michael-o commented on a change in pull request #428:
URL: https://github.com/apache/tomcat/pull/428#discussion_r655182143
##########
File path: java/org/apache/catalina/realm/DataSourceRealm.java
##########
@@ -539,6 +612,162 @@ private boolean isRoleStoreDefined() {
}
+ /**
+ * Return the specified user's requested user attributes as a map.
+ *
+ * @param dbConnection The database connection to be used
+ * @param username User name for which to return user attributes
+ *
+ * @return a map containing the specified user's requested user attributes
+ */
+ protected Map<String, Object> getUserAttributesMap(Connection
dbConnection, String username) {
+
+ String preparedAttributes = getUserAttributesStatement(dbConnection);
+ if (preparedAttributes == null || preparedAttributes ==
USER_ATTRIBUTES_NONE_REQUESTED) {
+ // The above reference comparison is intentional.
USER_ATTRIBUTES_NONE_REQUESTED
+ // is a tag object (empty String) to distinguish between null (not
yet
+ // initialized) and empty (no attributes requested).
+ // TODO Could as well be changed to `preparedAttributes.lenghth()
= 0`
+
+ // Return null if no user attributes are requested (or if the
statement was not
+ // yet built successfully)
+ return null;
+ }
+
+ try (PreparedStatement stmt =
dbConnection.prepareStatement(preparedAttributes)) {
+ stmt.setString(1, username);
+
+ try (ResultSet rs = stmt.executeQuery()) {
+
+ if (rs.next()) {
+ Map<String, Object> attrs = new LinkedHashMap<>();
+ ResultSetMetaData md = rs.getMetaData();
+ int ncols = md.getColumnCount();
+ for (int columnIndex = 1; columnIndex <= ncols;
columnIndex++) {
+ String columnName = md.getColumnName(columnIndex);
+ // Ignore case, database may have case-insensitive
field names
+ if (columnName.equalsIgnoreCase(userCredCol)) {
+ // Always skip userCredCol (must be there if all
columns
+ // have been requested)
+ continue;
+ }
+ attrs.put(columnName, rs.getObject(columnIndex));
+ }
+ return attrs.size() > 0 ? attrs : null;
+ }
+ }
+ } catch (SQLException e) {
+ containerLog.error(
+
sm.getString("dataSourceRealm.getUserAttributes.exception", username), e);
+ }
+
+ return null;
+ }
+
+
+ /**
+ * Return the SQL statement for querying additional user attributes. The
+ * statement is lazily initialized (<i>lazily initialized singleton</i>
with
+ * <i>double-checked locking, DCL</i>) since building it may require an
extra
+ * database query under some conditions.
+ *
+ * @param dbConnection connection for accessing the database
+ */
+ private String getUserAttributesStatement(Connection dbConnection) {
+ // DCL so userAttributesStatement MUST be volatile
+ if (userAttributesStatement == null) {
+ synchronized (userAttributesStatementLock) {
+ if (userAttributesStatement == null) {
+ List<String> requestedAttributes =
parseUserAttributes(userAttributes);
+ if (requestedAttributes == null) {
+ return USER_ATTRIBUTES_NONE_REQUESTED;
+ }
+ if (requestedAttributes.size() > 0
+ &&
requestedAttributes.get(0).equals(USER_ATTRIBUTES_WILDCARD)) {
+ userAttributesStatement = "SELECT *" +
preparedAttributesTail;
Review comment:
I see it now. Looked like a bug from first glance.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
