java.lang.Object | ||
↳ | org.springframework.security.acls.jdbc.JdbcAclService | |
↳ | org.springframework.security.acls.jdbc.JdbcMutableAclService |
Provides a base JDBC implementation of MutableAclService
.
The default settings are for HSQLDB. If you are using a different database you
will probably need to set the sidIdentityQuery
and
classIdentityQuery
properties appropriately. The other queries,
SQL inserts and updates can also be customized to accomodate schema variations, but must produce results
consistent with those expected by the defaults.
See the appendix of the Spring Security reference manual for more information on the expected schema and how it is used. Information on using PostgreSQL is also included.
[Expand]
Inherited Fields | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
org.springframework.security.acls.jdbc.JdbcAclService
|
Public Constructors | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Creates an empty
Acl object in the database. | |||||||||||
Removes the specified entry from the database.
| |||||||||||
Sets the query that will be used to retrieve the identity of a newly created row in the acl_class
table.
| |||||||||||
Sets the query that will be used to retrieve the identity of a newly created row in the acl_sid
table.
| |||||||||||
This implementation will simply delete all ACEs in the database and recreate them on each invocation of
this method.
|
Protected Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Creates a new row in acl_entry for every ACE defined in the passed MutableAcl object.
| |||||||||||
Creates an entry in the acl_object_identity table for the passed ObjectIdentity.
| |||||||||||
Retrieves the primary key from
acl_class , creating a new row if needed and the
allowCreate property is true . | |||||||||||
Retrieves the primary key from acl_sid, creating a new row if needed and the allowCreate property is
true.
| |||||||||||
Deletes all ACEs defined in the acl_entry table belonging to the presented ObjectIdentity primary key.
| |||||||||||
Deletes a single row from acl_object_identity that is associated with the presented ObjectIdentity primary key.
| |||||||||||
Retrieves the primary key from the acl_object_identity table for the passed ObjectIdentity.
| |||||||||||
Updates an existing acl_object_identity row, with new information presented in the passed MutableAcl
object.
|
[Expand]
Inherited Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
org.springframework.security.acls.jdbc.JdbcAclService
| |||||||||||
From class
java.lang.Object
| |||||||||||
From interface
org.springframework.security.acls.model.AclService
| |||||||||||
From interface
org.springframework.security.acls.model.MutableAclService
|
Creates an empty Acl
object in the database. It will have no entries. The returned object
will then be used to add entries.
objectIdentity | the object identity to create |
---|
AlreadyExistsException |
---|
Removes the specified entry from the database.
objectIdentity | the object identity to remove |
---|---|
deleteChildren | whether to cascade the delete to children |
ChildrenExistException |
---|
Sets the query that will be used to retrieve the identity of a newly created row in the acl_class table.
classIdentityQuery | the query, which should return the identifier. Defaults to call identity() |
---|
foreignKeysInDatabase | if false this class will perform additional FK constrain checking, which may cause deadlocks (the default is true, so deadlocks are avoided but the database is expected to enforce FKs) |
---|
Sets the query that will be used to retrieve the identity of a newly created row in the acl_sid table.
sidIdentityQuery | the query, which should return the identifier. Defaults to call identity() |
---|
This implementation will simply delete all ACEs in the database and recreate them on each invocation of
this method. A more comprehensive implementation might use dirty state checking, or more likely use ORM
capabilities for create, update and delete operations of MutableAcl
.
acl | to modify |
---|
NotFoundException |
---|
Creates a new row in acl_entry for every ACE defined in the passed MutableAcl object.
acl | containing the ACEs to insert |
---|
Creates an entry in the acl_object_identity table for the passed ObjectIdentity. The Sid is also necessary, as acl_object_identity has defined the sid column as non-null.
object | to represent an acl_object_identity for |
---|---|
owner | for the SID column (will be created if there is no acl_sid entry for this particular Sid already) |
Retrieves the primary key from acl_class
, creating a new row if needed and the
allowCreate
property is true
.
type | to find or create an entry for (often the fully-qualified class name) |
---|---|
allowCreate | true if creation is permitted if not found |
Retrieves the primary key from acl_sid, creating a new row if needed and the allowCreate property is true.
sid | to find or create |
---|---|
allowCreate | true if creation is permitted if not found |
IllegalArgumentException | if the Sid is not a recognized implementation. |
---|
Deletes all ACEs defined in the acl_entry table belonging to the presented ObjectIdentity primary key.
oidPrimaryKey | the rows in acl_entry to delete |
---|
Deletes a single row from acl_object_identity that is associated with the presented ObjectIdentity primary key.
We do not delete any entries from acl_class, even if no classes are using that class any longer. This is a deadlock avoidance approach.
oidPrimaryKey | to delete the acl_object_identity |
---|
Retrieves the primary key from the acl_object_identity table for the passed ObjectIdentity. Unlike some
other methods in this implementation, this method will NOT create a row (use createObjectIdentity(ObjectIdentity, Sid)
instead).
oid | to find |
---|
Updates an existing acl_object_identity row, with new information presented in the passed MutableAcl object. Also will create an acl_sid entry if needed for the Sid that owns the MutableAcl.
acl | to modify (a row must already exist in acl_object_identity) |
---|
NotFoundException | if the ACL could not be found to update. |
---|