[ all classes ]
[ com.acciente.oacc.sql ]
Coverage Summary for Class: SQLAccessControlContextFactory (com.acciente.oacc.sql)
Class | Class, % | Method, % | Line, % |
---|---|---|---|
SQLAccessControlContextFactory | 100% (1/ 1) | 40% (4/ 10) | 33.3% (4/ 12) |
1 /*
2 * Copyright 2009-2017, Acciente LLC
3 *
4 * Acciente LLC licenses this file to you under the
5 * Apache License, Version 2.0 (the "License"); you
6 * may not use this file except in compliance with the
7 * License. You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in
12 * writing, software distributed under the License is
13 * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES
14 * OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing
16 * permissions and limitations under the License.
17 */
18 package com.acciente.oacc.sql;
19
20 import com.acciente.oacc.AccessControlContext;
21 import com.acciente.oacc.AuthenticationProvider;
22 import com.acciente.oacc.encryptor.PasswordEncryptor;
23 import com.acciente.oacc.encryptor.jasypt.JasyptPasswordEncryptor;
24 import com.acciente.oacc.encryptor.jasypt.LegacyJasyptPasswordEncryptor;
25 import com.acciente.oacc.sql.internal.SQLAccessControlContext;
26
27 import javax.sql.DataSource;
28 import java.sql.Connection;
29
30 /**
31 * The factory that provides OACC's AccessControlContext implementation, which is backed by a database.
32 */
33 public class SQLAccessControlContextFactory {
34 /**
35 * Creates an {@link AccessControlContext} instance backed by the specified database connection. A set of valid
36 * OACC database tables are expected to reside in the specified schema. The dialect of SQL supported by the database
37 * server for which the connection is provided is specified using the SQLProfile parameter. The access control
38 * context returned by this method uses the built-in authentication provider that delegates all password encryption
39 * and decryption to a {@link PasswordEncryptor} instance provided by
40 * {@link LegacyJasyptPasswordEncryptor#newInstance()} -- therefore the instance returned by this method may
41 * only be used when all existing resource passwords were encrypted using Jasypt. This method is deprecated, please
42 * see the deprecation note below.
43 *
44 * @param connection a database connection with access to the required OACC tables
45 * @param schemaName the name of the schema in the database containing the OACC tables
46 * @param sqlProfile the database provider and dialect of SQL supported for the database server associated
47 * with the connection provided
48 * @return an {@link AccessControlContext} instance ready to receive API calls
49 * @deprecated as of OACC v2.0.0-rc8, replaced by
50 * {@link #getAccessControlContext(Connection, String, SQLProfile, PasswordEncryptor)} where the password encryptor
51 * parameter is an instance of the new Jasypt password encryptor implementation
52 * {@link JasyptPasswordEncryptor}.
53 */
54 @Deprecated
55 public static AccessControlContext getAccessControlContext(Connection connection,
56 String schemaName,
57 SQLProfile sqlProfile) {
58 return SQLAccessControlContext.getAccessControlContext(connection,
59 schemaName,
60 sqlProfile,
61 LegacyJasyptPasswordEncryptor.newInstance());
62 }
63
64 /**
65 * Creates an {@link AccessControlContext} instance backed by the specified database data source. A set of valid
66 * OACC database tables are expected to reside in the specified schema. The dialect of SQL supported by the database
67 * server for which the data source is provided is specified using the SQLProfile parameter. The access control
68 * context returned by this method uses the built-in authentication provider that delegates all password encryption
69 * and decryption to a {@link PasswordEncryptor} instance provided by
70 * {@link LegacyJasyptPasswordEncryptor#newInstance()} -- therefore the instance returned by this method may
71 * only be used when all existing resource passwords were encrypted using Jasypt. This method is deprecated, please
72 * see the deprecation note below.
73 *
74 * @param dataSource a database data source with access to the required OACC tables
75 * @param schemaName the name of the schema in the database containing the OACC tables
76 * @param sqlProfile the database provider and dialect of SQL supported for the database server associated
77 * with the connection provided
78 * @return an {@link AccessControlContext} instance ready to receive API calls
79 * @deprecated as of OACC v2.0.0-rc8, replaced by
80 * {@link #getAccessControlContext(DataSource, String, SQLProfile, PasswordEncryptor)} where the password encryptor
81 * parameter is an instance of the new Jasypt password encryptor implementation
82 * {@link JasyptPasswordEncryptor}.
83 */
84 @Deprecated
85 public static AccessControlContext getAccessControlContext(DataSource dataSource,
86 String schemaName,
87 SQLProfile sqlProfile) {
88 return SQLAccessControlContext.getAccessControlContext(dataSource,
89 schemaName,
90 sqlProfile,
91 LegacyJasyptPasswordEncryptor.newInstance());
92 }
93
94 /**
95 * Creates an {@link AccessControlContext} instance backed by the specified database connection. A set of valid
96 * OACC database tables are expected to reside in the specified schema. The dialect of SQL supported by the database
97 * server for which the connection is provided is specified using the SQLProfile parameter. The access control
98 * context returned by this method uses the built-in authentication provider for resource authentication. The
99 * built-in authentication provider delegates all password encryption and decryption to the {@link PasswordEncryptor}
100 * instance provided -- therefore it is imperative that the {@link PasswordEncryptor} instance is able to decrypt
101 * existing resource passwords.
