SQLServerAuthorizationManager
AuthorizationManager implementations are dedicated to the webapp developer. this AuthorizationManager implementation permits an SQLServer database-based authorization method.1. SQLServerAuthorizationManager parameters
The corresponding DTD (jGuardPrincipalsPermissions_x.xx.dtd), must be in the same directory.-
permissionManager
values
net.sf.jguard.authorization.SQLServerAuthorizationManager
description
this parameter must be placed in the AccessFilter parameters list, in the web.xml file. It refers to the SQLServer AuthorizationManager implementation.
example
..... <init-param> <param-name>permissionManager</param-name> <param-value>net.sf.jguard.authorization.SQLServerAuthorizationManager</param-value> <description>class which handle to collect permissionsCollection</description> </init-param> .....
-
authorizationDriver
values
com.microsoft.jdbc.sqlserver.SQLServerDriver
description
this parameter must be placed in the AccessFilter parameters list, in the web.xml file. It refers to the SQLServer implementation of the java.sql.Driver interface.
example
..... <init-param> <param-name>authorizationDriver</param-name> <param-value> com.microsoft.jdbc.sqlserver.SQLServerDriver</param-value> <description>jdbc driver for authorizations</description> </init-param> ....
-
authorizationUrl
values
any JDBC compliant url
description
this parameter permits to establish a database connection.
example
..... <init-param> <param-name>authorizationUrl</param-name> <param-value>jdbc:microsoft:sqlserver://localhost:1433</param-value> <description>jdbc url for authorizations</description> </init-param> ....
-
authorizationLogin
values
any value
description
this parameter is the login value used to establish the connection.
example
..... <init-param> <param-name>authorizationLogin</param-name> <param-value>system</param-value> <description>login to establish authorizations connection</description> </init-param> ....
-
authorizationPassword
values
any value
description
this parameter is the password value used to establish the connection.
example
..... <init-param> <param-name>authorizationPassword</param-name> <param-value>manager</param-value> <description>password to establish authorizations connection</description> </init-param> ....
-
debug
values
true or false
description
enable debug information with the true value.
example
..... <init-param> <param-name>debug</param-name> <param-value>false</param-value> <description>enable debug with true to trace authorization settings</description> </init-param> ....
2. SQL installation script
-- drop constraints if exists (select * from dbo.sysobjects where id = object_id('fk_permission_role')) ALTER TABLE jg_role_permission DROP CONSTRAINT fk_permission_role; if exists (select * from dbo.sysobjects where id = object_id('fk_role_permission')) ALTER TABLE jg_role_permission DROP CONSTRAINT fk_role_permission; if exists (select * from dbo.sysobjects where id = object_id('fk_permission_parameter')) ALTER TABLE jg_urlquery DROP CONSTRAINT fk_permission_parameter; if exists (select * from dbo.sysobjects where id = object_id('fk_role_permission')) ALTER TABLE jg_permission DROP CONSTRAINT fk_permission_domain; -- drop tables if exists (select * from dbo.sysobjects where id = object_id('jg_role_domain')) DROP TABLE jg_role_domain; if exists (select * from dbo.sysobjects where id = object_id('jg_role_permission')) DROP TABLE jg_role_permission; if exists (select * from dbo.sysobjects where id = object_id('jg_urlquery')) DROP TABLE jg_urlquery; if exists (select * from dbo.sysobjects where id = object_id('jg_app_role')) DROP TABLE jg_app_role; if exists (select * from dbo.sysobjects where id = object_id('jg_permission')) DROP TABLE jg_permission; if exists (select * from dbo.sysobjects where id = object_id('jg_domain')) DROP TABLE jg_domain; -- table which links roles and domains in a many-to-many relationship create table jg_role_domain ( domain_id bigint not null, role_id bigint not null, primary key (role_id, domain_id) ); -- table which links roles and permissionsin a many-to-many relationship create table jg_role_permission ( permission_id bigint not null, role_id bigint not null, primary key (role_id, permission_id) ); -- table for url query values with permissions create table jg_urlquery ( id bigint not null IDENTITY(1,1), parameter varchar(255), value varchar(255), permission_id bigint, primary key (id) ); -- table for application role names create table jg_app_role ( id bigint not null IDENTITY(1,1), name varchar(255) not null, primary key (id) ); -- table for domain names create table jg_domain( id bigint not null IDENTITY(1,1), name varchar(255) not null, primary key(id) ); -- table for permission definitions create table jg_permission ( id bigint not null IDENTITY(1,1), name varchar(255) not null, uri varchar(255), description varchar(255), scheme varchar(5), domain_id bigint, primary key (id) ); -- set constraints for role and permission relationship alter table jg_role_permission add constraint fk_permission_role foreign key (role_id) references jg_app_role(id); alter table jg_role_permission add constraint fk_role_permission foreign key (permission_id) references jg_permission(id); -- set constraints for role and domain relationship alter table jg_role_domain add constraint fk_domain_role foreign key (role_id) references jg_app_role(id); alter table jg_role_domain add constraint fk_role_domain foreign key (domain_id) references jg_domain(id); -- set constraint for permission linked to url query value alter table jg_urlquery add constraint fk_permission_parameter foreign key (permission_id) references jg_permission(id); -- set constraint for permission linked to domain alter table jg_permission add constraint fk_permission_domain foreign key (domain_id) references jg_domain(id);