Class BasicLookupStrategy
- java.lang.Object
-
- org.springframework.security.acls.jdbc.BasicLookupStrategy
-
- All Implemented Interfaces:
LookupStrategy
public class BasicLookupStrategy extends java.lang.Object implements LookupStrategy
Performs lookups in a manner that is compatible with ANSI SQL.NB: This implementation does attempt to provide reasonably optimised lookups - within the constraints of a normalised database and standard ANSI SQL features. If you are willing to sacrifice either of these constraints (e.g. use a particular database feature such as hierarchical queries or materalized views, or reduce normalisation) you are likely to achieve better performance. In such situations you will need to provide your own custom
LookupStrategy
. This class does not support subclassing, as it is likely to change in future releases and therefore subclassing is unsupported.There are two SQL queries executed, one in the lookupPrimaryKeys method and one in lookupObjectIdentities. These are built from the same select and "order by" clause, using a different where clause in each case. In order to use custom schema or column names, each of these SQL clauses can be customized, but they must be consistent with each other and with the expected result set generated by the default values.
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
DEFAULT_ACL_CLASS_ID_SELECT_CLAUSE
static java.lang.String
DEFAULT_ORDER_BY_CLAUSE
static java.lang.String
DEFAULT_SELECT_CLAUSE
-
Constructor Summary
Constructors Constructor Description BasicLookupStrategy(javax.sql.DataSource dataSource, AclCache aclCache, AclAuthorizationStrategy aclAuthorizationStrategy, AuditLogger auditLogger)
Constructor accepting mandatory argumentsBasicLookupStrategy(javax.sql.DataSource dataSource, AclCache aclCache, AclAuthorizationStrategy aclAuthorizationStrategy, PermissionGrantingStrategy grantingStrategy)
Creates a new instance
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected Sid
createSid(boolean isPrincipal, java.lang.String sid)
Creates a particular implementation ofSid
depending on the arguments.java.util.Map<ObjectIdentity,Acl>
readAclsById(java.util.List<ObjectIdentity> objects, java.util.List<Sid> sids)
The main method.void
setAclClassIdSupported(boolean aclClassIdSupported)
void
setBatchSize(int batchSize)
void
setConversionService(org.springframework.core.convert.ConversionService conversionService)
void
setLookupObjectIdentitiesWhereClause(java.lang.String lookupObjectIdentitiesWhereClause)
The SQL for the where clause used in the lookupObjectIdentities method.void
setLookupPrimaryKeysWhereClause(java.lang.String lookupPrimaryKeysWhereClause)
The SQL for the where clause used in the lookupPrimaryKey method.void
setObjectIdentityGenerator(ObjectIdentityGenerator objectIdentityGenerator)
void
setOrderByClause(java.lang.String orderByClause)
The SQL for the "order by" clause used in both queries.void
setPermissionFactory(PermissionFactory permissionFactory)
Sets thePermissionFactory
instance which will be used to convert loaded permission data values toPermission
s.void
setSelectClause(java.lang.String selectClause)
The SQL for the select clause.
-
-
-
Field Detail
-
DEFAULT_SELECT_CLAUSE
public static final java.lang.String DEFAULT_SELECT_CLAUSE
- See Also:
- Constant Field Values
-
DEFAULT_ACL_CLASS_ID_SELECT_CLAUSE
public static final java.lang.String DEFAULT_ACL_CLASS_ID_SELECT_CLAUSE
- See Also:
- Constant Field Values
-
DEFAULT_ORDER_BY_CLAUSE
public static final java.lang.String DEFAULT_ORDER_BY_CLAUSE
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
BasicLookupStrategy
public BasicLookupStrategy(javax.sql.DataSource dataSource, AclCache aclCache, AclAuthorizationStrategy aclAuthorizationStrategy, AuditLogger auditLogger)
Constructor accepting mandatory arguments- Parameters:
dataSource
- to access the databaseaclCache
- the cache where fully-loaded elements can be storedaclAuthorizationStrategy
- authorization strategy (required)
-
BasicLookupStrategy
public BasicLookupStrategy(javax.sql.DataSource dataSource, AclCache aclCache, AclAuthorizationStrategy aclAuthorizationStrategy, PermissionGrantingStrategy grantingStrategy)
Creates a new instance- Parameters:
dataSource
- to access the databaseaclCache
- the cache where fully-loaded elements can be storedaclAuthorizationStrategy
- authorization strategy (required)grantingStrategy
- the PermissionGrantingStrategy
-
-
Method Detail
-
readAclsById
public final java.util.Map<ObjectIdentity,Acl> readAclsById(java.util.List<ObjectIdentity> objects, java.util.List<Sid> sids)
The main method.WARNING: This implementation completely disregards the "sids" argument! Every item in the cache is expected to contain all SIDs. If you have serious performance needs (e.g. a very large number of SIDs per object identity), you'll probably want to develop a custom
LookupStrategy
implementation instead.The implementation works in batch sizes specified by
batchSize
.- Specified by:
readAclsById
in interfaceLookupStrategy
- Parameters:
objects
- the identities to lookup (required)sids
- the SIDs for which identities are required (ignored by this implementation)- Returns:
- a Map where keys represent the
ObjectIdentity
of the locatedAcl
and values are the locatedAcl
(never null although some entries may be missing; this method should not throwNotFoundException
, as a chain ofLookupStrategy
s may be used to automatically create entries if required)
-
createSid
protected Sid createSid(boolean isPrincipal, java.lang.String sid)
Creates a particular implementation ofSid
depending on the arguments.- Parameters:
sid
- the name of the sid representing its unique identifier. In typical ACL database schema it's located in tableacl_sid
table,sid
column.isPrincipal
- whether it's a user or granted authority like role- Returns:
- the instance of Sid with the
sidName
as an identifier
-
setPermissionFactory
public final void setPermissionFactory(PermissionFactory permissionFactory)
Sets thePermissionFactory
instance which will be used to convert loaded permission data values toPermission
s. ADefaultPermissionFactory
will be used by default.- Parameters:
permissionFactory
-
-
setBatchSize
public final void setBatchSize(int batchSize)
-
setSelectClause
public final void setSelectClause(java.lang.String selectClause)
The SQL for the select clause. If customizing in order to modify column names, schema etc, the other SQL customization fields must also be set to match.- Parameters:
selectClause
- the select clause, which defaults toDEFAULT_SELECT_CLAUSE
.
-
setLookupPrimaryKeysWhereClause
public final void setLookupPrimaryKeysWhereClause(java.lang.String lookupPrimaryKeysWhereClause)
The SQL for the where clause used in the lookupPrimaryKey method.
-
setLookupObjectIdentitiesWhereClause
public final void setLookupObjectIdentitiesWhereClause(java.lang.String lookupObjectIdentitiesWhereClause)
The SQL for the where clause used in the lookupObjectIdentities method.
-
setOrderByClause
public final void setOrderByClause(java.lang.String orderByClause)
The SQL for the "order by" clause used in both queries.
-
setAclClassIdSupported
public final void setAclClassIdSupported(boolean aclClassIdSupported)
-
setObjectIdentityGenerator
public final void setObjectIdentityGenerator(ObjectIdentityGenerator objectIdentityGenerator)
-
setConversionService
public final void setConversionService(org.springframework.core.convert.ConversionService conversionService)
-
-