Package org.apache.derby.iapi.sql.dictionary

Examples of org.apache.derby.iapi.sql.dictionary.UserDescriptor

2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
            ** We tell the data dictionary we're done writing at the end of
            ** the transaction.
            */
            dd.startWriting(lcc);

            UserDescriptor  userDescriptor = makeUserDescriptor( dd, tc, userName, password );

            dd.addDescriptor( userDescriptor, null, DataDictionary.SYSUSERS_CATALOG_NUM, false, tc );

            // turn on NATIVE::LOCAL authentication
            if ( dd.getAuthorizationDatabaseOwner().equals( userName ) )
View Full Code Here
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
        String  hashingScheme = hasher.encodeHashingScheme();
        String  hashedPassword = hasher.hashPasswordIntoString( userName, password );
           
        Timestamp   currentTimestamp = new Timestamp( (new java.util.Date()).getTime() );

        UserDescriptor  userDescriptor = ddg.newUserDescriptor
            ( userName, hashingScheme, hashedPassword.toCharArray(), currentTimestamp );

        return userDescriptor;
    }
View Full Code Here
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
            ** We tell the data dictionary we're done writing at the end of
            ** the transaction.
            */
            dd.startWriting(lcc);

            UserDescriptor  userDescriptor = makeUserDescriptor( dd, tc, userName, password );

            dd.updateUser( userDescriptor, tc );
           
        } catch (StandardException se) { throw PublicAPI.wrapStandardException(se); }
    }
View Full Code Here
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
            ** We tell the data dictionary we're done writing at the end of
            ** the transaction.
            */
            dd.startWriting(lcc);

            UserDescriptor  userDescriptor = makeUserDescriptor( dd, tc, userName, password );

            dd.updateUser( userDescriptor, tc );
           
        } catch (StandardException se) { throw PublicAPI.wrapStandardException(se); }
    }
View Full Code Here
418
419
420
421
422
423
424
425
426
427
428
            // because you can't store credentials in a pre-10.9 database.
            if ( settingToNativeLocal )
            {
                DataDictionary  dd = getDataDictionary();
                String              dbo = dd.getAuthorizationDatabaseOwner();
                UserDescriptor  userCredentials = dd.getUser( dbo );

                if ( userCredentials == null )
                {
                    throw StandardException.newException( SQLState.PROPERTY_DBO_LACKS_CREDENTIALS );
                }
View Full Code Here
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
    ExecRow              row;

        try {
            if ( td != null
            {
                UserDescriptor descriptor = (UserDescriptor) td;
                userName = descriptor.getUserName();
                hashingScheme = descriptor.getHashingScheme();
                password = descriptor.getAndZeroPassword();
                lastModified = descriptor.getLastModified();
            }
 
            /* Build the row to insert  */
            row = getExecutionFactory().getValueRow( SYSUSERS_COLUMN_COUNT );

View Full Code Here
195
196
197
198
199
200
201
202
203
204
205
    char[]  password = null;
    Timestamp   lastModified;
    DataValueDescriptor  col;
    SQLVarchar  passwordCol = null;

    UserDescriptor  result;

        try {
            /* 1st column is USERNAME */
            col = row.getColumn( USERNAME_COL_NUM );
            userName = col.getString();
View Full Code Here
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
       
        //
        // we expect to find a data dictionary
        //
        DataDictionary      dd = (DataDictionary) Monitor.getServiceModule( this, DataDictionary.MODULE );       
        UserDescriptor      userDescriptor = dd.getUser( userName );
       
        if ( userDescriptor == null )
        {
            //
            // Before returning, we pretend to evaluate the password.
            // This helps prevent blackhats from discovering legal usernames
            // by measuring how long password evaluation takes. For more context,
            // see the 2012-02-22 comment on DERBY-5539.
            //
            PasswordHasher          hasher = dd.makePasswordHasher( getDatabaseProperties() );
           
            hasher.hashPasswordIntoString( userName, userPassword ).toCharArray();

            return false;
        }
       
        PasswordHasher      hasher = new PasswordHasher( userDescriptor.getHashingScheme() );
        char[]                     candidatePassword = hasher.hashPasswordIntoString( userName, userPassword ).toCharArray();
        char[]                     actualPassword = userDescriptor.getAndZeroPassword();

        try {
            if ( (candidatePassword == null) || (actualPassword == null)) { return false; }
            if ( candidatePassword.length != actualPassword.length ) { return false; }
       
            for ( int i = 0; i < candidatePassword.length; i++ )
            {
                if ( candidatePassword[ i ] != actualPassword[ i ] ) { return false; }
            }
        } finally
        {
            if ( candidatePassword != null ) { Arrays.fill( candidatePassword, (char) 0 ); }
            if ( actualPassword != null ) { Arrays.fill( actualPassword, (char) 0 ); }
        }

        //
        // Password is good. Check whether the password has expired or will expire soon.
        //
        if ( _passwordLifetimeMillis > 0 )
        {
            long    passwordAge = System.currentTimeMillis() - userDescriptor.getLastModified().getTime();
            long    remainingLifetime = _passwordLifetimeMillis - passwordAge;

            //
            // Oops, the password has expired. Fail the authentication. Say nothing more
            // so that we give password crackers as little information as possible.
View Full Code Here
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
            ** We tell the data dictionary we're done writing at the end of
            ** the transaction.
            */
            dd.startWriting(lcc);

            UserDescriptor  userDescriptor = makeUserDescriptor( dd, tc, userName, password );

            dd.addDescriptor( userDescriptor, null, DataDictionary.SYSUSERS_CATALOG_NUM, false, tc );

            // turn on NATIVE::LOCAL authentication
            if ( dd.getAuthorizationDatabaseOwner().equals( userName ) )
View Full Code Here
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
        String  hashingScheme = hasher.encodeHashingScheme();
        String  hashedPassword = hasher.hashPasswordIntoString( userName, password );
           
        Timestamp   currentTimestamp = new Timestamp( (new java.util.Date()).getTime() );

        UserDescriptor  userDescriptor = ddg.newUserDescriptor
            ( userName, hashingScheme, hashedPassword.toCharArray(), currentTimestamp );

        return userDescriptor;
    }
View Full Code Here
TOP

Related Classes of org.apache.derby.iapi.sql.dictionary.UserDescriptor

  • org.apache.derby.catalog.SystemProcedures
  • org.apache.derby.impl.jdbc.authentication.AuthenticationServiceBase
  • org.apache.derby.impl.jdbc.authentication.NativeAuthenticationServiceImpl
  • org.apache.derby.impl.sql.catalog.SYSUSERSRowFactory
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.