Skip to content
项目
群组
代码片段
帮助
正在加载...
帮助
为 GitLab 提交贡献
登录/注册
切换导航
H
h2database
项目
项目
详情
活动
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
分枝图
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
计划
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
折叠边栏
关闭边栏
活动
分枝图
统计图
创建新议题
作业
提交
议题看板
打开侧边栏
Administrator
h2database
Commits
b940440b
提交
b940440b
authored
5月 27, 2018
作者:
andrei
浏览文件
操作
浏览文件
下载
差异文件
Merge remote-tracking branch 'h2database/master' into txcommit-atomic
上级
a4640445
47ff9145
全部展开
隐藏空白字符变更
内嵌
并排
正在显示
41 个修改的文件
包含
1931 行增加
和
122 行删除
+1931
-122
help.csv
h2/src/docsrc/help/help.csv
+41
-13
features.html
h2/src/docsrc/html/features.html
+75
-0
CredentialsValidator.java
h2/src/main/org/h2/api/CredentialsValidator.java
+28
-0
ErrorCode.java
h2/src/main/org/h2/api/ErrorCode.java
+14
-1
UserToRolesMapper.java
h2/src/main/org/h2/api/UserToRolesMapper.java
+31
-0
Command.java
h2/src/main/org/h2/command/Command.java
+2
-2
CommandContainer.java
h2/src/main/org/h2/command/CommandContainer.java
+3
-2
CommandList.java
h2/src/main/org/h2/command/CommandList.java
+4
-2
Parser.java
h2/src/main/org/h2/command/Parser.java
+80
-84
MergeUsing.java
h2/src/main/org/h2/command/dml/MergeUsing.java
+0
-10
Set.java
h2/src/main/org/h2/command/dml/Set.java
+21
-0
SetTypes.java
h2/src/main/org/h2/command/dml/SetTypes.java
+7
-1
ConnectionInfo.java
h2/src/main/org/h2/engine/ConnectionInfo.java
+13
-2
Database.java
h2/src/main/org/h2/engine/Database.java
+24
-0
Engine.java
h2/src/main/org/h2/engine/Engine.java
+25
-4
RightOwner.java
h2/src/main/org/h2/engine/RightOwner.java
+23
-0
SysProperties.java
h2/src/main/org/h2/engine/SysProperties.java
+10
-0
UserBuilder.java
h2/src/main/org/h2/engine/UserBuilder.java
+23
-0
_messages_en.prop
h2/src/main/org/h2/res/_messages_en.prop
+1
-0
AuthConfigException.java
h2/src/main/org/h2/security/auth/AuthConfigException.java
+29
-0
AuthenticationException.java
...rc/main/org/h2/security/auth/AuthenticationException.java
+29
-0
AuthenticationInfo.java
h2/src/main/org/h2/security/auth/AuthenticationInfo.java
+82
-0
Authenticator.java
h2/src/main/org/h2/security/auth/Authenticator.java
+34
-0
AuthenticatorFactory.java
h2/src/main/org/h2/security/auth/AuthenticatorFactory.java
+16
-0
ConfigProperties.java
h2/src/main/org/h2/security/auth/ConfigProperties.java
+81
-0
Configurable.java
h2/src/main/org/h2/security/auth/Configurable.java
+17
-0
DefaultAuthenticator.java
h2/src/main/org/h2/security/auth/DefaultAuthenticator.java
+339
-0
H2AuthConfig.java
h2/src/main/org/h2/security/auth/H2AuthConfig.java
+73
-0
PropertyConfig.java
h2/src/main/org/h2/security/auth/PropertyConfig.java
+46
-0
RealmConfig.java
h2/src/main/org/h2/security/auth/RealmConfig.java
+51
-0
UserToRolesMapperConfig.java
...rc/main/org/h2/security/auth/UserToRolesMapperConfig.java
+40
-0
AssignRealmNameRole.java
...c/main/org/h2/security/auth/impl/AssignRealmNameRole.java
+43
-0
JaasCredentialsValidator.java
...n/org/h2/security/auth/impl/JaasCredentialsValidator.java
+84
-0
LdapCredentialsValidator.java
...n/org/h2/security/auth/impl/LdapCredentialsValidator.java
+72
-0
StaticRolesMapper.java
h2/src/main/org/h2/security/auth/impl/StaticRolesMapper.java
+51
-0
StaticUserCredentialsValidator.java
...h2/security/auth/impl/StaticUserCredentialsValidator.java
+73
-0
TestAll.java
h2/src/test/org/h2/test/TestAll.java
+2
-0
MyLoginModule.java
h2/src/test/org/h2/test/auth/MyLoginModule.java
+61
-0
TestAuthentication.java
h2/src/test/org/h2/test/auth/TestAuthentication.java
+256
-0
TestMergeUsing.java
h2/src/test/org/h2/test/db/TestMergeUsing.java
+1
-1
mergeUsing.sql
h2/src/test/org/h2/test/scripts/dml/mergeUsing.sql
+26
-0
没有找到文件。
h2/src/docsrc/help/help.csv
浏览文件 @
b940440b
...
@@ -45,11 +45,7 @@ SELECT * FROM (SELECT ID, COUNT(*) FROM TEST
...
@@ -45,11 +45,7 @@ SELECT * FROM (SELECT ID, COUNT(*) FROM TEST
"
"
"Commands (DML)","INSERT","
"Commands (DML)","INSERT","
INSERT INTO tableName
INSERT INTO tableName insertColumnsAndSource
{ [ ( columnName [,...] ) ]
{ VALUES { ( { DEFAULT | expression } [,...] ) } [,...]
| [ DIRECT ] [ SORTED ] select } } |
{ SET { columnName = { DEFAULT | expression } } [,...] }
","
","
Inserts a new row / new rows into a table.
Inserts a new row / new rows into a table.
...
@@ -61,9 +57,7 @@ INSERT INTO TEST VALUES(1, 'Hello')
...
@@ -61,9 +57,7 @@ INSERT INTO TEST VALUES(1, 'Hello')
"
"
"Commands (DML)","UPDATE","
"Commands (DML)","UPDATE","
UPDATE tableName [ [ AS ] newTableAlias ] SET
UPDATE tableName [ [ AS ] newTableAlias ] SET setClauseList
{ { columnName = { DEFAULT | expression } } [,...] } |
{ ( columnName [,...] ) = ( select ) }
[ WHERE expression ] [ ORDER BY order [,...] ] [ LIMIT expression ]
[ WHERE expression ] [ ORDER BY order [,...] ] [ LIMIT expression ]
","
","
Updates data in a table.
Updates data in a table.
...
@@ -74,7 +68,7 @@ UPDATE PERSON P SET NAME=(SELECT A.NAME FROM ADDRESS A WHERE A.ID=P.ID);
...
@@ -74,7 +68,7 @@ UPDATE PERSON P SET NAME=(SELECT A.NAME FROM ADDRESS A WHERE A.ID=P.ID);
"
"
"Commands (DML)","DELETE","
"Commands (DML)","DELETE","
DELETE [ TOP term ] FROM tableName
[ WHERE expression ] [ LIMIT term ]
DELETE [ TOP term ] FROM tableName
deleteSearchCondition
","
","
Deletes rows form a table.
Deletes rows form a table.
If TOP or LIMIT is specified, at most the specified number of rows are deleted (no limit if null or smaller than zero).
If TOP or LIMIT is specified, at most the specified number of rows are deleted (no limit if null or smaller than zero).
...
@@ -129,16 +123,19 @@ MERGE INTO TEST KEY(ID) VALUES(2, 'World')
...
@@ -129,16 +123,19 @@ MERGE INTO TEST KEY(ID) VALUES(2, 'World')
MERGE INTO targetTableName [ [AS] targetAlias]
MERGE INTO targetTableName [ [AS] targetAlias]
USING { ( select ) | sourceTableName }[ [AS] sourceAlias ]
USING { ( select ) | sourceTableName }[ [AS] sourceAlias ]
ON ( expression )
ON ( expression )
[ WHEN MATCHED THEN [ update ] [ delete] ]
[ WHEN MATCHED THEN
[ WHEN NOT MATCHED THEN insert ]
[ UPDATE SET setClauseList ] [ DELETE deleteSearchCondition ] ]
[ WHEN NOT MATCHED THEN INSERT insertColumnsAndSource ]
","
","
Updates or deletes existing rows, and insert rows that don't exist. The ON clause
Updates or deletes existing rows, and insert rows that don't exist. The ON clause
specifies the matching column expression and must be specified. If more than one row
specifies the matching column expression and must be specified. If more than one row
is updated per input row, an exception is thrown.
is updated per input row, an exception is thrown.
If the source data contains duplicate rows (specifically those columns used in the
If the source data contains duplicate rows (specifically those columns used in the
row matching ON clause), then an exception is thrown to prevent two updates applying
row matching ON clause), then an exception is thrown to prevent two updates applying
to the same target row. The embedded update, delete or insert statements can not re-specify
to the same target row.
the target table name.
WHEN MATCHED THEN or WHEN NOT MATCHED THEN clauses or both of them in any order should be specified.
If WHEN MATCHED THEN is specified it should contain UPDATE or DELETE clauses of both of them.
If statement doesn't need a source table a DUAL table can be substituted.
","
","
MERGE INTO TARGET_TABLE AS T USING SOURCE_TABLE AS S
MERGE INTO TARGET_TABLE AS T USING SOURCE_TABLE AS S
ON (T.ID = S.ID)
ON (T.ID = S.ID)
...
