Package de.businesscode.bcdui.subjectsettings

Class SecUserTableWriteCallback

java.lang.Object

de.businesscode.bcdui.binding.write.WriteProcessingCallback

de.businesscode.bcdui.subjectsettings.SecUserTableWriteCallback

public class SecUserTableWriteCallback
extends WriteProcessingCallback

To enable this class, add it as WriteProcessing/Callbacks/Callback/@class to bcd_sec_user BindingSet When writing to bcd_src_user we apply special handling: 1. Real column names of password and salt are not available in the BindingSet, so we set them here (for this one Wrq instance only, the value in BindingSet itself is not touched) Defaults are 'password' and 'password_salt', can be overwritten in web.xml in shiro as realmBcdJdbc.bcdSecUserPasswordColumnName/.bcdSecUserPasswordSaltColumnName 2. Password column writing is allowed only if a) the current user has the right given in PARAM_NAME_PERMISSION, which defaults to DEFAULT_PERMISSION, empty means everybody can write, or b) the old password is also given in an wrs:M and it matches the one currently found in database 3. If BindingItem password_salt is available in the BindingSet, we want the password salted On write we take the plain text pwd, hash it with salt and store both values. We may need to add the salt column before, if it is not present in the Wrq to the header and each row 4. If password BindingItem is not in the Wrq, or password is empty or equals NO_PW_GIVEN_VALUE, we remove the column

Nested Class Summary

Nested classes/interfaces inherited from class de.businesscode.bcdui.binding.write.WriteProcessingCallback

WriteProcessingCallback.ROW_TYPE

Field Summary

Fields

Modifier and Type	Field	Description
protected boolean	bsHasSalt
protected List<BindingItem>	columnsFull
protected List<BindingItem>	columnsOfCaller
protected List<BindingItem>	columnsWoPwd
protected List<Integer>	columnTypesFull
protected List<Integer>	columnTypesOfCaller
protected List<Integer>	columnTypesWoPwd
protected Connection	con
static final String	DEFAULT_PERMISSION
static final String	NO_PW_GIVEN_VALUE
static final String	PARAM_NAME_PERMISSION
protected BindingItem	passwordBi
protected BindingItem	passwordSaltBi
protected boolean	pwdInOrigWrq
protected org.apache.shiro.subject.Subject	subject

Fields inherited from class de.businesscode.bcdui.binding.write.WriteProcessingCallback

bindingSet

Constructor Summary

Constructors

Constructor	Description
SecUserTableWriteCallback()

Method Summary

Modifier and Type	Method	Description
void	endDataRow(WriteProcessingCallback.ROW_TYPE rowType, List<String> cValues, List<String> oValues)	Salt the password and save the hashed pwd and salt into their columns We are only allowed to write the password, if we have admin rights or provide the old password and change ourselves
void	endHeader(List<BindingItem> columns, List<Integer> columnTypes, Collection<String> keyColumnNames)	Find out where our target columns are (pwd and salt), add salt if it is not present but password is and the BindingSet contains it
protected boolean	isAllowed(WriteProcessingCallback.ROW_TYPE wrqRowType, List<String> cValues, List<String> oValues, int wrqPasswordColIdx)	Check permissions.

Methods inherited from class de.businesscode.bcdui.binding.write.WriteProcessingCallback

getParams, getValueBean, indexOf, initialize, setBindingSet, setParams, setValueBean

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

PARAM_NAME_PERMISSION

public static final String PARAM_NAME_PERMISSION

See Also:

• Constant Field Values

DEFAULT_PERMISSION

public static final String DEFAULT_PERMISSION

See Also:

• Constant Field Values

NO_PW_GIVEN_VALUE

public static final String NO_PW_GIVEN_VALUE

See Also:

• Constant Field Values

pwdInOrigWrq

protected boolean pwdInOrigWrq

passwordBi

protected BindingItem passwordBi

passwordSaltBi

protected BindingItem passwordSaltBi

columnsOfCaller

protected List<BindingItem> columnsOfCaller

columnsFull

protected List<BindingItem> columnsFull

columnsWoPwd

protected List<BindingItem> columnsWoPwd

columnTypesOfCaller

protected List<Integer> columnTypesOfCaller

columnTypesFull

protected List<Integer> columnTypesFull

columnTypesWoPwd

protected List<Integer> columnTypesWoPwd

con

protected Connection con

bsHasSalt

protected boolean bsHasSalt

subject

protected org.apache.shiro.subject.Subject subject

Constructor Details

SecUserTableWriteCallback

public SecUserTableWriteCallback()

Method Details

endHeader

public void endHeader(List<BindingItem> columns,
 List<Integer> columnTypes,
 Collection<String> keyColumnNames)
               throws Exception

Find out where our target columns are (pwd and salt), add salt if it is not present but password is and the BindingSet contains it

Overrides:

endHeader in class WriteProcessingCallback

Throws:

Exception

endDataRow

public void endDataRow(WriteProcessingCallback.ROW_TYPE rowType,
 List<String> cValues,
 List<String> oValues)
                throws Exception

Salt the password and save the hashed pwd and salt into their columns We are only allowed to write the password, if we have admin rights or provide the old password and change ourselves

Overrides:

endDataRow in class WriteProcessingCallback

Parameters:

rowType - depending on the rowtype cValues and oValues change semantics, i.e: wrs:C in wrs:I vs wrs:C in wrs:M

cValues - list of values of wrs:C columns

oValues - list of values of wrs:O columns

Throws:

Exception

isAllowed

protected boolean isAllowed(WriteProcessingCallback.ROW_TYPE wrqRowType,
 List<String> cValues,
 List<String> oValues,
 int wrqPasswordColIdx)
                     throws Exception

Check permissions. Either we are user-admin or are the user itself and know the old password

Parameters:

cValues -

oValues -

Returns:

Throws:

Exception