Relational database (v6.1)
pac4j allows you to validate username/password and create, update and delete users on a SQL database.
1) Dependency
You need to use the following module: pac4j-sql.
Example (Maven dependency):
<dependency>
<groupId>org.pac4j</groupId>
<artifactId>pac4j-sql</artifactId>
<version>${pac4j.version}</version>
</dependency>
2) DbProfileService
The DbProfileService supersedes the deprecated DbAuthenticator to:
- validate a username/password on a relational database (it can be defined for HTTP clients which deal with
UsernamePasswordCredentials) - create, update or delete a user in the database.
It works with a DbProfile.
It is built from a javax.sql.DataSource.
Example:
DataSource dataSource = JdbcConnectionPool.create("jdbc:h2:mem:test", dbuser, dbpwd);
DbProfileService dbProfileService = new DbProfileService(dataSource);
The users table in the database must be created with the following script:
CREATE TABLE users
(
id varchar(255),
username varchar(255),
password varchar(255),
linkedid varchar(255),
serializedprofile varchar(10000)
);
ALTER TABLE users
ADD PRIMARY KEY (id),
ADD KEY username (username),
ADD KEY linkedid (linkedid);
The name of the table in the database can be changed via the setUsersTable method. As well as the id, username and password columns using the setIdAttribute, setUsernameAttribute and setPasswordAttribute methods.
The attributes of the user profile can be managed in the database in two ways:
- either each attribute is explicitly saved in a specific column and all these columns are defined as a list of column names separated by commas via the
setAttributesmethod (it’s the legacy mode already existing in version 1.9) - or the whole user profile is serialized and saved in the
serializedprofilecolumn.
This DbProfileService supports the use of a specific PasswordEncoder to encode the passwords in the database.