@@ -154,6 +151,9 @@ MERGE INTO TARGET_TABLE AS T USING (SELECT * FROM SOURCE_TABLE) AS S
...
@@ -154,6 +151,9 @@ MERGE INTO TARGET_TABLE AS T USING (SELECT * FROM SOURCE_TABLE) AS S
DELETE WHERE T.COL2='FINAL'
DELETE WHERE T.COL2='FINAL'
WHEN NOT MATCHED THEN
WHEN NOT MATCHED THEN
INSERT (ID,COL1,COL2) VALUES(S.ID,S.COL1,S.COL2)
INSERT (ID,COL1,COL2) VALUES(S.ID,S.COL1,S.COL2)
MERGE INTO TARGET_TABLE USING DUAL ON (ID = 1)
WHEN NOT MATCHED THEN INSERT (ID, NAME) VALUES (1, 'Test')
WHEN MATCHED THEN UPDATE SET NAME = 'Test'
"
"
"Commands (DML)","RUNSCRIPT","
"Commands (DML)","RUNSCRIPT","
...
@@ -2252,6 +2252,14 @@ SELECT CAST(0 AS DOUBLE)
...
@@ -2252,6 +2252,14 @@ SELECT CAST(0 AS DOUBLE)
SELECT -1.4e-10
SELECT -1.4e-10
"
"
"Other Grammar","Delete search condition","
[ WHERE expression ] [ LIMIT term ]
","
Search condition for DELETE statement.
","
WHERE ID = 2
"
"Other Grammar","Digit","
"Other Grammar","Digit","
0-9
0-9
","
","
...
@@ -2313,6 +2321,17 @@ the column in the same way.
...
@@ -2313,6 +2321,17 @@ the column in the same way.
NAME
NAME
"
"
"Other Grammar","Insert columns and source","
{ [ ( columnName [,...] ) ]
{ VALUES { ( { DEFAULT | expression } [,...] ) } [,...]
| [ DIRECT ] [ SORTED ] select } } |
{ SET { columnName = { DEFAULT | expression } } [,...] }
","
Names of columns and their values for INSERT statement.
","
(ID, NAME) VALUES (1, 'Test')
"
"Other Grammar","Int","
"Other Grammar","Int","
[ + | - ] number
[ + | - ] number
","
","
...
@@ -2438,6 +2457,15 @@ An expression in a SELECT statement.
...
@@ -2438,6 +2457,15 @@ An expression in a SELECT statement.
ID AS VALUE
ID AS VALUE
"
"
"Other Grammar","Set clause list","
{ { columnName = { DEFAULT | expression } } [,...] } |
{ ( columnName [,...] ) = ( select ) }
","
List of SET clauses.
","
NAME = 'Test', VALUE = 2
"
"Other Grammar","String","
"Other Grammar","String","
'anythingExceptSingleQuote'
'anythingExceptSingleQuote'
","
","
...
...
h2/src/docsrc/html/features.html
浏览文件 @
b940440b
...
@@ -83,6 +83,8 @@ Features
...
@@ -83,6 +83,8 @@ Features
Compacting a Database
</a><br
/>
Compacting a Database
</a><br
/>
<a
href=
"#cache_settings"
>
<a
href=
"#cache_settings"
>
Cache Settings
</a><br
/>
Cache Settings
</a><br
/>
<a
href=
"#external_authentication"
>
External Authentication (Experimental)
</a><br
/>
<h2
id=
"feature_list"
>
Feature List
</h2>
<h2
id=
"feature_list"
>
Feature List
</h2>
<h3>
Main Features
</h3>
<h3>
Main Features
</h3>
...
@@ -1826,6 +1828,79 @@ To get information about page reads and writes, and the current caching algorith
...
@@ -1826,6 +1828,79 @@ To get information about page reads and writes, and the current caching algorith
call
<code>
SELECT * FROM INFORMATION_SCHEMA.SETTINGS
</code>
. The number of pages read / written
call
<code>
SELECT * FROM INFORMATION_SCHEMA.SETTINGS
</code>
. The number of pages read / written
is listed.
is listed.
</p>
</p>
<h2
id=
"external_authentication"
>
External authentication (Experimental)
</h2>
<p>
External authentication allows to optionally validate user credentials externally (JAAS,LDAP,custom classes).
Is also possible to temporary assign roles to to externally authenticated users.
<b>
This feature is experimental and subject to change
</b>
</p>
<p>
Master user cannot be externally authenticated
</p>
<p>
To enable external authentication on a database execute statement
<code>
SET AUTHENTICATOR TRUE
</code>
. This setting in persisted on the database.
</p>
<p>
To connect on a database by using external credentials client must append
<code>
AUTHREALM=H2
</code>
to the database URL.
<code>
H2
</code>
is the identifier of the authentication realm (see later).
</p>
<p>
External authentication requires to send password to the server. For this reason is works only on local connection or remote over ssl
</p>
<p>
By default external authentication is performed through JAAS login interface (configuration name is
<code>
h2
</code>
).
To configure JAAS add argument
<code>
-Djava.security.auth.login.config=jaas.conf
</code>
Here an example of
<a
href=
"https://docs.oracle.com/javase/7/docs/technotes/guides/security/jgss/tutorials/LoginConfigFile.html"
>
JAAS login configuration file
</a>
content:
</p>
<pre>
h2 {
com.sun.security.auth.module.LdapLoginModule REQUIRED \
userProvider="ldap://127.0.0.1:10389" authIdentity="uid={USERNAME},ou=people,dc=example,dc=com" \
debug=true useSSL=false ;
};
</pre>
<p>
Is it possible to specify custom authentication settings by using
JVM argument
<code>
-Dh2auth.configurationFile={urlOfH2Auth.xml}
</code>
. Here an example of h2auth.xml file content:
</p>
<pre>
<
h2Auth allowUserRegistration="false" createMissingRoles="true"
>
<
!-- realm: DUMMY authenticate users named DUMMY[0-9] with a static password --
>
<
realm name="DUMMY"
validatorClass="org.h2.security.auth.impl.FixedPasswordCredentialsValidator"
>
<
property name="userNamePattern" value="DUMMY[0-9]" /
>
<
property name="password" value="mock" /
>
<
/realm
>
<
!-- realm LDAPEXAMPLE:perform credentials validation on LDAP --
>
<
realm name="LDAPEXAMPLE"
validatorClass="org.h2.security.auth.impl.LdapCredentialsValidator"
>
<
property name="bindDnPattern" value="uid=%u,ou=people,dc=example,dc=com" /
>
<
property name="host" value="127.0.0.1" /
>
<
property name="port" value="10389" /
>
<
property name="secure" value="false" /
>
<
/realm
>
<
!-- realm JAAS: perform credentials validation by using JAAS api --
>
<
realm name="JAAS"
validatorClass="org.h2.security.auth.impl.JaasCredentialsValidator"
>
<
property name="appName" value="H2" /
>
<
/realm
>
<
!--Assign to each user role @{REALM} --
>
<
userToRolesMapper class="org.h2.security.auth.impl.AssignRealmNameRole"/
>
<
!--Assign to each user role REMOTEUSER --
>
<
userToRolesMapper class="org.h2.security.auth.impl.StaticRolesMapper"
>
<
property name="roles" value="REMOTEUSER"/
>
<
/userToRolesMapper
>
<
/h2Auth
>
</pre>
<p>
Custom credentials validators must implement the interface
<code>
org.h2.api.CredentialsValidator
</code>
</p>
<p>
Custom criteria for role assignments must implement the interface
<code>
org.h2.api.UserToRoleMapper
</code>
</p>
<!-- [close] { -->
</div></td></tr></table>
<!-- } --><!-- analytics -->
</body></html>
<!-- [close] { -->
</div></td></tr></table>
<!-- } --><!-- analytics -->
</body></html>
h2/src/main/org/h2/api/CredentialsValidator.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
api
;
import
org.h2.security.auth.AuthenticationInfo
;
import
org.h2.security.auth.Configurable
;
/**
* A class that implement this interface can be used to validate
* credentials provided by client.
* <p>
* <b>This feature is experimental and subject to change</b>
* </p>
*/
public
interface
CredentialsValidator
extends
Configurable
{
/**
* Validate user credential
* @param authenticationInfo = authentication info
* @return true if credentials are valid, otherwise false
* @throws Exception any exception occurred (invalid credentials or internal issue) prevent user login
*/
boolean
validateCredentials
(
AuthenticationInfo
authenticationInfo
)
throws
Exception
;
}
h2/src/main/org/h2/api/ErrorCode.java
浏览文件 @
b940440b
...
@@ -1990,7 +1990,20 @@ public class ErrorCode {
...
@@ -1990,7 +1990,20 @@ public class ErrorCode {
*/
*/
public
static
final
int
ROW_NOT_FOUND_IN_PRIMARY_INDEX
=
90143
;
public
static
final
int
ROW_NOT_FOUND_IN_PRIMARY_INDEX
=
90143
;
// next are 90122, 90144
/**
* The error with code <code>90144</code> is thrown when
* user trying to login into a database with AUTHREALM set and
* the target database doesn't have an authenticator defined
* <p>Authenticator experimental feature can be enabled by
* </p>
* <pre>
* SET AUTHENTICATOR TRUE
* </pre>
*/
public
static
final
int
AUTHENTICATOR_NOT_AVAILABLE
=
90144
;
// next are 90122, 90145
private
ErrorCode
()
{
private
ErrorCode
()
{
// utility class
// utility class
...
