djencks 2004/01/11 00:22:59
Modified: modules/core/src/java/org/apache/geronimo/security/providers SQLSecurityRealm.java Log: Make the jdbc use a little safer Revision Changes Path 1.5 +54 -26 incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/providers/SQLSecurityRealm.java Index: SQLSecurityRealm.java =================================================================== RCS file: /home/cvs/incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/providers/SQLSecurityRealm.java,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- SQLSecurityRealm.java 5 Jan 2004 18:56:34 -0000 1.4 +++ SQLSecurityRealm.java 11 Jan 2004 08:22:59 -0000 1.5 @@ -65,6 +65,7 @@ import java.util.HashSet; import java.util.Iterator; import java.util.Set; +import java.util.Map; import javax.security.auth.login.AppConfigurationEntry; @@ -87,8 +88,8 @@ private String password = ""; private String userSelect = "SELECT UserName, Password FROM Users"; private String groupSelect = "SELECT GroupName, UserName FROM Groups"; - HashMap users = new HashMap(); - HashMap groups = new HashMap(); + final Map users = new HashMap(); + final Map groups = new HashMap(); final static String REALM_INSTANCE = "org.apache.geronimo.security.providers.SQLSecurityRealm"; @@ -116,7 +117,6 @@ public void doStop() { running = false; - connectionURL = null; users.clear(); groups.clear(); @@ -229,35 +229,63 @@ } public void refresh() throws GeronimoSecurityException { + users.clear(); + groups.clear(); + Map users = new HashMap(); + Map groups = new HashMap(); try { Connection conn = DriverManager.getConnection(connectionURL, user, password); - PreparedStatement statement = conn.prepareStatement(userSelect); - ResultSet result = statement.executeQuery(); - - while (result.next()) { - String userName = result.getString(1); - String userPassword = result.getString(2); - - users.put(userName, userPassword); - } - - statement = conn.prepareStatement(groupSelect); - result = statement.executeQuery(); + try { + PreparedStatement statement = conn.prepareStatement(userSelect); + try { + ResultSet result = statement.executeQuery(); + + try { + while (result.next()) { + String userName = result.getString(1); + String userPassword = result.getString(2); + + users.put(userName, userPassword); + } + } finally { + result.close(); + } + } finally { + statement.close(); + } - while (result.next()) { - String groupName = result.getString(1); - String userName = result.getString(2); - - Set userset = (Set) groups.get(groupName); - if (userset == null) { - userset = new HashSet(); - groups.put(groupName, userset); + statement = conn.prepareStatement(groupSelect); + try { + ResultSet result = statement.executeQuery(); + + try { + while (result.next()) { + String groupName = result.getString(1); + String userName = result.getString(2); + + Set userset = (Set) groups.get(groupName); + if (userset == null) { + userset = new HashSet(); + groups.put(groupName, userset); + } + userset.add(userName); + } + } finally { + result.close(); + } + } finally { + statement.close(); } - userset.add(userName); + } finally { + conn.close(); } - conn.close(); + //copy results if no exception + //calling refresh is not thread safe wrt authorization calls. + this.users.putAll(users); + this.groups.putAll(groups); + } catch (SQLException sqle) { throw new GeronimoSecurityException(sqle); }