jGuard install on j2ee

  1. required librairies
  2. AccessFilter and web.xml
  3. integrate jGuard in your jsp
  4. integrate jGuard in your servlets

Login Modules

Authorization Managers

Advanced jGuard

jGuard install on jvm

  1. java.home
  2. libraries and bootclasspath
  3. java.security
  4. jGuard.loginScheme
  5. jGuard.policy







SQLServerAuthorizationManager

AuthorizationManager implementations are dedicated to the webapp developer. this AuthorizationManager implementation permits an SQLServer database-based authorization method.

1. SQLServerAuthorizationManager parameters

The corresponding DTD (jGuardPrincipalsPermissions_x.xx.dtd), must be in the same directory.

2. SQL installation script


-- drop constraints

if exists (select * from dbo.sysobjects where id = object_id('fk_permission_role'))
ALTER TABLE jg_role_permission DROP CONSTRAINT fk_permission_role;

if exists (select * from dbo.sysobjects where id = object_id('fk_role_permission'))
ALTER TABLE jg_role_permission DROP CONSTRAINT fk_role_permission;

if exists (select * from dbo.sysobjects where id = object_id('fk_permission_parameter'))
ALTER TABLE jg_urlquery DROP CONSTRAINT fk_permission_parameter;

if exists (select * from dbo.sysobjects where id = object_id('fk_role_permission'))
ALTER TABLE jg_permission DROP CONSTRAINT fk_permission_domain;


-- drop tables

if exists (select * from dbo.sysobjects where id = object_id('jg_role_domain'))
DROP TABLE jg_role_domain;

if exists (select * from dbo.sysobjects where id = object_id('jg_role_permission'))
DROP TABLE jg_role_permission;

if exists (select * from dbo.sysobjects where id = object_id('jg_urlquery'))
DROP TABLE jg_urlquery;

if exists (select * from dbo.sysobjects where id = object_id('jg_app_role'))
DROP TABLE jg_app_role;

if exists (select * from dbo.sysobjects where id = object_id('jg_permission'))
DROP TABLE jg_permission;

if exists (select * from dbo.sysobjects where id = object_id('jg_domain'))
DROP TABLE jg_domain;

-- table which links roles and domains in a many-to-many relationship
create table jg_role_domain (
   domain_id bigint not null,
   role_id bigint not null,
   primary key (role_id, domain_id)
);


-- table which links roles and permissionsin a many-to-many relationship
create table jg_role_permission (
   permission_id bigint not null,
   role_id bigint not null,
   primary key (role_id, permission_id)
);

-- table for url query values with permissions
create table jg_urlquery (
   id bigint not null IDENTITY(1,1),
   parameter varchar(255),
   value varchar(255),
   permission_id bigint,
   primary key (id)
);

-- table for application role names
create table jg_app_role (
   id bigint not null IDENTITY(1,1),
   name varchar(255) not null,
   primary key (id)
);

-- table for domain names
create table jg_domain(
  id bigint not null IDENTITY(1,1),
  name varchar(255) not null,
  primary key(id)
);

-- table for permission definitions
create table jg_permission (
   id bigint not null IDENTITY(1,1),
   name varchar(255) not null,
   uri varchar(255),
   description varchar(255),
   scheme varchar(5),
   domain_id bigint,
   primary key (id)
);

-- set constraints for role and permission relationship
alter table jg_role_permission add constraint fk_permission_role foreign key (role_id) references jg_app_role(id);
alter table jg_role_permission add constraint fk_role_permission foreign key (permission_id) references jg_permission(id);

-- set constraints for role and domain relationship
alter table jg_role_domain add constraint fk_domain_role foreign key (role_id) references jg_app_role(id);
alter table jg_role_domain add constraint fk_role_domain foreign key (domain_id) references jg_domain(id);

-- set constraint for permission linked to url query value
alter table jg_urlquery add constraint fk_permission_parameter foreign key (permission_id) references jg_permission(id);

-- set constraint for permission linked to domain
alter table jg_permission add constraint fk_permission_domain foreign key (domain_id) references jg_domain(id);