Example 1 with NoneAuthenticationServiceImpl
use of org.apache.derby.impl.jdbc.authentication.NoneAuthenticationServiceImpl in project derby by apache.
the class EmbedConnection method checkUserCredentials.
//
// Check passed-in user's credentials.
//
private void checkUserCredentials(boolean creatingDatabase, String dbname, Properties userInfo) throws SQLException {
if (SanityManager.DEBUG)
SanityManager.ASSERT(!isClosed(), "connection is closed");
// If a database name was passed-in then check user's credential
// in that database using the database's authentication service,
// otherwise check if it is a valid user in the JBMS system.
//
// NOTE: We always expect an authentication service per database
// and one at the system level.
//
AuthenticationService authenticationService = null;
try {
// Retrieve appropriate authentication service handle
if (dbname == null)
authenticationService = getLocalDriver().getAuthenticationService();
else
authenticationService = getTR().getDatabase().getAuthenticationService();
} catch (StandardException se) {
throw Util.generateCsSQLException(se);
}
// it is _always_ expected.
if (authenticationService == null) {
String failedString = MessageService.getTextMessage((dbname == null) ? MessageId.AUTH_NO_SERVICE_FOR_SYSTEM : MessageId.AUTH_NO_SERVICE_FOR_DB);
throw newSQLException(SQLState.LOGIN_FAILED, failedString);
}
//
if (creatingDatabase && compareDatabaseNames(getDBName(), authenticationService.getSystemCredentialsDatabaseName())) {
//
// NATIVE authentication using a system-wide credentials database
// which is being created now. Allow this to succeed. However, here we make sure that
// the credentials are legal. This prevents the credentials db from being
// created with a bad DBO or password.
//
String user = userInfo.getProperty(Attribute.USERNAME_ATTR);
String password = userInfo.getProperty(Attribute.PASSWORD_ATTR);
if (emptyCredential(user) || emptyCredential(password)) {
throw newSQLException(SQLState.AUTH_EMPTY_CREDENTIALS);
}
return;
}
if (dbname != null) {
checkUserIsNotARole();
}
// Let's authenticate now
boolean authenticationSucceeded = true;
try {
authenticationSucceeded = authenticationService.authenticate(dbname, userInfo);
} catch (SQLWarning warnings) {
//
// Let the user handle the warning that her password is about to expire.
//
addWarning(warnings);
}
if (!authenticationSucceeded) {
throw newSQLException(SQLState.NET_CONNECT_AUTH_FAILED, MessageService.getTextMessage(MessageId.AUTH_INVALID));
}
// to its implementation here, since it will always be present.
if (authenticationService instanceof NoneAuthenticationServiceImpl)
usingNoneAuth = true;
}
Also used :
SQLWarning(java.sql.SQLWarning)
StandardException(org.apache.derby.shared.common.error.StandardException)
NoneAuthenticationServiceImpl(org.apache.derby.impl.jdbc.authentication.NoneAuthenticationServiceImpl)
AuthenticationService(org.apache.derby.iapi.jdbc.AuthenticationService)
Aggregations
SQLWarning (java.sql.SQLWarning)1
AuthenticationService (org.apache.derby.iapi.jdbc.AuthenticationService)1
NoneAuthenticationServiceImpl (org.apache.derby.impl.jdbc.authentication.NoneAuthenticationServiceImpl)1
StandardException (org.apache.derby.shared.common.error.StandardException)1
