Hi ppl! Again
It looks like i wasn't very accurate in my first question here...
What i wanted to do is something like this: (hope you guys can help) This is
my actual Athentication class, with uses BASIC login.
import java.lang.*;
import java.sql.*;
import javax.sql.*;
import javax.naming.*;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.util.*;
import java.security.*;
import allaire.jrun.util.*;
import allaire.jrun.security.*;
public class Autentica implements AuthenticationInterface
{
/**
* Initialize the authentication service
* @param props The properties for the service
*/
public void init(OrderedProperties props) throws Exception
{
//Não se faz nada aki
}
/**
* Destroy the service
*/
public void destroy()
{
//Não se faz nada aki
}
/**
* Authenticate the given user with the given credentials (such
* as a password).
* @param req The servlet request
* @param username The username to authenticate
* @param method The type of authentication method (BASIC, DIGEST, FORM,
* or CLIENT-CERT)
* @param credentials Password and/or other credentials necessary
* in authenticating the user
* @return The Principal associated with the given username, or null
* if authentication failed
*/
public Principal authenticate(HttpServletRequest req, String username,
String password) {
Principal principal = null;
//tipos para a ligação à base de dados
Connection dbCon = null;
Statement dbStat = null;
String sqlStat = null;
ResultSet dbRes = null;
// If we have a password, attempt to validate it
if (password != null) {
try {
String dbPass = null;
//Acesso à base de dados - apanhar uma
conecção da pool de conexoes do JRun
InitialContext ctx = new InitialContext();
DataSource ds =
(DataSource)ctx.lookup("java:comp/env/jdbc/test_db");
dbCon = ds.getConnection();
dbStat = dbCon.createStatement();
sqlStat = "SELECT passwd FROM users WHERE
user='" + username + "'";
dbRes = dbStat.executeQuery(sqlStat);
dbRes.next();
dbPass = dbRes.getString(1);
if (dbPass.equals(password)) {
principal = new
AuthenticatedPrincipal(username);
}
} catch (Exception e) {
e.printStackTrace();
}
}
return principal;
}
/**
* Determines if the given principal (user) has been granted the
* given role within this authentication realm.
* @param principal The principal (user) to verify
* @param role The role to verify
* @return true if the principal is part of the given role
*/
public boolean isPrincipalInRole(Principal principal, String role)
{
return true;
}
}
Thank you for any help in advance
---------
Ricardo Ramalho
Carcavelos Lisbon Portugal
EWorks Consulting
-
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>