...
h2/src/main/org/h2/api/UserToRolesMapper.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
api
;
import
java.util.Collection
;
import
java.util.Set
;
import
org.h2.security.auth.AuthenticationException
;
import
org.h2.security.auth.AuthenticationInfo
;
import
org.h2.security.auth.Configurable
;
/**
* A class that implement this interface can be used during
* authentication to map external users to database roles.
* <p>
* <b>This feature is experimental and subject to change</b>
* </p>
*/
public
interface
UserToRolesMapper
extends
Configurable
{
/**
* Map user identified by authentication info to a set of granted roles
* @param authenticationInfo
* @return list of roles to be assigned to the user temporary
* @throws AuthenticationException
*/
Collection
<
String
>
mapUserToRoles
(
AuthenticationInfo
authenticationInfo
)
throws
AuthenticationException
;
}
h2/src/main/org/h2/command/Command.java
浏览文件 @
b940440b
...
@@ -48,8 +48,8 @@ public abstract class Command implements CommandInterface {
...
@@ -48,8 +48,8 @@ public abstract class Command implements CommandInterface {
private
boolean
canReuse
;
private
boolean
canReuse
;
Command
(
Parser
parser
,
String
sql
)
{
Command
(
Session
session
,
String
sql
)
{
this
.
session
=
parser
.
getSession
()
;
this
.
session
=
session
;
this
.
sql
=
sql
;
this
.
sql
=
sql
;
trace
=
session
.
getDatabase
().
getTrace
(
Trace
.
COMMAND
);
trace
=
session
.
getDatabase
().
getTrace
(
Trace
.
COMMAND
);
}
}
...
...
h2/src/main/org/h2/command/CommandContainer.java
浏览文件 @
b940440b
...
@@ -9,6 +9,7 @@ import java.util.ArrayList;
...
@@ -9,6 +9,7 @@ import java.util.ArrayList;
import
org.h2.api.DatabaseEventListener
;
import
org.h2.api.DatabaseEventListener
;
import
org.h2.command.dml.Explain
;
import
org.h2.command.dml.Explain
;
import
org.h2.command.dml.Query
;
import
org.h2.command.dml.Query
;
import
org.h2.engine.Session
;
import
org.h2.expression.Parameter
;
import
org.h2.expression.Parameter
;
import
org.h2.expression.ParameterInterface
;
import
org.h2.expression.ParameterInterface
;
import
org.h2.result.ResultInterface
;
import
org.h2.result.ResultInterface
;
...
@@ -26,8 +27,8 @@ public class CommandContainer extends Command {
...
@@ -26,8 +27,8 @@ public class CommandContainer extends Command {
private
boolean
readOnlyKnown
;
private
boolean
readOnlyKnown
;
private
boolean
readOnly
;
private
boolean
readOnly
;
CommandContainer
(
Parser
parser
,
String
sql
,
Prepared
prepared
)
{
CommandContainer
(
Session
session
,
String
sql
,
Prepared
prepared
)
{
super
(
parser
,
sql
);
super
(
session
,
sql
);
prepared
.
setCommand
(
this
);
prepared
.
setCommand
(
this
);
this
.
prepared
=
prepared
;
this
.
prepared
=
prepared
;
}
}
...
...
h2/src/main/org/h2/command/CommandList.java
浏览文件 @
b940440b
...
@@ -6,6 +6,8 @@
...
@@ -6,6 +6,8 @@
package
org
.
h2
.
command
;
package
org
.
h2
.
command
;
import
java.util.ArrayList
;
import
java.util.ArrayList
;
import
org.h2.engine.Session
;
import
org.h2.expression.ParameterInterface
;
import
org.h2.expression.ParameterInterface
;
import
org.h2.result.ResultInterface
;
import
org.h2.result.ResultInterface
;
...
@@ -17,8 +19,8 @@ class CommandList extends Command {
...
@@ -17,8 +19,8 @@ class CommandList extends Command {
private
final
Command
command
;
private
final
Command
command
;
private
final
String
remaining
;
private
final
String
remaining
;
CommandList
(
Parser
parser
,
String
sql
,
Command
c
,
String
remaining
)
{
CommandList
(
Session
session
,
String
sql
,
Command
c
,
String
remaining
)
{
super
(
parser
,
sql
);
super
(
session
,
sql
);
this
.
command
=
c
;
this
.
command
=
c
;
this
.
remaining
=
remaining
;
this
.
remaining
=
remaining
;
}
}
...
...
h2/src/main/org/h2/command/Parser.java
浏览文件 @
b940440b
差异被折叠。
点击展开。
h2/src/main/org/h2/command/dml/MergeUsing.java
浏览文件 @
b940440b
...
@@ -390,31 +390,21 @@ public class MergeUsing extends Prepared {
...
@@ -390,31 +390,21 @@ public class MergeUsing extends Prepared {
query
.
prepare
();
query
.
prepare
();
}
}
int
embeddedStatementsCount
=
0
;
// Prepare each of the sub-commands ready to aid in the MERGE
// Prepare each of the sub-commands ready to aid in the MERGE
// collaboration
// collaboration
if
(
updateCommand
!=
null
)
{
if
(
updateCommand
!=
null
)
{
updateCommand
.
setSourceTableFilter
(
sourceTableFilter
);
updateCommand
.
setSourceTableFilter
(
sourceTableFilter
);
updateCommand
.
setCondition
(
appendOnCondition
(
updateCommand
));
updateCommand
.
setCondition
(
appendOnCondition
(
updateCommand
));
updateCommand
.
prepare
();
updateCommand
.
prepare
();
embeddedStatementsCount
++;
}
}
if
(
deleteCommand
!=
null
)
{
if
(
deleteCommand
!=
null
)
{
deleteCommand
.
setSourceTableFilter
(
sourceTableFilter
);
deleteCommand
.
setSourceTableFilter
(
sourceTableFilter
);
deleteCommand
.
setCondition
(
appendOnCondition
(
deleteCommand
));
deleteCommand
.
setCondition
(
appendOnCondition
(
deleteCommand
));
deleteCommand
.
prepare
();
deleteCommand
.
prepare
();
embeddedStatementsCount
++;
}
}
if
(
insertCommand
!=
null
)
{
if
(
insertCommand
!=
null
)
{
insertCommand
.
setSourceTableFilter
(
sourceTableFilter
);
insertCommand
.
setSourceTableFilter
(
sourceTableFilter
);
insertCommand
.
prepare
();
insertCommand
.
prepare
();
embeddedStatementsCount
++;
}
if
(
embeddedStatementsCount
==
0
)
{
throw
DbException
.
get
(
ErrorCode
.
SYNTAX_ERROR_1
,
"At least UPDATE, DELETE or INSERT embedded statement must be supplied."
);
}
}
// setup the targetMatchQuery - for detecting if the target row exists
// setup the targetMatchQuery - for detecting if the target row exists
...
...
h2/src/main/org/h2/command/dml/Set.java
浏览文件 @
b940440b
...
@@ -18,9 +18,11 @@ import org.h2.engine.Setting;
...
@@ -18,9 +18,11 @@ import org.h2.engine.Setting;
import
org.h2.expression.Expression
;
import
org.h2.expression.Expression
;
import
org.h2.expression.ValueExpression
;
import
org.h2.expression.ValueExpression
;
import
org.h2.message.DbException
;
import
org.h2.message.DbException
;
import
org.h2.message.Trace
;
import
org.h2.result.ResultInterface
;
import
org.h2.result.ResultInterface
;
import
org.h2.result.RowFactory
;
import
org.h2.result.RowFactory
;
import
org.h2.schema.Schema
;
import
org.h2.schema.Schema
;
import
org.h2.security.auth.AuthenticatorFactory
;
import
org.h2.table.Table
;
import
org.h2.table.Table
;
import
org.h2.tools.CompressTool
;
import
org.h2.tools.CompressTool
;
import
org.h2.util.JdbcUtils
;
import
org.h2.util.JdbcUtils
;
...
@@ -540,6 +542,25 @@ public class Set extends Prepared {
...
@@ -540,6 +542,25 @@ public class Set extends Prepared {
session
.
getColumnNamerConfiguration
().
configure
(
expression
.
getColumnName
());
session
.
getColumnNamerConfiguration
().
configure
(
expression
.
getColumnName
());
break
;
break
;
}
}
case
SetTypes
.
AUTHENTICATOR
:
{
session
.
getUser
().
checkAdmin
();
try
{
if
(
expression
.
getBooleanValue
(
session
))
{
database
.
setAuthenticator
(
AuthenticatorFactory
.
createAuthenticator
());
}
else
{
database
.
setAuthenticator
(
null
);
}
addOrUpdateSetting
(
name
,
expression
.
getValue
(
session
).
getString
(),
0
);
}
catch
(
Exception
e
)
{
//Errors during start are ignored to allow to open the database
if
(
database
.
isStarting
())
{
database
.
getTrace
(
Trace
.
DATABASE
).
error
(
e
,
"{0}: failed to set authenticator during database start "
,
expression
.
toString
());
}
else
{
throw
DbException
.
convert
(
e
);
}
}
break
;
}
default
:
default
:
DbException
.
throwInternalError
(
"type="
+
type
);
DbException
.
throwInternalError
(
"type="
+
type
);
}
}
...