102 *
103 * @param connection a database connection with access to the required OACC tables
104 * @param schemaName the name of the schema in the database containing the OACC tables
105 * @param sqlProfile the database provider and dialect of SQL supported for the database server associated
106 * with the connection provided
107 * @param passwordEncryptor a {@link PasswordEncryptor} instance to which the built-in authentication provider
108 * delegates all password encryption and decryption
109 * @return an {@link AccessControlContext} instance ready to receive API calls
110 */
111 public static AccessControlContext getAccessControlContext(Connection connection,
112 String schemaName,
113 SQLProfile sqlProfile,
114 PasswordEncryptor passwordEncryptor) {
115 return SQLAccessControlContext.getAccessControlContext(connection,
116 schemaName,
117 sqlProfile,
118 passwordEncryptor);
119 }
120
121 /**
122 * Creates an {@link AccessControlContext} instance backed by the specified database data source. A set of valid
123 * OACC database tables are expected to reside in the specified schema. The dialect of SQL supported by the database
124 * server for which the data source is provided is specified using the SQLProfile parameter. The access control
125 * context returned by this method uses the built-in authentication provider for resource authentication. The
126 * built-in authentication provider delegates all password encryption and decryption to the {@link PasswordEncryptor}
127 * instance provided -- therefore it is important that the {@link PasswordEncryptor} instance is able to decrypt
128 * existing resource passwords.
129 *
130 * @param dataSource a database data source with access to the required OACC tables
131 * @param schemaName the name of the schema in the database containing the OACC tables
132 * @param sqlProfile the database provider and dialect of SQL supported for the database server associated
133 * with the data source provided
134 * @param passwordEncryptor a {@link PasswordEncryptor} instance to which the built-in authentication provider
135 * delegates all password encryption and decryption
136 * @return an {@link AccessControlContext} instance ready to receive API calls
137 */
138 public static AccessControlContext getAccessControlContext(DataSource dataSource,
139 String schemaName,
140 SQLProfile sqlProfile,
141 PasswordEncryptor passwordEncryptor) {
142 return SQLAccessControlContext.getAccessControlContext(dataSource,
143 schemaName,
144 sqlProfile,
145 passwordEncryptor);
146 }
147
148 /**
149 * Creates an {@link AccessControlContext} instance backed by the specified database connection. A set of valid
150 * OACC database tables are expected to reside in the specified schema. The dialect of SQL supported by the database
151 * server for which the connection is provided is specified using the SQLProfile parameter. The access control
152 * context returned by this method delegates all resource authentication to the specified custom authentication
153 * provider.
154 *
155 * @param connection a database connection with access to the required OACC tables
156 * @param schemaName the name of the schema in the database containing the OACC tables
157 * @param sqlProfile the database provider and dialect of SQL supported for the database server associated
158 * with the connection provided
159 * @param authenticationProvider an {@link AuthenticationProvider} instance to which all resource authentication is
160 * delegated
161 * @return an {@link AccessControlContext} instance ready to receive API calls
162 */
163 public static AccessControlContext getAccessControlContext(Connection connection,
164 String schemaName,
165 SQLProfile sqlProfile,
166 AuthenticationProvider authenticationProvider) {
167 return SQLAccessControlContext.getAccessControlContext(connection,
168 schemaName,
169 sqlProfile,
170 authenticationProvider);
171 }
172
173 /**
174 * Creates an {@link AccessControlContext} instance backed by the specified database data source. A set of valid
175 * OACC database tables are expected to reside in the specified schema. The dialect of SQL supported by the database
176 * server for which the data source is provided is specified using the SQLProfile parameter. The access control
177 * context returned by this method delegates all resource authentication to the specified custom authentication
178 * provider.
179 *
180 * @param dataSource a database data source with access to the required OACC tables
181 * @param schemaName the name of the schema in the database containing the OACC tables
182 * @param sqlProfile the database provider and dialect of SQL supported for the database server associated
183 * with the connection provided
184 * @param authenticationProvider an {@link AuthenticationProvider} instance to which all resource authentication is
185 * delegated
186 * @return an {@link AccessControlContext} instance ready to receive API calls
187 */
188 public static AccessControlContext getAccessControlContext(DataSource dataSource,
189 String schemaName,
190 SQLProfile sqlProfile,
191 AuthenticationProvider authenticationProvider) {
192 return SQLAccessControlContext.getAccessControlContext(dataSource,
193 schemaName,
194 sqlProfile,
195 authenticationProvider);
196 }
197
198 /**
199 * @deprecated As of v2.0.0-rc.6; no replacement method necessary because unserializable fields are now marked as transient
200 */
201 @Deprecated
202 public static void preSerialize(AccessControlContext accessControlContext) {
203 }
204
205 /**
206 * Re-initializes the specified deserialized accessControlContext with the specified connection.
207 * <p/>
208 * This method is only intended to be called after the specified accessControlContext was successfully
209 * deserialized, in order to reset a transient connection to a database that was not serialized. If the
210 * method is called when a data source or connection has already been initialized, the method may pass
211 * through an IllegalStateException from the accessControlContext.
212 *
213 * @param accessControlContext the accessControlContext on which to reset the database connection
214 * @param connection the database connection to be reset on the accessControlContext
215 */
216 public static void postDeserialize(AccessControlContext accessControlContext, Connection connection) {
217 SQLAccessControlContext.postDeserialize(accessControlContext, connection);
218 }
219
220 /**
221 * Re-initializes the specified deserialized accessControlContext with the specified data source.
222 * <p/>
223 * This method is only intended to be called after the specified accessControlContext was successfully
224 * deserialized, in order to reset a transient dataSource to a database that was not serialized. If the
225 * method is called when a data source or connection has already been initialized, the method may pass
226 * through an IllegalStateException from the accessControlContext.
227 *
228 * @param accessControlContext the accessControlContext on which to reset the database connection
229 * @param dataSource the database dataSource to be reset on the accessControlContext
230 */
231 public static void postDeserialize(AccessControlContext accessControlContext, DataSource dataSource) {
232 SQLAccessControlContext.postDeserialize(accessControlContext, dataSource);
233 }
234 }