JBoss Community Archive (Read Only)

PicketBox

Database Based Authentication Manager

When the Identity store is a database, we can use the Database Based Authentication Manager to authenticate the users. Both JPA and JDBC can be used to connect to the DB and execute the password query.

Configuration Options - JPA

Option	Description	Default Value	Example
jpaConfigName	the name of the persistence unit as configured in the persistence.xml file
passwordQuery	required parameter that specifies the query that must be run in order to obtain the password associated with the incoming username. It must return a single result and must accept the username as a query parameter		SELECT PASSWORD FROM USERS WHERE USERNAME = ?

Configuration Options - JDBC

Option	Description	Default Value	Example
dataSource	allows for direct injection of a DataSource instance
dsJNDIName	specifies the JNDI name that can be used to retrieve a DataSource instance. If the DataSource has not been injected directly, this property MUST be set. Otherwise, authentication will fail
passwordQuery	required parameter that specifies the query that must be run in order to obtain the password associated with the incoming username. It must return a single result and must accept the username as a query parameter		SELECT PASSWORD FROM USERS WHERE USERNAME = ?

Planned Enhancements

Deal with salted/masked passwords.
Suspend and resume incoming transactions when performing the DB query.

JBoss.org Content Archive (Read Only), exported from JBoss Community Documentation Editor at 2020-03-11 12:16:22 UTC, last content change 2012-07-18 21:40:05 UTC.