...
h2/src/main/org/h2/command/dml/SetTypes.java
浏览文件 @
b940440b
...
@@ -252,7 +252,12 @@ public class SetTypes {
...
@@ -252,7 +252,12 @@ public class SetTypes {
*/
*/
public
static
final
int
COLUMN_NAME_RULES
=
48
;
public
static
final
int
COLUMN_NAME_RULES
=
48
;
private
static
final
int
COUNT
=
COLUMN_NAME_RULES
+
1
;
/**
* The type of a SET AUTHENTICATOR statement.
*/
public
static
final
int
AUTHENTICATOR
=
49
;
private
static
final
int
COUNT
=
AUTHENTICATOR
+
1
;
private
static
final
ArrayList
<
String
>
TYPES
;
private
static
final
ArrayList
<
String
>
TYPES
;
...
@@ -311,6 +316,7 @@ public class SetTypes {
...
@@ -311,6 +316,7 @@ public class SetTypes {
list
.
add
(
LAZY_QUERY_EXECUTION
,
"LAZY_QUERY_EXECUTION"
);
list
.
add
(
LAZY_QUERY_EXECUTION
,
"LAZY_QUERY_EXECUTION"
);
list
.
add
(
BUILTIN_ALIAS_OVERRIDE
,
"BUILTIN_ALIAS_OVERRIDE"
);
list
.
add
(
BUILTIN_ALIAS_OVERRIDE
,
"BUILTIN_ALIAS_OVERRIDE"
);
list
.
add
(
COLUMN_NAME_RULES
,
"COLUMN_NAME_RULES"
);
list
.
add
(
COLUMN_NAME_RULES
,
"COLUMN_NAME_RULES"
);
list
.
add
(
AUTHENTICATOR
,
"AUTHENTICATOR"
);
TYPES
=
list
;
TYPES
=
list
;
}
}
...
...
h2/src/main/org/h2/engine/ConnectionInfo.java
浏览文件 @
b940440b
...
@@ -74,9 +74,9 @@ public class ConnectionInfo implements Cloneable {
...
@@ -74,9 +74,9 @@ public class ConnectionInfo implements Cloneable {
readProperties
(
info
);
readProperties
(
info
);
readSettingsFromURL
();
readSettingsFromURL
();
setUserName
(
removeProperty
(
"USER"
,
""
));
setUserName
(
removeProperty
(
"USER"
,
""
));
convertPasswords
();
name
=
url
.
substring
(
Constants
.
START_URL
.
length
());
name
=
url
.
substring
(
Constants
.
START_URL
.
length
());
parseName
();
parseName
();
convertPasswords
();
String
recoverTest
=
removeProperty
(
"RECOVER_TEST"
,
null
);
String
recoverTest
=
removeProperty
(
"RECOVER_TEST"
,
null
);
if
(
recoverTest
!=
null
)
{
if
(
recoverTest
!=
null
)
{
FilePathRec
.
register
();
FilePathRec
.
register
();
...
@@ -95,7 +95,7 @@ public class ConnectionInfo implements Cloneable {
...
@@ -95,7 +95,7 @@ public class ConnectionInfo implements Cloneable {
"IFEXISTS"
,
"INIT"
,
"PASSWORD"
,
"RECOVER"
,
"RECOVER_TEST"
,
"IFEXISTS"
,
"INIT"
,
"PASSWORD"
,
"RECOVER"
,
"RECOVER_TEST"
,
"USER"
,
"AUTO_SERVER"
,
"AUTO_SERVER_PORT"
,
"NO_UPGRADE"
,
"USER"
,
"AUTO_SERVER"
,
"AUTO_SERVER_PORT"
,
"NO_UPGRADE"
,
"AUTO_RECONNECT"
,
"OPEN_NEW"
,
"PAGE_SIZE"
,
"PASSWORD_HASH"
,
"JMX"
,
"AUTO_RECONNECT"
,
"OPEN_NEW"
,
"PAGE_SIZE"
,
"PASSWORD_HASH"
,
"JMX"
,
"SCOPE_GENERATED_KEYS"
};
"SCOPE_GENERATED_KEYS"
,
"AUTHREALM"
,
"AUTHZPWD"
};
HashSet
<
String
>
set
=
new
HashSet
<>(
128
);
HashSet
<
String
>
set
=
new
HashSet
<>(
128
);
set
.
addAll
(
SetTypes
.
getTypes
());
set
.
addAll
(
SetTypes
.
getTypes
());
for
(
String
key
:
connectionTime
)
{
for
(
String
key
:
connectionTime
)
{
...
@@ -274,8 +274,15 @@ public class ConnectionInfo implements Cloneable {
...
@@ -274,8 +274,15 @@ public class ConnectionInfo implements Cloneable {
}
}
}
}
private
void
preservePasswordForAuthentication
(
Object
password
)
{
if
((!
isRemote
()
||
isSSL
())
&&
prop
.
containsKey
(
"AUTHREALM"
)
&&
password
!=
null
)
{
prop
.
put
(
"AUTHZPWD"
,
password
);
}
}
private
char
[]
removePassword
()
{
private
char
[]
removePassword
()
{
Object
p
=
prop
.
remove
(
"PASSWORD"
);
Object
p
=
prop
.
remove
(
"PASSWORD"
);
preservePasswordForAuthentication
(
p
);
if
(
p
==
null
)
{
if
(
p
==
null
)
{
return
new
char
[
0
];
return
new
char
[
0
];
}
else
if
(
p
instanceof
char
[])
{
}
else
if
(
p
instanceof
char
[])
{
...
@@ -657,4 +664,8 @@ public class ConnectionInfo implements Cloneable {
...
@@ -657,4 +664,8 @@ public class ConnectionInfo implements Cloneable {
return
url
;
return
url
;
}
}
public
void
cleanAuthenticationInfo
()
{
removeProperty
(
"AUTHREALM"
,
false
);
removeProperty
(
"AUTHZPWD"
,
false
);
}
}
}
h2/src/main/org/h2/engine/Database.java
浏览文件 @
b940440b
...
@@ -20,6 +20,7 @@ import java.util.concurrent.ConcurrentHashMap;
...
@@ -20,6 +20,7 @@ import java.util.concurrent.ConcurrentHashMap;
import
java.util.concurrent.TimeUnit
;
import
java.util.concurrent.TimeUnit
;
import
java.util.concurrent.atomic.AtomicLong
;
import
java.util.concurrent.atomic.AtomicLong
;
import
java.util.concurrent.atomic.AtomicReference
;
import
java.util.concurrent.atomic.AtomicReference
;
import
org.h2.api.DatabaseEventListener
;
import
org.h2.api.DatabaseEventListener
;
import
org.h2.api.ErrorCode
;
import
org.h2.api.ErrorCode
;
import
org.h2.api.JavaObjectSerializer
;
import
org.h2.api.JavaObjectSerializer
;
...
@@ -43,6 +44,8 @@ import org.h2.schema.Schema;
...
@@ -43,6 +44,8 @@ import org.h2.schema.Schema;
import
org.h2.schema.SchemaObject
;
import
org.h2.schema.SchemaObject
;
import
org.h2.schema.Sequence
;
import
org.h2.schema.Sequence
;
import
org.h2.schema.TriggerObject
;
import
org.h2.schema.TriggerObject
;
import
org.h2.security.auth.Authenticator
;
import
org.h2.security.auth.AuthenticatorFactory
;
import
org.h2.store.DataHandler
;
import
org.h2.store.DataHandler
;
import
org.h2.store.FileLock
;
import
org.h2.store.FileLock
;
import
org.h2.store.FileLockMethod
;
import
org.h2.store.FileLockMethod
;
...
@@ -225,6 +228,8 @@ public class Database implements DataHandler {
...
@@ -225,6 +228,8 @@ public class Database implements DataHandler {
private
QueryStatisticsData
queryStatisticsData
;
private
QueryStatisticsData
queryStatisticsData
;
private
RowFactory
rowFactory
=
RowFactory
.
DEFAULT
;
private
RowFactory
rowFactory
=
RowFactory
.
DEFAULT
;
private
Authenticator
authenticator
;
public
Database
(
ConnectionInfo
ci
,
String
cipher
)
{
public
Database
(
ConnectionInfo
ci
,
String
cipher
)
{
if
(
ASSERT
)
{
if
(
ASSERT
)
{
META_LOCK_DEBUGGING
.
set
(
null
);
META_LOCK_DEBUGGING
.
set
(
null
);
...
@@ -2973,4 +2978,23 @@ public class Database implements DataHandler {
...
@@ -2973,4 +2978,23 @@ public class Database implements DataHandler {
return
engine
;
return
engine
;
}
}
/**
* get authenticator for database users
* @return authenticator set for database
*/
public
Authenticator
getAuthenticator
()
{
return
authenticator
;
}
/**
* Set current database authenticator
*
* @param authenticator = authenticator to set, null to revert to the Internal authenticator
*/
public
void
setAuthenticator
(
Authenticator
authenticator
)
{
if
(
authenticator
!=
null
)
{
authenticator
.
init
(
this
);
};
this
.
authenticator
=
authenticator
;
}
}
}
h2/src/main/org/h2/engine/Engine.java
浏览文件 @
b940440b
...
@@ -14,6 +14,9 @@ import org.h2.command.Parser;
...
