Class BasicAuthenticationServiceImpl

  • All Implemented Interfaces:
    UserAuthenticator, AuthenticationService, ModuleControl, ModuleSupportable, PropertySetCallback

    public final class BasicAuthenticationServiceImpl
    extends AuthenticationServiceBase
    implements UserAuthenticator
    This authentication service is the basic Derby user authentication level support. It is activated upon setting derby.authentication.provider database or system property to 'BUILTIN'.

    It instantiates and calls the basic User authentication scheme at runtime.

    In 2.0, users can now be defined as database properties. If derby.database.propertiesOnly is set to true, then in this case, only users defined as database properties for the current database will be considered.

    • Constructor Detail

      • BasicAuthenticationServiceImpl

        public BasicAuthenticationServiceImpl()
    • Method Detail

      • canSupport

        public boolean canSupport​(java.util.Properties properties)
        Check if we should activate this authentication service.
        Specified by:
        canSupport in interface ModuleSupportable
        Returns:
        true if this instance can be used, false otherwise.
      • authenticateUser

        public boolean authenticateUser​(java.lang.String userName,
                                        java.lang.String userPassword,
                                        java.lang.String databaseName,
                                        java.util.Properties info)
                                 throws java.sql.SQLException
        Authenticate the passed-in user's credentials.
        Specified by:
        authenticateUser in interface UserAuthenticator
        Parameters:
        userName - The user's name used to connect to JBMS system
        userPassword - The user's password used to connect to JBMS system
        databaseName - The database which the user wants to connect to.
        info - Additional jdbc connection info.
        Returns:
        false if the connection request should be denied, true if the connection request should proceed. If false is returned the connection attempt will receive a SQLException with SQL State 08004.
        Throws:
        java.sql.SQLException - An exception processing the request, connection request will be denied. The SQL exception will be returned to the connection attempt.
      • hashPasswordUsingStoredAlgorithm

        private java.lang.String hashPasswordUsingStoredAlgorithm​(java.lang.String user,
                                                                  java.lang.String password,
                                                                  java.lang.String storedPassword)
                                                           throws StandardException
        Hash a password using the same algorithm as we used to generate the stored password token.
        Parameters:
        user - the user whose password to hash
        password - the plaintext password
        storedPassword - the password token that's stored in the database
        Returns:
        a digest of the password created the same way as the stored password
        Throws:
        StandardException - if the password cannot be hashed with the requested algorithm