JDBCAuthentication
for authentication and JDBCAuthorization
for authorizationpublic interface JDBCAuth extends AuthProvider
AuthenticationProvider
instances that use the Vert.x JDBC client.
By default the hashing strategy is SHA-512. If you're already running in production this is backwards
compatible, however for new deployments or security upgrades it is recommended to use the PBKDF2 strategy
as it is the current OWASP recommendation for password storage.Modifier and Type | Field and Description |
---|---|
static String |
DEFAULT_AUTHENTICATE_QUERY
Deprecated.
The default query to be used for authentication
|
static String |
DEFAULT_PERMISSIONS_QUERY
Deprecated.
The default query to retrieve all permissions for the role
|
static String |
DEFAULT_ROLE_PREFIX
Deprecated.
The default role prefix
|
static String |
DEFAULT_ROLES_QUERY
Deprecated.
The default query to retrieve all roles for the user
|
Modifier and Type | Method and Description |
---|---|
default String |
computeHash(String password,
String salt)
Deprecated.
Compute the hashed password given the unhashed password and the salt without nonce
The implementation relays to the JDBCHashStrategy provided.
|
String |
computeHash(String password,
String salt,
int version)
Deprecated.
Compute the hashed password given the unhashed password and the salt
The implementation relays to the JDBCHashStrategy provided.
|
static JDBCAuth |
create(Vertx vertx,
JDBCClient client)
Deprecated.
Create a JDBC auth provider implementation
|
String |
generateSalt()
Deprecated.
Compute a salt string.
|
JDBCAuth |
setAuthenticationQuery(String authenticationQuery)
Deprecated.
Set the authentication query to use.
|
JDBCAuth |
setHashStrategy(JDBCHashStrategy strategy)
Deprecated.
Set the hash strategy to use.
|
JDBCAuth |
setNonces(JsonArray nonces)
Deprecated.
Provide a application configuration level on hash nonce's as a ordered list of
nonces where each position corresponds to a version.
|
JDBCAuth |
setPermissionsQuery(String permissionsQuery)
Deprecated.
Set the permissions query to use.
|
JDBCAuth |
setRolePrefix(String rolePrefix)
Deprecated.
Set the role prefix to distinguish from permissions when checking for isPermitted requests.
|
JDBCAuth |
setRolesQuery(String rolesQuery)
Deprecated.
Set the roles query to use.
|
authenticate, authenticate, authenticate, authenticate
static final String DEFAULT_AUTHENTICATE_QUERY
static final String DEFAULT_ROLES_QUERY
static final String DEFAULT_PERMISSIONS_QUERY
static final String DEFAULT_ROLE_PREFIX
static JDBCAuth create(Vertx vertx, JDBCClient client)
client
- the JDBC client instanceJDBCAuth setAuthenticationQuery(String authenticationQuery)
authenticationQuery
- the authentication queryJDBCAuth setRolesQuery(String rolesQuery)
rolesQuery
- the roles queryJDBCAuth setPermissionsQuery(String permissionsQuery)
permissionsQuery
- the permissions queryJDBCAuth setRolePrefix(String rolePrefix)
rolePrefix
- a Prefix e.g.: "role:"JDBCAuth setHashStrategy(JDBCHashStrategy strategy)
strategy
- the strategydefault String computeHash(String password, String salt)
password
- the unhashed passwordsalt
- the saltString computeHash(String password, String salt, int version)
password
- the unhashed passwordsalt
- the saltversion
- the nonce version to useString generateSalt()
JDBCAuth setNonces(JsonArray nonces)
nonces
- a List of non null Strings.Copyright © 2022 Eclipse. All rights reserved.