@@ -14,6 +14,9 @@ import org.h2.command.Parser;
import
org.h2.command.dml.SetTypes
;
import
org.h2.command.dml.SetTypes
;
import
org.h2.message.DbException
;
import
org.h2.message.DbException
;
import
org.h2.message.Trace
;
import
org.h2.message.Trace
;
import
org.h2.security.auth.AuthenticationException
;
import
org.h2.security.auth.AuthenticationInfo
;
import
org.h2.security.auth.Authenticator
;
import
org.h2.store.FileLock
;
import
org.h2.store.FileLock
;
import
org.h2.store.FileLockMethod
;
import
org.h2.store.FileLockMethod
;
import
org.h2.util.MathUtils
;
import
org.h2.util.MathUtils
;
...
@@ -90,10 +93,26 @@ public class Engine implements SessionFactory {
...
@@ -90,10 +93,26 @@ public class Engine implements SessionFactory {
}
}
if
(
user
==
null
)
{
if
(
user
==
null
)
{
if
(
database
.
validateFilePasswordHash
(
cipher
,
ci
.
getFilePasswordHash
()))
{
if
(
database
.
validateFilePasswordHash
(
cipher
,
ci
.
getFilePasswordHash
()))
{
user
=
database
.
findUser
(
ci
.
getUserName
());
if
(
ci
.
getProperty
(
"AUTHREALM"
)==
null
)
{
if
(
user
!=
null
)
{
user
=
database
.
findUser
(
ci
.
getUserName
());
if
(!
user
.
validateUserPasswordHash
(
ci
.
getUserPasswordHash
()))
{
if
(
user
!=
null
)
{
user
=
null
;
if
(!
user
.
validateUserPasswordHash
(
ci
.
getUserPasswordHash
()))
{
user
=
null
;
}
}
}
else
{
Authenticator
authenticator
=
database
.
getAuthenticator
();
if
(
authenticator
==
null
)
{
throw
DbException
.
get
(
ErrorCode
.
AUTHENTICATOR_NOT_AVAILABLE
,
name
);
}
else
{
try
{
AuthenticationInfo
authenticationInfo
=
new
AuthenticationInfo
(
ci
);
user
=
database
.
getAuthenticator
().
authenticate
(
authenticationInfo
,
database
);
}
catch
(
AuthenticationException
authenticationError
)
{
database
.
getTrace
(
Trace
.
DATABASE
).
error
(
authenticationError
,
"an error occurred during authentication; user: \""
+
ci
.
getUserName
()
+
"\""
);
}
}
}
}
}
}
}
...
@@ -110,6 +129,8 @@ public class Engine implements SessionFactory {
...
@@ -110,6 +129,8 @@ public class Engine implements SessionFactory {
database
.
removeSession
(
null
);
database
.
removeSession
(
null
);
throw
er
;
throw
er
;
}
}
//Prevent to set _PASSWORD
ci
.
cleanAuthenticationInfo
();
checkClustering
(
ci
,
database
);
checkClustering
(
ci
,
database
);
Session
session
=
database
.
createSession
(
user
);
Session
session
=
database
.
createSession
(
user
);
if
(
session
==
null
)
{
if
(
session
==
null
)
{
...
...
h2/src/main/org/h2/engine/RightOwner.java
浏览文件 @
b940440b
...
@@ -5,7 +5,10 @@
...
@@ -5,7 +5,10 @@
*/
*/
package
org
.
h2
.
engine
;
package
org
.
h2
.
engine
;
import
java.util.ArrayList
;
import
java.util.HashMap
;
import
java.util.HashMap
;
import
java.util.List
;
import
java.util.Map.Entry
;
import
org.h2.table.Table
;
import
org.h2.table.Table
;
...
@@ -150,6 +153,26 @@ public abstract class RightOwner extends DbObjectBase {
...
@@ -150,6 +153,26 @@ public abstract class RightOwner extends DbObjectBase {
grantedRoles
=
null
;
grantedRoles
=
null
;
}
}
}
}
/**
* Remove all the temporary rights granted on roles
*/
public
void
revokeTemporaryRightsOnRoles
()
{
if
(
grantedRoles
==
null
)
{
return
;
}
List
<
Role
>
rolesToRemove
=
new
ArrayList
<>();
for
(
Entry
<
Role
,
Right
>
currentEntry
:
grantedRoles
.
entrySet
())
{
if
(
currentEntry
.
getValue
().
isTemporary
()
||
!
currentEntry
.
getValue
().
isValid
())
{
rolesToRemove
.
add
(
currentEntry
.
getKey
());
}
}
for
(
Role
currentRoleToRemove
:
rolesToRemove
)
{
revokeRole
(
currentRoleToRemove
);
}
}
/**
/**
* Get the 'grant schema' right of this object.
* Get the 'grant schema' right of this object.
...
...
h2/src/main/org/h2/engine/SysProperties.java
浏览文件 @
b940440b
...
@@ -555,6 +555,16 @@ public class SysProperties {
...
@@ -555,6 +555,16 @@ public class SysProperties {
public
static
final
String
CUSTOM_DATA_TYPES_HANDLER
=
public
static
final
String
CUSTOM_DATA_TYPES_HANDLER
=
Utils
.
getProperty
(
"h2.customDataTypesHandler"
,
null
);
Utils
.
getProperty
(
"h2.customDataTypesHandler"
,
null
);
/**
* System property <code>h2.authConfigFile</code>
* (default: null).<br />
* authConfigFile define the URL of configuration file
* of {@link org.h2.security.auth.DefaultAuthenticator}
*
*/
public
static
final
String
AUTH_CONFIG_FILE
=
Utils
.
getProperty
(
"h2.authConfigFile"
,
null
);
private
static
final
String
H2_BASE_DIR
=
"h2.baseDir"
;
private
static
final
String
H2_BASE_DIR
=
"h2.baseDir"
;
private
SysProperties
()
{
private
SysProperties
()
{
...
...
h2/src/main/org/h2/engine/UserBuilder.java
0 → 100644
浏览文件 @
b940440b
package
org
.
h2
.
engine
;
import
org.h2.security.auth.AuthenticationInfo
;
import
org.h2.util.MathUtils
;
public
class
UserBuilder
{
/**
* build the database user starting from authentication informations
* @param authenticationInfo = authentication info
* @param database = target database
* @param persistent = true if the user will be persisted in the database
* @return user bean
*/
public
static
User
buildUser
(
AuthenticationInfo
authenticationInfo
,
Database
database
,
boolean
persistent
)
{
User
user
=
new
User
(
database
,
persistent
?
database
.
allocateObjectId
()
:
-
1
,
authenticationInfo
.
getFullyQualifiedName
(),
false
);
//In case of external authentication fill the password hash with random data
user
.
setUserPasswordHash
(
authenticationInfo
.
getRealm
()==
null
?
authenticationInfo
.
getConnectionInfo
().
getUserPasswordHash
():
MathUtils
.
secureRandomBytes
(
64
));
user
.
setTemporary
(!
persistent
);
return
user
;
}
}
h2/src/main/org/h2/res/_messages_en.prop
浏览文件 @
b940440b
...
@@ -174,6 +174,7 @@
...
@@ -174,6 +174,7 @@
90141=Serializer cannot be changed because there is a data table: {0}
90141=Serializer cannot be changed because there is a data table: {0}
90142=Step size must not be zero
90142=Step size must not be zero
90143=Row {1} not found in primary index {0}
90143=Row {1} not found in primary index {0}
90144=Authenticator not enabled on database {0}
HY000=General error: {0}
HY000=General error: {0}
HY004=Unknown data type: {0}
HY004=Unknown data type: {0}
HYC00=Feature not supported: {0}
HYC00=Feature not supported: {0}
...
...
h2/src/main/org/h2/security/auth/AuthConfigException.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
;
/**
* Exception thrown when an issue occurs during the authentication configuration
*
*/
public
class
AuthConfigException
extends
RuntimeException
{
public
AuthConfigException
()
{
super
();
}
public
AuthConfigException
(
String
message
)
{
super
(
message
);
}
public
AuthConfigException
(
Throwable
cause
)
{
super
(
cause
);
}
public
AuthConfigException
(
String
message
,
Throwable
cause
)
{
super
(
message
,
cause
);
}
}
h2/src/main/org/h2/security/auth/AuthenticationException.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
;
/**
* Exception thrown in case of errors during authentication
*/
public
class
AuthenticationException
extends
Exception
{
public
AuthenticationException
()
{
super
();
}
public
AuthenticationException
(
String
message
)
{
super
(
message
);
}
public
AuthenticationException
(
Throwable
cause
)
{
super
(
cause
);
}
public
AuthenticationException
(
String
message
,
Throwable
cause
)
{
super
(
message
,
cause
);
}
}
h2/src/main/org/h2/security/auth/AuthenticationInfo.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
;
import
org.h2.engine.ConnectionInfo
;
import
org.h2.util.StringUtils
;
/**
* Input data for authenticators; it wraps ConnectionInfo
*/
public
class
AuthenticationInfo
{
private
ConnectionInfo
connectionInfo
;
private
String
password
;
private
String
realm
;
/*
* Can be used by authenticator to hold informations
*/
Object
nestedIdentity
;
public
AuthenticationInfo
(
ConnectionInfo
connectionInfo
)
{
this
.
connectionInfo
=
connectionInfo
;
this
.
realm
=
connectionInfo
.
getProperty
(
"AUTHREALM"
,
null
);
if
(
this
.
realm
!=
null
)
{
this
.
