Package org.h2.security.auth

Class DefaultAuthenticator

java.lang.Object
org.h2.security.auth.DefaultAuthenticator
All Implemented Interfaces:
Authenticator
public class DefaultAuthenticator extends Object implements Authenticator
Default authenticator implementation.

When client connectionInfo contains property AUTHREALM={realName} credentials (typically user id and password) are validated by CredentialsValidator configured for that realm.

When client connectionInfo doesn't contains AUTHREALM property credentials are validated internally on the database

Rights assignment can be managed through UserToRolesMapper

Default configuration has a realm H2 that validate credentials through JAAS api (appName=h2). To customize configuration set h2.authConfigFile system property to refer a valid h2auth.xml config file

  • Field Details

  • Constructor Details

    • DefaultAuthenticator

      public DefaultAuthenticator()
      Create the Authenticator with default configurations

    • DefaultAuthenticator

      public DefaultAuthenticator(boolean skipDefaultInitialization)
      Create authenticator and optionally skip the default configuration. This option is useful when the authenticator is configured at code level
      Parameters:
      skipDefaultInitialization - if true default initialization is skipped

  • Method Details

    • getInstance

      protected static final DefaultAuthenticator getInstance()

    • isPersistUsers

      public boolean isPersistUsers()
      If set save users externals defined during the authentication.
      Returns:
      true if user will be persisted, otherwise returns false

    • setPersistUsers

      public void setPersistUsers(boolean persistUsers)
      If set to true saves users externals defined during the authentication.
      Parameters:
      persistUsers - true if user will be persisted, otherwise false.

    • isAllowUserRegistration

      public boolean isAllowUserRegistration()
      If set create external users in the database if not present.
      Returns:
      true if creation external user is allowed, otherwise returns false

    • setAllowUserRegistration

      public void setAllowUserRegistration(boolean allowUserRegistration)
      If set totrue creates external users in the database if not present.
      Parameters:
      allowUserRegistration - true if creation external user is allowed, otherwise returns false

    • isCreateMissingRoles

      public boolean isCreateMissingRoles()
      When set create roles not found in the database. If not set roles not found in the database are silently skipped.
      Returns:
      true if not found roles will be created, false roles are silently skipped.

    • setCreateMissingRoles

      public void setCreateMissingRoles(boolean createMissingRoles)
      Sets the flag that define behavior in case external roles not found in the database.
      Parameters:
      createMissingRoles - when is true not found roles are created, when is false roles are silently skipped.

    • addRealm

      public void addRealm(String name, CredentialsValidator credentialsValidator)
      Add an authentication realm. Realms are case insensitive
      Parameters:
      name - realm name
      credentialsValidator - credentials validator for realm

    • getUserToRolesMappers

      public List<UserToRolesMapper> getUserToRolesMappers()
      UserToRoleMappers assign roles to authenticated users
      Returns:
      current UserToRoleMappers active

    • setUserToRolesMappers

      public void setUserToRolesMappers(UserToRolesMapper... userToRolesMappers)

    • init

      public void init(Database database) throws AuthConfigException
      Initializes the authenticator. this method is skipped if skipDefaultInitialization is set Order of initialization is
      1. Check h2.authConfigFile system property.
      2. Use the default configuration hard coded
      Specified by:
      init in interface Authenticator
      Parameters:
      database - where authenticator is initialized
      Throws:
      AuthConfigException

    • configureFromUrl

      public void configureFromUrl(URL configUrl) throws AuthenticationException, SAXException, IOException, ParserConfigurationException
      Configure the authenticator from a configuration file
      Parameters:
      configUrl - URL of configuration file
      Throws:
      AuthenticationException - on failure
      SAXException - on failure
      IOException - on failure
      ParserConfigurationException - on failure

    • authenticate

      public final User authenticate(AuthenticationInfo authenticationInfo, Database database) throws AuthenticationException
      Description copied from interface: Authenticator
      Perform user authentication.
      Specified by:
      authenticate in interface Authenticator
      Parameters:
      authenticationInfo - authentication info.
      database - target database instance.
      Returns:
      valid database user or null if user doesn't exists in the database
      Throws:
      AuthenticationException - on failure