Logger log = LoggerFactory.getLogger(JdbcLoginModule.class);
+ private final DataSource dataSource;
+ private CallbackHandler callbackHandler;
+ private Set<Principal> principals;
+ private boolean detailedLoginExcepion;
+ private Subject subject;
+ private final String passwordQuery;
+ private final String roleQuery;
+
+ public JdbcLoginModule(DataSource dataSource, String passwordQuery, String roleQuery) {
+ this.dataSource = dataSource;
+ this.passwordQuery = passwordQuery;
+ this.roleQuery = roleQuery;
+ }
+
+
+ @Override
+ public void initialize(Subject subject, CallbackHandler callbackHandler,
+ Map<String, ?> sharedState, Map<String, ?> options) {
+ this.callbackHandler = callbackHandler;
+ this.subject = subject;
+
+ }
+
+ @Override
+ public boolean login() throws LoginException {
+ Connection connection = null;
+
+ PreparedStatement passwordStatement = null;
+ PreparedStatement roleStatement = null;
+
+ ResultSet passwordResultSet = null;
+ ResultSet roleResultSet = null;
+
+ Callback[] callbacks = new Callback[2];
+ callbacks[0] = new NameCallback("Username: ");
+ callbacks[1] = new PasswordCallback("Password: ", false);
+
+ try {
+ callbackHandler.handle(callbacks);
+ } catch (IOException ioe) {
+ throw new LoginException(ioe.getMessage());
+ } catch (UnsupportedCallbackException uce) {
+ throw new LoginException(uce.getMessage() + " not available to obtain information from user");
+ }
+
+ String user = ((NameCallback) callbacks[0]).getName();
+
+ char[] tmpPassword = ((PasswordCallback) callbacks[1]).getPassword();
+ if (tmpPassword == null) {
+ tmpPassword = new char[0];
+ }
+
+ String password = new String(tmpPassword);
+ principals = new HashSet<Principal>();
+
+ try {
+ connection = dataSource.getConnection();
+
+ //Retrieve user credentials from database.
+ passwordStatement = connection.prepareStatement(passwordQuery);
+ passwordStatement.setString(1, user);
+ passwordResultSet = passwordStatement.executeQuery();
+
+ if (!passwordResultSet.next()) {
+ if (!this.detailedLoginExcepion) {
+ throw new LoginException("login failed");
+ } else {
+ throw new LoginException("Password for " + user + " does not match");
+ }
+ } else {
+ String storedPassword = passwordResultSet.getString(1);
+
+ if (!checkPassword(password, storedPassword)) {
+ if (!this.detailedLoginExcepion) {
+ throw new LoginException("login failed");
+ } else {
+ throw new LoginException("Password for " + user + " does not match");
+ }
+ }
+ principals.add(new UserPrincipal(user));
+ }
+
+ //Retrieve user roles from database
+ roleStatement = connection.prepareStatement(roleQuery);
+ roleStatement.setString(1, user);
+ roleResultSet = roleStatement.executeQuery();
+ while (roleResultSet.next()) {
+ String role = roleResultSet.getString(1);
+ principals.add(new RolePrincipal(role));
+ }
+ } catch (Exception ex) {
+ throw new LoginException("Error has occured while retrieving credentials from database:" + ex.getMessage());
+ } finally {
+ try {
+ if (passwordResultSet != null) {
+ passwordResultSet.close();
+ }
+ if (passwordStatement != null) {
+ passwordStatement.close();
+ }
+ if (roleResultSet != null) {
+ roleResultSet.close();
+ }
+ if (roleStatement != null) {
+ roleStatement.close();
+ }
+ if (connection != null) {
+ connection.close();
+ }
+ } catch (SQLException ex) {
+ log.warn("Failed to clearly close connection to the database:", ex);
+ }
+ }
+ return true;
+ }
+
+ private boolean checkPassword(String password, String storedPassword) {
+ return password.equals(storedPassword);
+ }
+
+ @Override
+ public boolean commit() throws LoginException {
+ subject.getPrincipals().addAll(principals);
+ return true;
+ }
+
+ @Override
+ public boolean abort() throws LoginException {
+ subject.getPrincipals().removeAll(principals);
+ principals.clear();
+ return true;
+ }
+
+ @Override
+ public boolean logout() throws LoginException {
+ return false;
+ }
+}
diff --git a/examples/jaas/lm-jdbc/src/main/java/org/apache/felix/example/jaas/jdbc/JdbcLoginModuleFactory.java b/examples/jaas/lm-jdbc/src/main/java/org/apache/felix/example/jaas/jdbc/JdbcLoginModuleFactory.java