realm
=
StringUtils
.
toUpperEnglish
(
this
.
realm
);
}
this
.
password
=
connectionInfo
.
getProperty
(
"AUTHZPWD"
,
null
);
}
public
String
getUserName
()
{
return
connectionInfo
.
getUserName
();
}
public
String
getRealm
()
{
return
realm
;
}
public
String
getPassword
()
{
return
password
;
}
public
ConnectionInfo
getConnectionInfo
()
{
return
connectionInfo
;
}
public
String
getFullyQualifiedName
()
{
if
(
realm
==
null
)
{
return
connectionInfo
.
getUserName
();
}
else
{
return
connectionInfo
.
getUserName
()+
"@"
+
realm
;
}
}
/**
* get nested identity
* @return
*/
public
Object
getNestedIdentity
()
{
return
nestedIdentity
;
}
/**
* Method used by authenticators to hold informations about authenticated user
* @param nestedIdentity = nested identity object
*/
public
void
setNestedIdentity
(
Object
nestedIdentity
)
{
this
.
nestedIdentity
=
nestedIdentity
;
}
public
void
clean
()
{
this
.
password
=
null
;
this
.
nestedIdentity
=
null
;
connectionInfo
.
cleanAuthenticationInfo
();
}
}
h2/src/main/org/h2/security/auth/Authenticator.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
;
import
org.h2.engine.Database
;
import
org.h2.engine.User
;
/**
* Low level interface to implement full authentication process
*/
public
interface
Authenticator
{
/**
* perform user authentication
*
* @param authenticationInfo
* @param database
* @return valid database user or null if user doesn't exists in the database
* @throws AuthenticationException
*/
User
authenticate
(
AuthenticationInfo
authenticationInfo
,
Database
database
)
throws
AuthenticationException
;
/**
* Initialize the authenticator. This method is invoked by databases when the authenticator is set
* when the authenticator is set.
* @param database = target database
* @throws AuthConfigException
*/
void
init
(
Database
database
)
throws
AuthConfigException
;
}
h2/src/main/org/h2/security/auth/AuthenticatorFactory.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
;
/**
* Authenticator factory
*/
public
class
AuthenticatorFactory
{
public
static
Authenticator
createAuthenticator
()
{
return
DefaultAuthenticator
.
getInstance
();
}
}
h2/src/main/org/h2/security/auth/ConfigProperties.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
;
import
java.util.Arrays
;
import
java.util.Collection
;
import
java.util.HashMap
;
import
java.util.Map
;
import
org.h2.util.Utils
;
/**
* wrapper for configuration properties
*/
public
class
ConfigProperties
{
private
Map
<
String
,
String
>
properties
;
public
ConfigProperties
()
{
properties
=
new
HashMap
<>();
}
public
ConfigProperties
(
PropertyConfig
...
configProperties
)
{
this
(
configProperties
==
null
?
null
:
Arrays
.
asList
(
configProperties
));
}
public
ConfigProperties
(
Collection
<
PropertyConfig
>
configProperties
)
{
properties
=
new
HashMap
<>();
if
(
properties
!=
null
)
{
for
(
PropertyConfig
currentProperty
:
configProperties
)
{
if
(
properties
.
put
(
currentProperty
.
getName
(),
currentProperty
.
getValue
())!=
null
)
{
throw
new
AuthConfigException
(
"duplicate property "
+
currentProperty
.
getName
());
}
}
}
}
public
String
getStringValue
(
String
name
,
String
defaultValue
)
{
String
result
=
properties
.
get
(
name
);
if
(
result
==
null
)
{
return
defaultValue
;
}
return
result
;
}
public
String
getStringValue
(
String
name
)
{
String
result
=
properties
.
get
(
name
);
if
(
result
==
null
)
{
throw
new
AuthConfigException
(
"missing config property "
+
name
);
}
return
result
;
}
public
int
getIntValue
(
String
name
,
int
defaultValue
)
{
String
result
=
properties
.
get
(
name
);
if
(
result
==
null
)
{
return
defaultValue
;
}
return
Integer
.
parseInt
(
result
);
}
public
int
getIntValue
(
String
name
)
{
String
result
=
properties
.
get
(
name
);
if
(
result
==
null
)
{
throw
new
AuthConfigException
(
"missing config property "
+
name
);
}
return
Integer
.
parseInt
(
result
);
}
public
boolean
getBooleanValue
(
String
name
,
boolean
defaultValue
)
{
String
result
=
properties
.
get
(
name
);
if
(
result
==
null
)
{
return
defaultValue
;
}
return
Utils
.
parseBoolean
(
result
,
defaultValue
,
true
);
}
}
h2/src/main/org/h2/security/auth/Configurable.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
;
/**
* describe how to perform objects runtime configuration
*/
public
interface
Configurable
{
/**
* configure the component
* @param configProperties = configuration properties
*/
void
configure
(
ConfigProperties
configProperties
);
}
h2/src/main/org/h2/security/auth/DefaultAuthenticator.java
0 → 100644
浏览文件 @
b940440b
差异被折叠。
点击展开。
h2/src/main/org/h2/security/auth/H2AuthConfig.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
;
import
java.util.ArrayList
;
import
java.util.List
;
import
javax.xml.bind.annotation.XmlAccessType
;
import
javax.xml.bind.annotation.XmlAccessorType
;
import
javax.xml.bind.annotation.XmlAttribute
;
import
javax.xml.bind.annotation.XmlElement
;
import
javax.xml.bind.annotation.XmlRootElement
;
/**
* Describe configuration of H2 DefaultAuthenticator
*/
@XmlRootElement
(
name
=
"h2Auth"
)
@XmlAccessorType
(
XmlAccessType
.
FIELD
)
public
class
H2AuthConfig
{
@XmlAttribute
private
boolean
allowUserRegistration
=
true
;
public
boolean
isAllowUserRegistration
()
{
return
allowUserRegistration
;
}
public
void
setAllowUserRegistration
(
boolean
allowUserRegistration
)
{
this
.
allowUserRegistration
=
allowUserRegistration
;
}
@XmlAttribute
boolean
createMissingRoles
=
true
;
public
boolean
isCreateMissingRoles
()
{
return
createMissingRoles
;
}
public
void
setCreateMissingRoles
(
boolean
createMissingRoles
)
{
this
.
createMissingRoles
=
createMissingRoles
;
}
@XmlElement
(
name
=
"realm"
)
List
<
RealmConfig
>
realms
;
public
List
<
RealmConfig
>
getRealms
()
{
if
(
realms
==
null
)
{
realms
=
new
ArrayList
<>();
}
return
realms
;
}
public
void
setRealms
(
List
<
RealmConfig
>
realms
)
{
this
.
realms
=
realms
;
}
@XmlElement
(
name
=
"userToRolesMapper"
)
List
<
UserToRolesMapperConfig
>
userToRolesMappers
;
public
List
<
UserToRolesMapperConfig
>
getUserToRolesMappers
()
{
if
(
userToRolesMappers
==
null
)
{
userToRolesMappers
=
new
ArrayList
<>();
}
return
userToRolesMappers
;
}
public
void
setUserToRolesMappers
(
List
<
UserToRolesMapperConfig
>
userToRolesMappers
)
{
this
.
userToRolesMappers
=
userToRolesMappers
;
}
}
h2/src/main/org/h2/security/auth/PropertyConfig.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
;
import
javax.xml.bind.annotation.XmlAccessType
;
import
javax.xml.bind.annotation.XmlAccessorType
;
import
javax.xml.bind.annotation.XmlAttribute
;
/**
* Configuration property
*/
@XmlAccessorType
(
XmlAccessType
.
FIELD
)
public
class
PropertyConfig
{
@XmlAttribute
(
required
=
true
)
private
String
name
;
@XmlAttribute
private
String
value
;
public
PropertyConfig
()
{
}
public
PropertyConfig
(
String
name
,
String
value
)
{
this
.
name
=
name
;
this
.
value
=
value
;
}
public
String
getName
()
{
return
name
;
}
public
void
setName
(
String
name
)
{
this
.
name
=
name
;
}
public
String
getValue
()
{
return
value
;
}
public
void
setValue
(
String
value
)
{
this
.
value
=
value
;
}
}
h2/src/main/org/h2/security/auth/RealmConfig.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
;
import
java.util.ArrayList
;
import
java.util.List
;
import
javax.xml.bind.annotation.XmlAccessType
;
import
javax.xml.bind.annotation.XmlAccessorType
;
import
javax.xml.bind.annotation.XmlAttribute
;
import
javax.xml.bind.annotation.XmlElement
;
@XmlAccessorType
(
XmlAccessType
.
FIELD
)
public
class
RealmConfig
{
@XmlAttribute
(
required
=
true
)
private
String
name
;
public
String
getName
()
{
return
name
;
}
public
void
setName
(
String
name
)
{
this
.
name
=
name
;
}
@XmlAttribute
(
required
=
true
)
String
validatorClass
;
public
String
getValidatorClass
()
{
return
validatorClass
;
}
public
void
setValidatorClass
(
String
validatorClass
)
{
this
.
validatorClass
=
validatorClass
;
}
@XmlElement
(
name
=
"property"
)
List
<
PropertyConfig
>
properties
;
public
List
<
PropertyConfig
>
getProperties
()
{
if
(
properties
==
null
)
{
properties
=
new
ArrayList
<>();
}
return
properties
;
}
}
h2/src/main/org/h2/security/auth/UserToRolesMapperConfig.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
;
import
java.util.ArrayList
;
import
java.util.List
;
import
javax.xml.bind.annotation.XmlAccessType
;
import
javax.xml.bind.annotation.XmlAccessorType
;
import
javax.xml.bind.annotation.XmlAttribute
;
import
javax.xml.bind.annotation.XmlElement
;
@XmlAccessorType
(
XmlAccessType
.
