src/java/de/uapcore/lightpit/DatabaseFacade.java

Sat, 30 Dec 2017 20:35:23 +0100

author
Mike Becker <universe@uap-core.de>
date
Sat, 30 Dec 2017 20:35:23 +0100
changeset 16
4e0998805276
child 19
1a0ac419f714
permissions
-rw-r--r--

adds DatabaseFacade

16
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
1 /*
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
2 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
3 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
4 * Copyright 2017 Mike Becker. All rights reserved.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
5 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
6 * Redistribution and use in source and binary forms, with or without
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
7 * modification, are permitted provided that the following conditions are met:
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
8 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
9 * 1. Redistributions of source code must retain the above copyright
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
10 * notice, this list of conditions and the following disclaimer.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
11 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
12 * 2. Redistributions in binary form must reproduce the above copyright
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
13 * notice, this list of conditions and the following disclaimer in the
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
14 * documentation and/or other materials provided with the distribution.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
15 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
26 * POSSIBILITY OF SUCH DAMAGE.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
27 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
28 */
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
29 package de.uapcore.lightpit;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
30
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
31 import java.sql.Connection;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
32 import java.sql.DatabaseMetaData;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
33 import java.sql.SQLException;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
34 import java.util.Optional;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
35 import javax.naming.Context;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
36 import javax.naming.InitialContext;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
37 import javax.naming.NamingException;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
38 import javax.servlet.ServletContext;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
39 import javax.servlet.ServletContextEvent;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
40 import javax.servlet.ServletContextListener;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
41 import javax.servlet.annotation.WebListener;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
42 import javax.sql.DataSource;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
43 import org.slf4j.Logger;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
44 import org.slf4j.LoggerFactory;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
45
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
46 /**
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
47 * Provides access to different privilege layers within the database.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
48 */
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
49 @WebListener
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
50 public final class DatabaseFacade implements ServletContextListener {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
51
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
52 private static final Logger LOG = LoggerFactory.getLogger(DatabaseFacade.class);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
53
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
54 /**
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
55 * Timeout in seconds for the validation test.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
56 */
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
57 private static final int DB_TEST_TIMEOUT = 10;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
58
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
59 /**
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
60 * The default schema to test against when validating the connection.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
61 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
62 * May be overridden by context parameter.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
63 */
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
64 private static final String DB_DEFAULT_SCHEMA = "lightpit";
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
65
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
66 /**
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
67 * The attribute name in the servlet context under which an instance of this class can be found.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
68 */
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
69 public static final String SC_ATTR_NAME = DatabaseFacade.class.getName();
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
70 private ServletContext sc;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
71
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
72 private static final String PRIVILEGED_DS_JNDI_NAME = "jdbc/lightpit/dbo";
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
73 private Optional<DataSource> privilegedDataSource;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
74
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
75 private static final String UNPRIVILEGED_DS_JNDI_NAME = "jdbc/lightpit/app";
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
76 private Optional<DataSource> unprivilegedDataSource;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
77
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
78
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
79 /**
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
80 * Returns an optional privileged data source.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
81 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
82 * Privileged data sources should be able to execute any kind of DDL
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
83 * statements to perform installation or configuration steps.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
84 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
85 * This optional should always be empty in live operation. Modules which
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
86 * provide installation or configuration steps MUST check the presence of
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
87 * a privileged data source and SHOULD display an informative message if
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
88 * it is currently disabled.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
89 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
90 * @return an optional privileged data source
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
91 */
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
92 public Optional<DataSource> getPrivilegedDataSource() {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
93 return privilegedDataSource;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
94 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
95
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
96 /**
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
97 * Returns an optional unprivileged data source.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
98 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
99 * The Optional returned should never be empty. However, if something goes
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
100 * wrong during initialization, the data source might be absent.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
101 * Hence, users of this data source are forced to check the existence.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
102 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
103 * @return an optional unprivileged data source
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
104 */
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
105 public Optional<DataSource> getUnprivilegedDataSource() {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
106 return unprivilegedDataSource;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
107 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
108
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
109 /**
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
110 * Returns the JNDI resource name of the privileged data source.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
111 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
112 * Modules may use this information to provide useful information to the user.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
113 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
