SQLServerAuthorizationManager

Les implémentations de AuthorizationManager sont dédiées au développeur de webapp. Cette implémentation de AuthorizationManager permet une méthode d'autorisation basée sur la base de données SQLServer.

1. SQLServerAuthorizationManager paramètres

La DTD (jGuardPrincipalsPermissions_x.xx.dtd), doit être placée dans le même répertoire. Ces paramètres doivent être placés dans la liste de paramètres de l'AccessFilter situé dans le fichier web.xml.

permissionManager

valurs

net.sf.jguard.authorization.SQLServerAuthorizationManager

description

Il configure l'utilisation de l'implémentation SQLServer du AuthorizationManager.

exemple

    .....
        <init-param>
            <param-name>permissionManager</param-name>
            <param-value>net.sf.jguard.authorization.SQLServerAuthorizationManager</param-value>
            <description>class which handle to collect permissionsCollection</description>
        </init-param>
    .....

authorizationDriver

valeurs

com.microsoft.jdbc.sqlserver.SQLServerDriver

description

Il indique l'implementation SQLServer de l'interface java.sql.Driver.

exemple

    .....
        <init-param>
            <param-name>authorizationDriver</param-name>
            <param-value> com.microsoft.jdbc.sqlserver.SQLServerDriver</param-value>
            <description>jdbc driver for authorizations</description>
        </init-param>    ....

authorizationUrl

valeurs

any JDBC compliant url

description

Ce paramètre permet d'établir une connexion à la base de données.

exemple

    .....
        <init-param>
            <param-name>authorizationUrl</param-name>
            <param-value>jdbc:microsoft:sqlserver://localhost:1433</param-value>
            <description>jdbc url for authorizations</description>
        </init-param>
    ....

authorizationLogin

valeurs

toute valeur

description

this paramètre est l'identifiant utilisé pour établir la connexion.

example

    .....
        <init-param>
            <param-name>authorizationLogin</param-name>
            <param-value>system</param-value>
            <description>login to establish authorizations connection</description>
        </init-param>
    ....

authorizationPassword

valeurs

toute valeur

description

Ce paramètre est le mot de passe the utilisé pour établir la connexion.

exemple

    .....
        <init-param>
            <param-name>authorizationPassword</param-name>
            <param-value>manager</param-value>
            <description>password to establish authorizations connection</description>
        </init-param>
    ....

debug

valeurs

true or false

description

permet l'affichae d'informations de debug avec la valeur true.

exemple

    .....
        <init-param>
            <param-name>debug</param-name>
            <param-value>false</param-value>
            <description>enable debug with true to trace authorization settings</description>
        </init-param>
    ....

2. script d'installation SQL


-- drop constraints

if exists (select * from dbo.sysobjects where id = object_id('fk_permission_role'))
ALTER TABLE jg_role_permission DROP CONSTRAINT fk_permission_role;

if exists (select * from dbo.sysobjects where id = object_id('fk_role_permission'))
ALTER TABLE jg_role_permission DROP CONSTRAINT fk_role_permission;

if exists (select * from dbo.sysobjects where id = object_id('fk_permission_parameter'))
ALTER TABLE jg_urlquery DROP CONSTRAINT fk_permission_parameter;

if exists (select * from dbo.sysobjects where id = object_id('fk_role_permission'))
ALTER TABLE jg_permission DROP CONSTRAINT fk_permission_domain;


-- drop tables

if exists (select * from dbo.sysobjects where id = object_id('jg_role_domain'))
DROP TABLE jg_role_domain;

if exists (select * from dbo.sysobjects where id = object_id('jg_role_permission'))
DROP TABLE jg_role_permission;

if exists (select * from dbo.sysobjects where id = object_id('jg_urlquery'))
DROP TABLE jg_urlquery;

if exists (select * from dbo.sysobjects where id = object_id('jg_app_role'))
DROP TABLE jg_app_role;

if exists (select * from dbo.sysobjects where id = object_id('jg_permission'))
DROP TABLE jg_permission;

if exists (select * from dbo.sysobjects where id = object_id('jg_domain'))
DROP TABLE jg_domain;

-- table which links roles and domains in a many-to-many relationship
create table jg_role_domain (
   domain_id bigint not null,
   role_id bigint not null,
   primary key (role_id, domain_id)
);


-- table which links roles and permissionsin a many-to-many relationship
create table jg_role_permission (
   permission_id bigint not null,
   role_id bigint not null,
   primary key (role_id, permission_id)
);

-- table for url query values with permissions
create table jg_urlquery (
   id bigint not null IDENTITY(1,1),
   parameter varchar(255),
   value varchar(255),
   permission_id bigint,
   primary key (id)
);

-- table for application role names
create table jg_app_role (
   id bigint not null IDENTITY(1,1),
   name varchar(255) not null,
   primary key (id)
);

-- table for domain names
create table jg_domain(
  id bigint not null IDENTITY(1,1),
  name varchar(255) not null,
  primary key(id)
);

-- table for permission definitions
create table jg_permission (
   id bigint not null IDENTITY(1,1),
   name varchar(255) not null,
   uri varchar(255),
   description varchar(255),
   scheme varchar(5),
   domain_id bigint,
   primary key (id)
);

-- set constraints for role and permission relationship
alter table jg_role_permission add constraint fk_permission_role foreign key (role_id) references jg_app_role(id);
alter table jg_role_permission add constraint fk_role_permission foreign key (permission_id) references jg_permission(id);

-- set constraints for role and domain relationship
alter table jg_role_domain add constraint fk_domain_role foreign key (role_id) references jg_app_role(id);
alter table jg_role_domain add constraint fk_role_domain foreign key (domain_id) references jg_domain(id);

-- set constraint for permission linked to url query value
alter table jg_urlquery add constraint fk_permission_parameter foreign key (permission_id) references jg_permission(id);

-- set constraint for permission linked to domain
alter table jg_permission add constraint fk_permission_domain foreign key (domain_id) references jg_domain(id);

jGuard

installation de jGuard dans j2ee

Login Modules

Authorization Managers

jGuard avancé

installation de jGuard sur la jvm

SQLServerAuthorizationManager

1. SQLServerAuthorizationManager paramètres

permissionManager

valurs

description

exemple

authorizationDriver

valeurs

description

exemple

authorizationUrl

valeurs

description

exemple

authorizationLogin

valeurs

description

example

authorizationPassword

valeurs

description

exemple

debug

valeurs

description

exemple

2. script d'installation SQL