public final class

BasicLookupStrategy

extends Object
implements LookupStrategy
java.lang.Object
   ↳ org.springframework.security.acls.jdbc.BasicLookupStrategy

Class Overview

Performs lookups in a manner that is compatible with ANSI SQL.

NB: This implementation does attempt to provide reasonably optimised lookups - within the constraints of a normalised database and standard ANSI SQL features. If you are willing to sacrifice either of these constraints (e.g. use a particular database feature such as hierarchical queries or materalized views, or reduce normalisation) you are likely to achieve better performance. In such situations you will need to provide your own custom LookupStrategy. This class does not support subclassing, as it is likely to change in future releases and therefore subclassing is unsupported.

There are two SQL queries executed, one in the lookupPrimaryKeys method and one in lookupObjectIdentities. These are built from the same select and "order by" clause, using a different where clause in each case. In order to use custom schema or column names, each of these SQL clauses can be customized, but they must be consistent with each other and with the expected result set generated by the the default values.

Summary

Constants
String DEFAULT_ORDER_BY_CLAUSE
String DEFAULT_SELECT_CLAUSE
Public Constructors
BasicLookupStrategy(DataSource dataSource, AclCache aclCache, AclAuthorizationStrategy aclAuthorizationStrategy, AuditLogger auditLogger)
This constructor is deprecated. Use the version which takes a PermissionGrantingStrategy argument instead.
BasicLookupStrategy(DataSource dataSource, AclCache aclCache, AclAuthorizationStrategy aclAuthorizationStrategy, PermissionGrantingStrategy grantingStrategy)
Public Methods
Map<ObjectIdentityAcl> readAclsById(List<ObjectIdentity> objects, List<Sid> sids)
The main method.
void setBatchSize(int batchSize)
void setLookupObjectIdentitiesWhereClause(String lookupObjectIdentitiesWhereClause)
The SQL for the where clause used in the lookupObjectIdentities method.
void setLookupPrimaryKeysWhereClause(String lookupPrimaryKeysWhereClause)
The SQL for the where clause used in the lookupPrimaryKey method.
void setOrderByClause(String orderByClause)
The SQL for the "order by" clause used in both queries.
void setPermissionFactory(PermissionFactory permissionFactory)
Sets the PermissionFactory instance which will be used to convert loaded permission data values to Permissions.
void setSelectClause(String selectClause)
The SQL for the select clause.
[Expand]
Inherited Methods
From class java.lang.Object
From interface org.springframework.security.acls.jdbc.LookupStrategy

Constants

public static final String DEFAULT_ORDER_BY_CLAUSE

Constant Value: ") order by acl_object_identity.object_id_identity asc, acl_entry.ace_order asc"

public static final String DEFAULT_SELECT_CLAUSE

Constant Value: "select acl_object_identity.object_id_identity, acl_entry.ace_order, acl_object_identity.id as acl_id, acl_object_identity.parent_object, acl_object_identity.entries_inheriting, acl_entry.id as ace_id, acl_entry.mask, acl_entry.granting, acl_entry.audit_success, acl_entry.audit_failure, acl_sid.principal as ace_principal, acl_sid.sid as ace_sid, acli_sid.principal as acl_principal, acli_sid.sid as acl_sid, acl_class.class from acl_object_identity left join acl_sid acli_sid on acli_sid.id = acl_object_identity.owner_sid left join acl_class on acl_class.id = acl_object_identity.object_id_class left join acl_entry on acl_object_identity.id = acl_entry.acl_object_identity left join acl_sid on acl_entry.sid = acl_sid.id where ( "

Public Constructors

public BasicLookupStrategy (DataSource dataSource, AclCache aclCache, AclAuthorizationStrategy aclAuthorizationStrategy, AuditLogger auditLogger)

This constructor is deprecated.
Use the version which takes a PermissionGrantingStrategy argument instead.

Constructor accepting mandatory arguments

Parameters
dataSource to access the database
aclCache the cache where fully-loaded elements can be stored
aclAuthorizationStrategy authorization strategy (required)

public BasicLookupStrategy (DataSource dataSource, AclCache aclCache, AclAuthorizationStrategy aclAuthorizationStrategy, PermissionGrantingStrategy grantingStrategy)

Public Methods

public Map<ObjectIdentityAcl> readAclsById (List<ObjectIdentity> objects, List<Sid> sids)

The main method.

WARNING: This implementation completely disregards the "sids" argument! Every item in the cache is expected to contain all SIDs. If you have serious performance needs (e.g. a very large number of SIDs per object identity), you'll probably want to develop a custom LookupStrategy implementation instead.

The implementation works in batch sizes specified by #batchSize.

Parameters
objects the identities to lookup (required)
sids the SIDs for which identities are required (ignored by this implementation)
Returns
  • a Map where keys represent the ObjectIdentity of the located Acl and values are the located Acl (never null although some entries may be missing; this method should not throw NotFoundException, as a chain of LookupStrategys may be used to automatically create entries if required)

public void setBatchSize (int batchSize)

public void setLookupObjectIdentitiesWhereClause (String lookupObjectIdentitiesWhereClause)

The SQL for the where clause used in the lookupObjectIdentities method.

public void setLookupPrimaryKeysWhereClause (String lookupPrimaryKeysWhereClause)

The SQL for the where clause used in the lookupPrimaryKey method.

public void setOrderByClause (String orderByClause)

The SQL for the "order by" clause used in both queries.

public void setPermissionFactory (PermissionFactory permissionFactory)

Sets the PermissionFactory instance which will be used to convert loaded permission data values to Permissions. A DefaultPermissionFactory will be used by default.

public void setSelectClause (String selectClause)

The SQL for the select clause. If customizing in order to modify column names, schema etc, the other SQL customization fields must also be set to match.

Parameters
selectClause the select clause, which defaults to DEFAULT_SELECT_CLAUSE.