114 * @return the JNDI resource name of the privileged data source
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
115 */
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
116 public String getPrivilegedDataSourceJNDIName() {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
117 return PRIVILEGED_DS_JNDI_NAME;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
118 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
119
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
120 /**
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
121 * Returns the JNDI resource name of the unprivileged data source.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
122 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
123 * Modules may use this information to provide useful information to the user.
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
124 *
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
125 * @return the JNDI resource name of the unprivileged data source
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
126 */
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
127 public String getUnprivilegedDataSourceJNDIName() {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
128 return UNPRIVILEGED_DS_JNDI_NAME;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
129 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
130
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
131 private static void checkConnection(DataSource ds, String testSchema, String errMsg) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
132 try (Connection conn = ds.getConnection()) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
133 if (!conn.isValid(DB_TEST_TIMEOUT)) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
134 throw new SQLException("Validation check failed.");
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
135 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
136 if (conn.isReadOnly()) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
137 throw new SQLException("Connection is read-only and thus unusable.");
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
138 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
139 if (!conn.getSchema().equals(testSchema)) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
140 throw new SQLException(String.format("Connection is not configured to use the schema %s.", testSchema));
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
141 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
142 DatabaseMetaData metaData = conn.getMetaData();
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
143 LOG.info("Connections as {} to {}/{} ready to go.", metaData.getUserName(), metaData.getURL(), conn.getSchema());
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
144 } catch (SQLException ex) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
145 LOG.error(errMsg, ex);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
146 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
147 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
148
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
149 private static Optional<DataSource> retrievePrivilegedDataSource(Context ctx) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
150 DataSource ret = null;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
151 try {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
152 ret = (DataSource)ctx.lookup(PRIVILEGED_DS_JNDI_NAME);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
153 LOG.info("Privileged data source {} retrieved from context.", PRIVILEGED_DS_JNDI_NAME);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
154 LOG.warn("Your application may be vulnerable due to privileged database access. Make sure that privileged data sources are only available during installation or configuration.");
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
155 } catch (NamingException ex) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
156 LOG.info("Privileged data source not available. This is perfectly OK. Activate only, if you need to do installation or configuration.");
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
157 /* in case the absence of the DataSource is not intended, log something more useful on debug level */
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
158 LOG.debug("Reason for the missing data source: ", ex);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
159 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
160 return Optional.ofNullable(ret);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
161 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
162
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
163 private static Optional<DataSource> retrieveUnprivilegedDataSource(Context ctx) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
164 DataSource ret = null;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
165 try {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
166 ret = (DataSource)ctx.lookup(UNPRIVILEGED_DS_JNDI_NAME);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
167 LOG.info("Unprivileged data source retrieved.");
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
168 } catch (NamingException ex) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
169 LOG.error("Unprivileged data source {} not available.", UNPRIVILEGED_DS_JNDI_NAME);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
170 /* for the unprivileged DataSource log the exception on error level (ordinary admins could find this useful) */
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
171 LOG.error("Reason for the missing data source: ", ex);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
172 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
173 return Optional.ofNullable(ret);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
174 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
175
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
176 @Override
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
177 public void contextInitialized(ServletContextEvent sce) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
178 sc = sce.getServletContext();
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
179
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
180 privilegedDataSource = unprivilegedDataSource = null;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
181
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
182 final String contextName = Optional
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
183 .ofNullable(sc.getInitParameter(Constants.CTX_ATTR_JNDI_CONTEXT))
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
184 .orElse("java:comp/env");
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
185 final String dbSchema = Optional
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
186 .ofNullable(sc.getInitParameter(Constants.CTX_ATTR_DB_SCHEMA))
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
187 .orElse(DB_DEFAULT_SCHEMA);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
188
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
189 try {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
190 LOG.debug("Trying to access JNDI context {}...", contextName);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
191 Context initialCtx = new InitialContext();
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
192 Context ctx = (Context) initialCtx.lookup(contextName);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
193
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
194 privilegedDataSource = retrievePrivilegedDataSource(ctx);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
195 unprivilegedDataSource = retrieveUnprivilegedDataSource(ctx);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
196
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
197 privilegedDataSource.ifPresent((ds) -> checkConnection(ds, dbSchema, "Checking privileged connection failed"));
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
198 unprivilegedDataSource.ifPresent((ds) -> checkConnection(ds, dbSchema, "Checking unprivileged connection failed"));
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
199 } catch (NamingException | ClassCastException ex) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
200 LOG.error("Cannot access JNDI resources.", ex);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
201 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
202
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
203 sc.setAttribute(SC_ATTR_NAME, this);
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
204 LOG.info("Database facade injected into ServletContext.");
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
205 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
206
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
207 @Override
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
208 public void contextDestroyed(ServletContextEvent sce) {
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
209 privilegedDataSource = unprivilegedDataSource = null;
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
210 }
4e0998805276 adds DatabaseFacade
Mike Becker <universe@uap-core.de>
parents:
diff changeset
211 }

mercurial