Options
All
  • Public
  • Public/Protected
  • All
Menu

Class JDBCAuth

Factory interface for creating {@link AuthenticationProvider} instances that use the Vert.x JDBC client.

By default the hashing strategy is SHA-512. If you're already running in production this is backwards compatible, however for new deployments or security upgrades it is recommended to use the PBKDF2 strategy as it is the current OWASP recommendation for password storage.

Hierarchy

  • any
    • JDBCAuth

Index

Properties

Methods

Properties

Static Readonly DEFAULT_AUTHENTICATE_QUERY

DEFAULT_AUTHENTICATE_QUERY: string

The default query to be used for authentication

Static Readonly DEFAULT_PERMISSIONS_QUERY

DEFAULT_PERMISSIONS_QUERY: string

The default query to retrieve all permissions for the role

Static Readonly DEFAULT_ROLES_QUERY

DEFAULT_ROLES_QUERY: string

The default query to retrieve all roles for the user

Static Readonly DEFAULT_ROLE_PREFIX

DEFAULT_ROLE_PREFIX: string

The default role prefix

Methods

computeHash

  • computeHash(password: string, salt: string): string
  • computeHash(password: string, salt: string, version: number): string

  • Compute the hashed password given the unhashed password and the salt without nonce

    The implementation relays to the JDBCHashStrategy provided.

    Parameters

    • password: string
    • salt: string

    Returns string

  • Compute the hashed password given the unhashed password and the salt

    The implementation relays to the JDBCHashStrategy provided.

    Parameters

    • password: string
    • salt: string
    • version: number

    Returns string

generateSalt

  • generateSalt(): string

  • Compute a salt string.

    The implementation relays to the JDBCHashStrategy provided.

    Returns string

setAuthenticationQuery

  • setAuthenticationQuery(authenticationQuery: string): JDBCAuth

  • Set the authentication query to use. Use this if you want to override the default authentication query.

    Parameters

    • authenticationQuery: string

    Returns JDBCAuth

setNonces

  • Provide a application configuration level on hash nonce's as a ordered list of nonces where each position corresponds to a version.

    The nonces are supposed not to be stored in the underlying jdbc storage but to be provided as a application configuration. The idea is to add one extra variable to the hash function in order to make breaking the passwords using rainbow tables or precomputed hashes harder. Leaving the attacker only with the brute force approach.

    The implementation relays to the JDBCHashStrategy provided.

    Parameters

    • nonces: any[]

    Returns JDBCAuth

setPermissionsQuery

  • setPermissionsQuery(permissionsQuery: string): JDBCAuth

  • Set the permissions query to use. Use this if you want to override the default permissions query.

    Parameters

    • permissionsQuery: string

    Returns JDBCAuth

setRolePrefix

  • setRolePrefix(rolePrefix: string): JDBCAuth

  • Set the role prefix to distinguish from permissions when checking for isPermitted requests.

    Parameters

    • rolePrefix: string

    Returns JDBCAuth

setRolesQuery

  • setRolesQuery(rolesQuery: string): JDBCAuth

  • Set the roles query to use. Use this if you want to override the default roles query.

    Parameters

    • rolesQuery: string

    Returns JDBCAuth

Static create

  • create(vertx: Vertx, client: JDBCClient): JDBCAuth

  • Create a JDBC auth provider implementation

    Parameters

    • vertx: Vertx
    • client: JDBCClient

    Returns JDBCAuth

Generated using TypeDoc