1 2 Previous Next 17 Replies Latest reply on Nov 3, 2009 10:42 AM by rareddy Go to original post
      • 15. Re: Custom Membership Domain
        rareddy

         

        The code I'm looking at was using PlatformPlugin to obtain a standard error message for when the username and/or credential is null in the authenticateUser() method, similar to how the LDAPMembershipDomain class uses DQPEmbeddedPlugin for that purpose


        You can use Log4J logging. See the "log4j.xml" file to control the logging levels.

        Oh, and at the risk of being nit-picky, MembershipDomain is by far not the only Teiid class or interface necessary to implement a custom membership domain.


        To see this I did wrote simple eclipse project with following code

        package org.custom;
        
        import java.io.Serializable;
        import java.util.HashMap;
        import java.util.HashSet;
        import java.util.Properties;
        import java.util.Set;
        
        import org.apache.log4j.Logger;
        
        import com.metamatrix.api.exception.security.InvalidUserException;
        import com.metamatrix.api.exception.security.LogonException;
        import com.metamatrix.api.exception.security.UnsupportedCredentialException;
        import com.metamatrix.platform.security.api.Credentials;
        import com.metamatrix.platform.security.api.service.SuccessfulAuthenticationToken;
        import com.metamatrix.platform.security.membership.spi.MembershipDomain;
        import com.metamatrix.platform.security.membership.spi.MembershipSourceException;
        
        public class MyMembershipDomain implements MembershipDomain {
        
         static Logger log = Logger.getLogger(MyMembershipDomain.class);
        
         HashMap<String, String> userCredentails = new HashMap<String, String>();
         Set groups = new HashSet<String>();
        
         @Override
         public Set getGroupNames(){
         return this.groups;
         }
        
         @Override
         public void initialize(Properties arg0) throws MembershipSourceException {
         this.userCredentails.put("user1", "password1");
         this.userCredentails.put("user2", "password");
        
         groups.add("group1");
         groups.add("group2");
         }
        
         @Override
         public void shutdown() throws MembershipSourceException {
        
         }
        
         @Override
         public SuccessfulAuthenticationToken authenticateUser(String username, Credentials credential, Serializable trustedToken, String applicationName)
         throws UnsupportedCredentialException, InvalidUserException,LogonException, MembershipSourceException {
        
         if (username == null || credential == null) {
         throw new UnsupportedCredentialException("a username and password must be supplied for this domain"); //$NON-NLS-1$
         }
        
         String password = userCredentails.get(username);
        
         if (password == null) {
         throw new InvalidUserException("user " + username + " is invalid"); //$NON-NLS-1$ //$NON-NLS-2$
         }
        
         if (password.equals(String.valueOf(credential.getCredentialsAsCharArray()))) {
         // logging using log4j. Configure the log4j.xml file control the logging
         log.debug("user "+username +" has sucessfully logged in");
         return new SuccessfulAuthenticationToken(trustedToken, username);
         }
        
         throw new LogonException("user " + username + " could not be authenticated"); //$NON-NLS-1$ //$NON-NLS-2$
         }
        
         @Override
         public Set getGroupNamesForUser(String user) throws InvalidUserException, MembershipSourceException {
         return this.groups;
         }
        }
        


        For this to compile properly, I had to add the following jars to the build path in the eclipse.

        teiid-runtime-6.2.0.jar
        teiid-common-internal-6.2.0.jar
        teiid-engine-6.2.0.jar
        teiid-6.2.0.jar
        log4j.jar
        


        all these files you can find them in "lib" and "client" directory of your Teiid install. These should all you need to include.

        I agree, the dependency set for this not properly re-factored in Teiid. This shows the ugly dependency chain between the projects from the past. We have fixed lot of issues like this in Teiid. We apologize for inconvenience, we are striving to provide best product for our users, but it is no easy task. Thanks for bringing this to our attention.

        Future: Teiid is moving to support JAAS based authentication in 6.3 the dependency on Teiid based classes will be completely taken out. To use custom membership you would only need to extend the JAAS based apis, no more Teiid extensions. http://java.sun.com/javase/6/docs/technotes/guides/security/

        • 16. Re: Custom Membership Domain

          That looks about right, except I have no "teiid-6.2.0.jar" in my distribution, unless you're referring to "teiid-6.2.0-client.jar".

          Thanks for the JAAS reference. I'll look into that and see ho it can interface with the system's authentication provider.

          • 17. Re: Custom Membership Domain
            rareddy

            Yes, That is typo, it is supposed to be "teiid-6.2.0-client.jar"

            Thanks.

            1 2 Previous Next