Relational database (v4.3)
pac4j allows you to validate username/password and create, update and delete users on a SQL database.
1) Dependency
You need to use the following module: pac4j-sql
.
Example (Maven dependency):
<dependency>
<groupId>org.pac4j</groupId>
<artifactId>pac4j-sql</artifactId>
<version>${pac4j.version}</version>
</dependency>
2) DbProfileService
The DbProfileService
allows you to:
- validate a username/password on a relational database (it can be defined for HTTP clients which deal with
UsernamePasswordCredentials
) - create, update or delete a user in the database.
It works with a DbProfile
.
It is built from a javax.sql.DataSource
.
Example:
DataSource dataSource = JdbcConnectionPool.create("jdbc:h2:mem:test", dbuser, dbpwd);
DbProfileService dbProfileService = new DbProfileService(dataSource);
The users
table in the database must be created with the following script:
CREATE TABLE users
(
id varchar(255),
username varchar(255),
password varchar(255),
linkedid varchar(255),
serializedprofile varchar(10000)
);
ALTER TABLE users
ADD PRIMARY KEY (id),
ADD KEY username (username),
ADD KEY linkedid (linkedid);
The name of the table in the database can be changed via the setUsersTable
method. As well as the id
, username
and password
columns using the setIdAttribute
, setUsernameAttribute
and setPasswordAttribute
methods.
The attributes of the user profile can be managed in the database in two ways:
- either each attribute is explicitly saved in a specific column and all these columns are defined as a list of column names separated by commas via the
setAttributes
method (it’s the legacy mode existing since version 1.9) - or the whole user profile is serialized and saved in the
serializedprofile
column.
This DbProfileService
supports the use of a specific PasswordEncoder
to encode the passwords in the database.
serializedprofile
is written in JSON instead of using the Java serialization.