new file mode 100644
index 0000000..1cc93e4
--- /dev/null
+++ b/examples/jaas/lm-jdbc/src/main/java/org/apache/felix/example/jaas/jdbc/JdbcLoginModuleFactory.java
@@ -0,0 +1,139 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.felix.example.jaas.jdbc;
+
+import java.util.Dictionary;
+import java.util.Hashtable;
+import java.util.Map;
+
+import javax.security.auth.spi.LoginModule;
+import javax.sql.DataSource;
+
+import org.apache.felix.jaas.LoginModuleFactory;
+import org.apache.felix.scr.annotations.Activate;
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.ConfigurationPolicy;
+import org.apache.felix.scr.annotations.Deactivate;
+import org.apache.felix.scr.annotations.Property;
+import org.apache.felix.scr.annotations.PropertyOption;
+import org.apache.sling.commons.osgi.PropertiesUtil;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.Constants;
+import org.osgi.framework.Filter;
+import org.osgi.framework.InvalidSyntaxException;
+import org.osgi.framework.ServiceRegistration;
+import org.osgi.util.tracker.ServiceTracker;
+
+@Component(label = "%jdbc.name",
+ description = "%jdbc.description",
+ metatype = true,
+ name = JdbcLoginModuleFactory.SERVICE_PID,
+ configurationFactory = true,
+ specVersion = "1.1",
+ policy = ConfigurationPolicy.REQUIRE
+)
+public class JdbcLoginModuleFactory implements LoginModuleFactory
+{
+
+ public static final String SERVICE_PID = " org.apache.felix.example.jaas.jdbc.factory";
+
+ @Property(value = "required", options = {
+ @PropertyOption(name = "required", value = "%jaas.flag.required"),
+ @PropertyOption(name = "requisite", value = "%jaas.flag.requisite"),
+ @PropertyOption(name = "sufficient", value = "%jaas.flag.sufficient"),
+ @PropertyOption(name = "optional", value = "%jaas.flag.optional") })
+ static final String JAAS_CONTROL_FLAG = "jaas.controlFlag";
+
+ @Property(intValue = 0)
+ static final String JAAS_RANKING = "jaas.ranking";
+
+ @Property
+ private static final String PROP_REALM = "jaas.realmName";
+
+ private static final String DEFAULT_PWD_QUERY = "SELECT PASSWORD FROM USERS WHERE USERNAME=?";
+ @Property(value = DEFAULT_PWD_QUERY)
+ private static final String PROP_PWD_QUERY = "query.pwd";
+ private String passwordQuery;
+
+ private static final String DEFAULT_ROLE_QUERY = "SELECT ROLE FROM ROLES WHERE USERNAME=?";
+ @Property(value = DEFAULT_ROLE_QUERY)
+ private static final String PROP_ROLE_QUERY = "query.role";
+ private String roleQuery;
+
+ private static final String DEFAULT_DS_NAME = "test";
+ @Property
+ private static final String PROP_DS_NAME = "datasourceName";
+ private String datasourceName;
+ private ServiceTracker dataSourceTracker;
+
+ private ServiceRegistration loginModuleFactoryReg;
+
+ @Activate
+ public void activate(BundleContext context, Map<String, ?> conf)
+ throws InvalidSyntaxException
+ {
+ passwordQuery = PropertiesUtil.toString(conf.get(PROP_PWD_QUERY),
+ DEFAULT_PWD_QUERY);
+ roleQuery = PropertiesUtil.toString(conf.get(PROP_ROLE_QUERY), DEFAULT_ROLE_QUERY);
+ datasourceName = PropertiesUtil.toString(conf.get(PROP_DS_NAME), DEFAULT_DS_NAME);
+
+ Filter filter = context.createFilter("(&(objectClass=javax.sql.DataSource)"
+ + "(dataSourceName=" + datasourceName + "))");
+ dataSourceTracker = new ServiceTracker(context, filter, null);
+ dataSourceTracker.open();
+ registerLoginModuleFactory(context, conf);
+ }
+
+ @Deactivate
+ private void deactivate()
+ {
+ if (loginModuleFactoryReg != null)
+ {
+ loginModuleFactoryReg.unregister();
+ }
+
+ if(dataSourceTracker != null)
+ {
+ dataSourceTracker.close();
+ }
+ }
+
+ private void registerLoginModuleFactory(BundleContext context, Map<String, ?> config)
+ {
+ Dictionary<String,Object> lmProps = new Hashtable<String,Object>();
+
+ String controlFlag = PropertiesUtil.toString(config.get(JAAS_CONTROL_FLAG),
+ "required");
+ lmProps.put(LoginModuleFactory.JAAS_CONTROL_FLAG,controlFlag);
+ lmProps.put(LoginModuleFactory.JAAS_REALM_NAME, PropertiesUtil.toString(config.get(PROP_REALM), null));
+ lmProps.put(Constants.SERVICE_RANKING,
+ PropertiesUtil.toInteger(config.get(JAAS_RANKING), 0));
+