FIELD
)
public
class
UserToRolesMapperConfig
{
@XmlAttribute
(
required
=
true
,
name
=
"class"
)
private
String
className
;
@XmlElement
(
name
=
"property"
)
private
List
<
PropertyConfig
>
properties
;
public
String
getClassName
()
{
return
className
;
}
public
void
setClassName
(
String
className
)
{
this
.
className
=
className
;
}
public
List
<
PropertyConfig
>
getProperties
()
{
if
(
properties
==
null
)
{
properties
=
new
ArrayList
<>();
}
return
properties
;
}
}
h2/src/main/org/h2/security/auth/impl/AssignRealmNameRole.java
0 → 100644
浏览文件 @
b940440b
package
org
.
h2
.
security
.
auth
.
impl
;
import
java.util.Arrays
;
import
java.util.Collection
;
import
org.h2.api.UserToRolesMapper
;
import
org.h2.security.auth.AuthenticationException
;
import
org.h2.security.auth.AuthenticationInfo
;
import
org.h2.security.auth.ConfigProperties
;
/**
* Assign to user a role based on realm name
*
* * <p>
* Configuration parameters:
* </p>
* <ul>
* <li> roleNameFormat, optional by default is @{realm}</li>
* </ul>
*/
public
class
AssignRealmNameRole
implements
UserToRolesMapper
{
private
String
roleNameFormat
;
public
AssignRealmNameRole
()
{
this
(
"@%s"
);
}
public
AssignRealmNameRole
(
String
roleNameFormat
)
{
this
.
roleNameFormat
=
roleNameFormat
;
}
@Override
public
void
configure
(
ConfigProperties
configProperties
)
{
roleNameFormat
=
configProperties
.
getStringValue
(
"roleNameFormat"
,
roleNameFormat
);
}
@Override
public
Collection
<
String
>
mapUserToRoles
(
AuthenticationInfo
authenticationInfo
)
throws
AuthenticationException
{
return
Arrays
.
asList
(
String
.
format
(
roleNameFormat
,
authenticationInfo
.
getRealm
()));
}
}
h2/src/main/org/h2/security/auth/impl/JaasCredentialsValidator.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
.
impl
;
import
java.io.IOException
;
import
javax.security.auth.callback.Callback
;
import
javax.security.auth.callback.CallbackHandler
;
import
javax.security.auth.callback.NameCallback
;
import
javax.security.auth.callback.PasswordCallback
;
import
javax.security.auth.callback.UnsupportedCallbackException
;
import
javax.security.auth.login.LoginContext
;
import
org.h2.api.CredentialsValidator
;
import
org.h2.security.auth.AuthenticationInfo
;
import
org.h2.security.auth.ConfigProperties
;
/**
* Validate credentials by using standard Java Authentication and Authorization Service
*
* <p>
* Configuration parameters:
* </p>
* <ul>
* <li>appName inside the JAAS configuration (by default h2)</li>
* </ul>
*
*/
public
class
JaasCredentialsValidator
implements
CredentialsValidator
{
public
static
final
String
DEFAULT_APPNAME
=
"h2"
;
private
String
appName
;
public
JaasCredentialsValidator
()
{
this
(
DEFAULT_APPNAME
);
}
/**
* Create the validator with the given name of JAAS configuration
* @param appName = name of JAAS configuration
*/
public
JaasCredentialsValidator
(
String
appName
)
{
this
.
appName
=
appName
;
}
@Override
public
void
configure
(
ConfigProperties
configProperties
)
{
appName
=
configProperties
.
getStringValue
(
"appName"
,
appName
);
}
class
AuthenticationInfoCallbackHandler
implements
CallbackHandler
{
AuthenticationInfo
authenticationInfo
;
AuthenticationInfoCallbackHandler
(
AuthenticationInfo
authenticationInfo
)
{
this
.
authenticationInfo
=
authenticationInfo
;
}
@Override
public
void
handle
(
Callback
[]
callbacks
)
throws
IOException
,
UnsupportedCallbackException
{
for
(
int
i
=
0
;
i
<
callbacks
.
length
;
i
++)
{
if
(
callbacks
[
i
]
instanceof
NameCallback
)
{
((
NameCallback
)
callbacks
[
i
]).
setName
(
authenticationInfo
.
getUserName
());
}
else
if
(
callbacks
[
i
]
instanceof
PasswordCallback
)
{
((
PasswordCallback
)
callbacks
[
i
]).
setPassword
(
authenticationInfo
.
getPassword
().
toCharArray
());
}
}
}
}
@Override
public
boolean
validateCredentials
(
AuthenticationInfo
authenticationInfo
)
throws
Exception
{
LoginContext
loginContext
=
new
LoginContext
(
appName
,
new
AuthenticationInfoCallbackHandler
(
authenticationInfo
));
loginContext
.
login
();
authenticationInfo
.
setNestedIdentity
(
loginContext
.
getSubject
());
return
true
;
}
}
h2/src/main/org/h2/security/auth/impl/LdapCredentialsValidator.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
.
impl
;
import
java.util.Hashtable
;
import
javax.naming.Context
;
import
javax.naming.directory.DirContext
;
import
javax.naming.directory.InitialDirContext
;
import
org.h2.api.CredentialsValidator
;
import
org.h2.security.auth.AuthenticationInfo
;
import
org.h2.security.auth.ConfigProperties
;
/**
* Validate credentials by performing an LDAP bind
* <p>
* Configuration parameters:
* </p>
* <ul>
* <li>bindDnPattern bind dn pattern with %u instead of username (example: uid=%u,ou=users,dc=example,dc=com)</li>
* <li>host ldap server</li>
* <li>port of ldap service; optional, by default 389 for unsecure, 636 for secure</li>
* <li>secure, optional by default is true (use SSL)</li>
* </ul>
*/
public
class
LdapCredentialsValidator
implements
CredentialsValidator
{
private
String
bindDnPattern
;
private
String
host
;
private
int
port
;
private
boolean
secure
;
private
String
url
;
@Override
public
void
configure
(
ConfigProperties
configProperties
)
{
bindDnPattern
=
configProperties
.
getStringValue
(
"bindDnPattern"
);
host
=
configProperties
.
getStringValue
(
"host"
);
secure
=
configProperties
.
getBooleanValue
(
"secure"
,
true
);
port
=
configProperties
.
getIntValue
(
"port"
,
secure
?
636
:
389
);
url
=
"ldap"
+
(
secure
?
"s"
:
""
)
+
"://"
+
host
+
":"
+
port
;
}
@Override
public
boolean
validateCredentials
(
AuthenticationInfo
authenticationInfo
)
throws
Exception
{
DirContext
dirContext
=
null
;
try
{
String
dn
=
bindDnPattern
.
replace
(
"%u"
,
authenticationInfo
.
getUserName
());
Hashtable
<
String
,
String
>
env
=
new
Hashtable
<>();
env
.
put
(
Context
.
INITIAL_CONTEXT_FACTORY
,
"com.sun.jndi.ldap.LdapCtxFactory"
);
env
.
put
(
Context
.
PROVIDER_URL
,
url
);
env
.
put
(
Context
.
SECURITY_AUTHENTICATION
,
"simple"
);
env
.
put
(
Context
.
SECURITY_PRINCIPAL
,
dn
);
env
.
put
(
Context
.
SECURITY_CREDENTIALS
,
authenticationInfo
.
getPassword
());
if
(
secure
)
{
env
.
put
(
Context
.
SECURITY_PROTOCOL
,
"ssl"
);
}
dirContext
=
new
InitialDirContext
(
env
);
authenticationInfo
.
setNestedIdentity
(
dn
);
return
true
;
}
finally
{
if
(
dirContext
!=
null
)
{
dirContext
.
close
();
}
}
}
}
h2/src/main/org/h2/security/auth/impl/StaticRolesMapper.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
.
impl
;
import
java.util.Arrays
;
import
java.util.Collection
;
import
java.util.HashSet
;
import
org.h2.api.UserToRolesMapper
;
import
org.h2.security.auth.AuthenticationException
;
import
org.h2.security.auth.AuthenticationInfo
;
import
org.h2.security.auth.ConfigProperties
;
/**
* Assign static roles to authenticated users
* <p>
* Configuration parameters:
* </p>
* <ul>
* <li>roles role list separated by comma</li>
* </ul>
*
*/
public
class
StaticRolesMapper
implements
UserToRolesMapper
{
private
Collection
<
String
>
roles
;
public
StaticRolesMapper
()
{
}
public
StaticRolesMapper
(
String
...
roles
)
{
this
.
roles
=
Arrays
.
asList
(
roles
);
}
@Override
public
void
configure
(
ConfigProperties
configProperties
)
{
String
rolesString
=
configProperties
.
getStringValue
(
"roles"
,
""
);
if
(
rolesString
!=
null
)
{
roles
=
new
HashSet
<>(
Arrays
.
asList
(
rolesString
.
