Enables or disables auditing.
Allowed values:
Value | Setting |
---|---|
true |
Auditing enabled |
false (default) |
Auditing disabled |
Determines whether the auditing instance is created as a singleton.
Allowed values:
Value | Setting |
---|---|
true |
Auditing instance is a singleton |
false (default) |
Auditing instance is not a singleton |
The audit class to instantiate. Must implement the org.beiter.michael.authn.jaas.common.audit.Audit
interface.
Default: org.beiter.michael.authn.jaas.common.audit.SampleAuditLogger
Enables or disables message queues.
Allowed values:
Value | Setting |
---|---|
true |
Message queue enabled |
false (default) |
Message queue disabled |
Determines whether the message queue instance is created as a singleton.
Allowed values:
Value | Setting |
---|---|
true |
Message queue instance is a singleton |
false (default) |
Message queue instance is not a singleton |
The message queue class to instantiate. Must implement the org.beiter.michael.authn.jaas.common.messageq.MessageQ
interface.
Default: org.beiter.michael.authn.jaas.common.messageq.SampleMessageLogger
Determines whether the password validator instance is created as a singleton.
Allowed values:
Value | Setting |
---|---|
true |
Password validator instance is a singleton |
false (default) |
Password validator instance is not a singleton |
The password validator class to instantiate. Must implement the
org.beiter.michael.authn.jaas.common.validator.PasswordValidator
interface.
For security reasons, this setting has no default, and is required. Logins attempts will fail while this setting is not configured.
Determines whether the password authenticator instance is created as a singleton.
Allowed values:
Value | Setting |
---|---|
true |
Password authenticator instance is a singleton |
false (default) |
Password authenticator instance is not a singleton |
The username / password based authenticator class to instantiate. Must implement the
org.beiter.michael.authn.jaas.common.authenticator.PasswordAuthenticator
interface.
For security reasons, this setting has no default, and is required. Logins attempts will fail while this setting is not configured.
The JNDI connection name to use when connecting to a database. The JNDI name must reference a SQL DataSource.
If this name is not set, the JDBC configuration parameters are evaluated and a JDBC connection pool is created. In other words, the JDBC connection parameters are ignored if the JNDI connection name is set.
The JDBC driver to use for the connection pool.
This parameter is required if a connection pool is used.
The JDBC database URL to connect to. Must be a valid JDBC database URL, as required by the JDBC driver.
The username to authenticate with in the JDBC connection.
The password to authenticate with in the JDBC connection.
The maximum number of active connections that can be allocated from this pool at the same time, or negative for no limit.
An invalid value is ignored.
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The maximum number of connections that can remain idle in the pool, without extra ones being released, or negative for no limit.
An invalid value is ignored.
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The minimum number of connections that can remain idle in the pool, without extra ones being created, or zero to create none.
An invalid value is ignored.
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The maximum number of milliseconds that the pool will wait (when there are no available connections) for a connection to be returned before throwing an exception, or -1 to wait indefinitely.
An invalid value is ignored.
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The indication of whether a connection will be validated after creation (true
or false
).
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The indication of whether connections will be validated before being borrowed from the pool (true
or false
).
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The indication of whether a connection will be validated before being returned to the pool (true
or false
).
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The indication of whether connections will be validated by the idle object evictor (if any). If an object fails to
validate, it will be dropped from the pool (true
or false
).
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The number of milliseconds to sleep between runs of the idle object evictor thread. When non-positive, no idle object evictor thread will be run.
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The number of objects to examine during each run of the idle object evictor thread (if any).
See org.beiter.michael.db.ConnectionPoolSpec
for default.
True
means that the pool returns the most recently used ("last in") connection in the pool (if there are idle
connections available). False
means that the pool behaves as a FIFO queue - connections are taken from the idle
instance pool in the order that they are returned to the pool.
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The default auto-commit state of connections created by the pool (true
or false
).
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The default read-only state of connections created by the pool (true
or false
).
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The default transaction isolation state of connections created by this pool.
Possible values are:
- 0: No transaction
- 1: Read committed
- 2: Read uncommitted
- 3: Repeatable read
- 4: Serializable
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The SQL query that will be used to validate connections from the pool before returning them to the caller. If specified, this query MUST be an SQL SELECT statement that returns at least one row.
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The maximum lifetime in milliseconds of a connection. After this time is exceeded the connection will fail the next activation, passivation or validation test. A value of zero or less means the connection has an infinite lifetime.
See org.beiter.michael.db.ConnectionPoolSpec
for default.
The SQL query used to retrieve a row from the database.
This SQL query must take two and only two query parameters, the first being the domain, the second being the user name.
If the domain is not used in the database, the SQL query must be crafted so that the first parameter is irrelevant for
the search result and removed from the query by the DB query parser (e.g. SELECT userID, credential FROM table WHERE ? IS NOT NULL AND username = ?
).
The SQL query must return two columns, the first being the user's ID, the second being the credential against which the
provided password is to be validated. Note that the user ID and the user name may be identical (e.g. in cases where the
user name is used as the primary key, like so: SELECT username, credential FROM table WHERE domain = ? AND username = ?
.