+ loginModuleFactoryReg = context.registerService(
+ LoginModuleFactory.class.getName(), this, lmProps);
+ }
+
+ @Override
+ public LoginModule createLoginModule()
+ {
+ return new JdbcLoginModule(
+ (DataSource) dataSourceTracker.getService(), passwordQuery, roleQuery);
+ }
+}
diff --git a/examples/jaas/lm-jdbc/src/main/java/org/apache/felix/example/jaas/jdbc/RolePrincipal.java b/examples/jaas/lm-jdbc/src/main/java/org/apache/felix/example/jaas/jdbc/RolePrincipal.java
new file mode 100644
index 0000000..ddc835c
--- /dev/null
+++ b/examples/jaas/lm-jdbc/src/main/java/org/apache/felix/example/jaas/jdbc/RolePrincipal.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.felix.example.jaas.jdbc;
+
+import java.security.Principal;
+
+public class RolePrincipal implements Principal {
+
+ private final String name;
+
+ public RolePrincipal(String name) {
+ assert name != null;
+ this.name = name;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (!(o instanceof RolePrincipal)) return false;
+
+ RolePrincipal that = (RolePrincipal) o;
+
+ if (name != null ? !name.equals(that.name) : that.name != null) return false;
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ return name != null ? name.hashCode() : 0;
+ }
+
+ @Override
+ public String toString() {
+ return "RolePrincipal[" + name + "]";
+ }
+
+}
diff --git a/examples/jaas/lm-jdbc/src/main/java/org/apache/felix/example/jaas/jdbc/UserPrincipal.java b/examples/jaas/lm-jdbc/src/main/java/org/apache/felix/example/jaas/jdbc/UserPrincipal.java
new file mode 100644
index 0000000..55b0051
--- /dev/null
+++ b/examples/jaas/lm-jdbc/src/main/java/org/apache/felix/example/jaas/jdbc/UserPrincipal.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.felix.example.jaas.jdbc;
+
+import java.security.Principal;
+
+public class UserPrincipal implements Principal {
+
+ private final String name;
+
+ public UserPrincipal(String name) {
+ assert name != null;
+ this.name = name;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (!(o instanceof UserPrincipal)) return false;
+
+ UserPrincipal that = (UserPrincipal) o;
+
+ if (name != null ? !name.equals(that.name) : that.name != null) return false;
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ return name != null ? name.hashCode() : 0;
+ }
+
+ @Override
+ public String toString() {
+ return "UserPrincipal[" + name + "]";
+ }
+
+}
diff --git a/examples/jaas/lm-jdbc/src/main/resources/OSGI-INF/metatype/metatype.properties b/examples/jaas/lm-jdbc/src/main/resources/OSGI-INF/metatype/metatype.properties
new file mode 100644
index 0000000..13899d4
--- /dev/null
+++ b/examples/jaas/lm-jdbc/src/main/resources/OSGI-INF/metatype/metatype.properties
@@ -0,0 +1,50 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# suppress inspection "UnusedProperty" for whole file
+
+jdbc.name=Apache Felix JDBC LoginModule Example
+jdbc.description=Configuration details for connecting to Database
+
+#JAAS Stuff
+jaas.controlFlag.name=Control Flag
+jaas.controlFlag.description=The Flag value controls the overall behavior as authentication proceeds down the stack
+
+jaas.flag.required=Required
+jaas.flag.requisite=Requisite
+jaas.flag.sufficient=Sufficient
+jaas.flag.optional=Optional
+
+jaas.ranking.name = Ranking
+jaas.ranking.description = The relative ranking of this configuration.
+
+jaas.options.name = Options
+jaas.options.description = Properties in the form of key value pairs that are passed on to the LoginModule(name=value pairs)
+
+jaas.realmName.name = Realm Name
+jaas.realmName.description = Name of the application
+
+datasourceName.name = Datasource Name
+datasourceName.description = Name of the datasource
+
+query.role.name= Role Query
+query.role.description = Query to fetch user roles
+
+query.pwd.name = Password Query
+query.pwd.description = Query to fetch user password
+
diff --git a/examples/jaas/pom.xml b/examples/jaas/pom.xml
index 6f5ba52..843c011 100644
--- a/examples/jaas/pom.xml
+++ b/examples/jaas/pom.xml
@@ -33,6 +33,8 @@
<modules>
<module>lm-config</module>
+ <module>lm-jdbc</module>
+ <module>jdbc-h2</module>
<module>app</module>
<module>launcher</module>
</modules>