split
(
","
)));
}
}
@Override
public
Collection
<
String
>
mapUserToRoles
(
AuthenticationInfo
authenticationInfo
)
throws
AuthenticationException
{
return
roles
;
}
}
h2/src/main/org/h2/security/auth/impl/StaticUserCredentialsValidator.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Mul tiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
security
.
auth
.
impl
;
import
java.util.regex.Pattern
;
import
org.h2.api.CredentialsValidator
;
import
org.h2.security.SHA256
;
import
org.h2.security.auth.AuthenticationException
;
import
org.h2.security.auth.AuthenticationInfo
;
import
org.h2.security.auth.ConfigProperties
;
import
org.h2.util.MathUtils
;
import
org.h2.util.StringUtils
;
import
org.h2.util.Utils
;
/**
* This credentials validator matches the user and password with the configured
* Usage should be limited to test purposes
*
*/
public
class
StaticUserCredentialsValidator
implements
CredentialsValidator
{
private
Pattern
userNamePattern
;
private
String
password
;
private
byte
[]
salt
;
private
byte
[]
hashWithSalt
;
public
StaticUserCredentialsValidator
()
{
}
public
StaticUserCredentialsValidator
(
String
userNamePattern
,
String
password
)
{
if
(
userNamePattern
!=
null
)
{
this
.
userNamePattern
=
Pattern
.
compile
(
userNamePattern
.
toUpperCase
());
}
salt
=
MathUtils
.
secureRandomBytes
(
256
);
hashWithSalt
=
SHA256
.
getHashWithSalt
(
password
.
getBytes
(),
salt
);
}
@Override
public
boolean
validateCredentials
(
AuthenticationInfo
authenticationInfo
)
throws
AuthenticationException
{
if
(
userNamePattern
!=
null
)
{
if
(!
userNamePattern
.
matcher
(
authenticationInfo
.
getUserName
()).
matches
())
{
return
false
;
}
}
if
(
password
!=
null
)
{
return
password
.
equals
(
authenticationInfo
.
getPassword
());
}
return
Utils
.
compareSecure
(
hashWithSalt
,
SHA256
.
getHashWithSalt
(
authenticationInfo
.
getPassword
().
getBytes
(),
salt
));
}
@Override
public
void
configure
(
ConfigProperties
configProperties
)
{
String
userNamePatternString
=
configProperties
.
getStringValue
(
"userNamePattern"
,
null
);
if
(
userNamePatternString
!=
null
)
{
userNamePattern
=
userNamePattern
.
compile
(
userNamePatternString
);
}
password
=
configProperties
.
getStringValue
(
"password"
,
password
);
String
saltString
=
configProperties
.
getStringValue
(
"salt"
,
null
);
if
(
saltString
!=
null
)
{
salt
=
StringUtils
.
convertHexToBytes
(
saltString
);
}
String
hashString
=
configProperties
.
getStringValue
(
"hash"
,
null
);
if
(
hashString
!=
null
)
{
hashWithSalt
=
SHA256
.
getHashWithSalt
(
StringUtils
.
convertHexToBytes
(
hashString
),
salt
);
}
}
}
h2/src/test/org/h2/test/TestAll.java
浏览文件 @
b940440b
...
@@ -15,6 +15,7 @@ import org.h2.Driver;
...
@@ -15,6 +15,7 @@ import org.h2.Driver;
import
org.h2.engine.Constants
;
import
org.h2.engine.Constants
;
import
org.h2.store.fs.FilePathRec
;
import
org.h2.store.fs.FilePathRec
;
import
org.h2.store.fs.FileUtils
;
import
org.h2.store.fs.FileUtils
;
import
org.h2.test.auth.TestAuthentication
;
import
org.h2.test.bench.TestPerformance
;
import
org.h2.test.bench.TestPerformance
;
import
org.h2.test.db.TestAlter
;
import
org.h2.test.db.TestAlter
;
import
org.h2.test.db.TestAlterSchemaRename
;
import
org.h2.test.db.TestAlterSchemaRename
;
...
@@ -972,6 +973,7 @@ kill -9 `jps -l | grep "org.h2.test." | cut -d " " -f 1`
...
@@ -972,6 +973,7 @@ kill -9 `jps -l | grep "org.h2.test." | cut -d " " -f 1`
addTest
(
new
TestSampleApps
());
addTest
(
new
TestSampleApps
());
addTest
(
new
TestStringCache
());
addTest
(
new
TestStringCache
());
addTest
(
new
TestValueMemory
());
addTest
(
new
TestValueMemory
());
addTest
(
new
TestAuthentication
());
runAddedTests
(
1
);
runAddedTests
(
1
);
...
...
h2/src/test/org/h2/test/auth/MyLoginModule.java
0 → 100644
浏览文件 @
b940440b
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package
org
.
h2
.
test
.
auth
;
import
java.util.Map
;
import
javax.security.auth.Subject
;
import
javax.security.auth.callback.Callback
;
import
javax.security.auth.callback.CallbackHandler
;
import
javax.security.auth.callback.NameCallback
;
import
javax.security.auth.callback.PasswordCallback
;
import
javax.security.auth.login.LoginException
;
import
javax.security.auth.spi.LoginModule
;
/**
* Dummy login module used for test cases
*/
public
class
MyLoginModule
implements
LoginModule
{
String
password
;
CallbackHandler
callbackHandler
;
@Override
public
void
initialize
(
Subject
subject
,
CallbackHandler
callbackHandler
,
Map
<
String
,
?>
sharedState
,
Map
<
String
,
?>
options
)
{
this
.
callbackHandler
=
callbackHandler
;
password
=
""
+
options
.
get
(
"password"
);
}
@Override
public
boolean
login
()
throws
LoginException
{
if
(
callbackHandler
==
null
)
{
throw
new
LoginException
(
"no callbackHandler available"
);
}
NameCallback
nameCallback
=
new
NameCallback
(
"user name"
);
PasswordCallback
passwordCallback
=
new
PasswordCallback
(
"user name"
,
false
);
try
{
callbackHandler
.
handle
(
new
Callback
[]
{
nameCallback
,
passwordCallback
});
}
catch
(
Exception
exception
)
{
throw
new
LoginException
(
"an exception occurred during inquiry of username and password"
);
}
return
password
.
equals
(
new
String
(
passwordCallback
.
getPassword
()));
}
@Override
public
boolean
logout
()
throws
LoginException
{
return
true
;
}
@Override
public
boolean
abort
()
throws
LoginException
{
return
true
;
}
@Override
public
boolean
commit
()
throws
LoginException
{
return
true
;
}
}
h2/src/test/org/h2/test/auth/TestAuthentication.java
0 → 100644
浏览文件 @
b940440b
差异被折叠。
点击展开。
h2/src/test/org/h2/test/db/TestMergeUsing.java
浏览文件 @
b940440b
...
@@ -161,7 +161,7 @@ public class TestMergeUsing extends TestBase implements Trigger {
...
@@ -161,7 +161,7 @@ public class TestMergeUsing extends TestBase implements Trigger {
GATHER_ORDERED_RESULTS_SQL
,
GATHER_ORDERED_RESULTS_SQL
,
"SELECT X AS ID, 'Marcy'||X AS NAME FROM SYSTEM_RANGE(1,3) WHERE X<0"
,
"SELECT X AS ID, 'Marcy'||X AS NAME FROM SYSTEM_RANGE(1,3) WHERE X<0"
,
0
,
0
,
"
At least UPDATE, DELETE or INSERT embedded statement must be supplied.
"
);
"
expected \"WHEN\"
"
);
// Two updates to same row - update and delete together - emptying the
// Two updates to same row - update and delete together - emptying the
// parent table
// parent table
testMergeUsing
(
testMergeUsing
(
...
...
h2/src/test/org/h2/test/scripts/dml/mergeUsing.sql
浏览文件 @
b940440b
...
@@ -149,3 +149,29 @@ SELECT * FROM TEST ORDER BY C1, C2;
...
@@ -149,3 +149,29 @@ SELECT * FROM TEST ORDER BY C1, C2;
DROP
TABLE
TEST
;
DROP
TABLE
TEST
;
>
ok
>
ok
CREATE
TABLE
TEST
(
ID
INT
,
VALUE
INT
);
>
ok
MERGE
INTO
TEST
USING
DUAL
ON
(
ID
=
1
)
WHEN
MATCHED
THEN
UPDATE
SET
VALUE
=
1
WHEN
;
>
exception
SYNTAX_ERROR_2
MERGE
INTO
TEST
USING
DUAL
ON
(
ID
=
1
)
WHEN
MATCHED
THEN
UPDATE
SET
VALUE
=
1
WHEN
NOT
MATCHED
THEN
;
>
exception
SYNTAX_ERROR_2
MERGE
INTO
TEST
USING
DUAL
ON
(
ID
=
1
)
WHEN
NOT
MATCHED
THEN
INSERT
(
ID
,
VALUE
)
VALUES
(
1
,
1
)
WHEN
;
>
exception
SYNTAX_ERROR_2
MERGE
INTO
TEST
USING
DUAL
ON
(
ID
=
1
)
WHEN
NOT
MATCHED
THEN
INSERT
(
ID
,
VALUE
)
VALUES
(
1
,
1
)
WHEN
MATCHED
THEN
;
>
exception
SYNTAX_ERROR_2
DROP
TABLE
TEST
;
>
ok
编写
预览
Markdown
格式
0%
重试
或
添加新文件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
请先完成此评论的编辑!
取消
请
注册
或者
登录
后发表评论