Custom Database Integration Guide
Introduction
This document provides instructions for integrating Openfire authentication, users, and groups with your custom database tables. This is useful when your users already have accounts in an external system and you do not wish to duplicate those accounts in Openfire. If your user information is available via an LDAP directory rather than custom database tables, see the LDAP guide.
Simple integration with a custom database lets users authenticate using their existing username and password. Optionally, you can configure Openfire to load user profile and group information from your custom database. Any group in Openfire can be designated as a shared group, which means that you can pre-populate user's rosters using groups.
Background
The integration requires that you enter customized database queries to access your database. You'll need to be familiar with your database table structure and simple SQL. Your custom database can be a different database on a different server from the Openfire database -- you'll enter database connection information as part of the configuration.
Configuration
In order to configure your server to integrate with your custom database tables:
- Stop Openfire.
- Edit conf/openfire.xml in your Openfire installation folder as described below using your favorite editor.
- Restart Openfire.
Database Connection Settings
You must specify the connection string for your database as well as the JDBC driver.
- jdbcProvider.driver -- the class name of the JDBC driver used to connect to your custom database. The driver must also be in the Openfire classpath (for example, by placing it into the "lib/" directory of your Openfire installation. See the database guide for common driver names for major databases.
- jdbcProvider.connectionString -- the full connection string for the database. Please consult your database driver documentation for syntax. Warning: it's common for connection string to contain "&" characters. That character has special meaning in XML, so you should escape it using "&".
Below is a sample config file section (note: the "..." sections in the examples indicate areas where the rest of the config file would exist):
<jive>
...
<jdbcProvider>
<driver>com.mysql.jdbc.Driver</driver>
<connectionString>jdbc:mysql://localhost/dbname?user=username&password=secret</connectionString>
</jdbcProvider>
...
</jive>
Authentication Integration
The simplest possible integration with a custom external database is authentication integration. Use the following settings to enable authentication integration.
- provider.auth.className -- set the value to org.jivesoftware.openfire.auth.JDBCAuthProvider.
- jdbcAuthProvider.passwordSQL -- the SQL String to select a user's password. The SQL statement should contain a single "?" character, which will be dynamically replaced with a username when being executed.
- jdbcAuthProvider.passwordType -- the type of the password. Valid values are
- "plain" (the password is stored as plain text)
- "md5" (the password is stored as a hex-encoded MD5 hash)
- "sha1" (the password is stored as a hex-encoded SHA-1 hash)
- "sha256" (the password is stored as a hex-encoded SHA-256 hash)
- "sha512" (the password is stored as a hex-encoded SHA-512 hash)
If this value is not set, the password type is assumed to be plain.
Below is a sample config file section:
<jive>
...
<provider>
<auth>
<className>org.jivesoftware.openfire.auth.JDBCAuthProvider</className>
</auth>
</provider>
<jdbcAuthProvider>
<passwordSQL>SELECT password FROM user_account WHERE username=?</passwordSQL>
<passwordType>plain</passwordType>
</jdbcAuthProvider>
...
</jive>
You'll most likely want to change which usernames are authorized to login to the admin console. By default, only the user with username "admin" is allowed to login. However, you may have different users in your LDAP directory that you'd like to be administrators. The list of authorized usernames is controlled via the admin.authorizedUsernames property. For example, to let the usersnames "joe" and "jane" login to the admin console:
<jive>
...
<admin>
...
<authorizedUsernames>joe, jane</authorizedUsernames>
</admin> ...
</jive>
User Integration
Optionally, Openfire can load user data from your custom database. If you enable user integration you must also enable authentication integration (see above). Use the following settings to enable user integration.
- provider.user.className -- set the value to org.jivesoftware.openfire.user.JDBCUserProvider.
- jdbcUserProvider.loadUserSQL -- the SQL statement to load the name and email address of a user (in that order) given a username. The SQL statement should contain a single "?" character, which will be dynamically replaced with a username when being executed.
- jdbcUserProvider.userCountSQL -- the SQL statement to load the total number of users in the database.
- jdbcUserProvider.allUsersSQL -- the SQL statement to load all usernames in the database.
- jdbcUserProvider.searchSQL -- the SQL statement fragment used to search your database for users. the statement should end with "WHERE" -- the username, name, and email fields will then be dynamically appended to the statement depending on the search. If this value is not set, searching will not be enabled.
- usernameField -- the name of the username database field, which will be used for searches.
- nameField -- the name of the name database field, which will be used for searches.
- emailField -- the name of the email database field, which will be used for searches.
Below is a sample config file section. Note that the single provider section must include all providers that should be configured:
<jive>
...
<provider>
<auth>
<className>org.jivesoftware.openfire.auth.JDBCAuthProvider</className>
</auth>
<user>
<className>org.jivesoftware.openfire.user.JDBCUserProvider</className>
</user>
</provider>
<jdbcAuthProvider>
<passwordSQL>SELECT password FROM user_account WHERE username=?</passwordSQL>
<passwordType>plain</passwordType>
</jdbcAuthProvider>
<jdbcUserProvider>
<loadUserSQL>SELECT name,email FROM myUser WHERE username=?</loadUserSQL>
<userCountSQL>SELECT COUNT(*) FROM myUser</userCountSQL>
<allUsersSQL>SELECT username FROM myUser</allUsersSQL>
<searchSQL>SELECT username FROM myUser WHERE</searchSQL>
<usernameField>username</usernameField>
<nameField>name</nameField>
<emailField>email</emailField>
</jdbcUserProvider>
...
</jive>
Group Integration
Openfire can load group data from your custom database. If you enable group integration you must also enable authentication integration; you'll also likely want to enable user integration (see above). Use the following settings to enable group integration.
- provider.group.className -- set the value to org.jivesoftware.openfire.group.JDBCGroupProvider.
- jdbcGroupProvider.groupCountSQL -- the SQL statement to load the total number of groups in the database.
- jdbcGroupProvider.allGroupsSQL -- the SQL statement to load all groups in the database.
- jdbcGroupProvider.userGroupsSQL -- the SQL statement to load all groups for a particular user. The SQL statement should contain a single "?" character, which will be dynamically replaced with a username when being executed.
- jdbcGroupProvider.descriptionSQL -- the SQL statement to load the description of a group. The SQL statement should contain a single "?" character, which will be dynamically replaced with a group name when being executed.
- jdbcGroupProvider.loadMembersSQL -- the SQL statement to load all members in a group. The SQL statement should contain a single "?" character, which will be dynamically replaced with a group name when being executed.
- jdbcGroupProvider.loadAdminsSQL -- the SQL statement to load all administrators in a group. The SQL statement should contain a single "?" character, which will be dynamically replaced with a group name when being executed.
Below is a sample config file section. Note that the single provider section must include all providers that should be configured:
<jive>
...
<provider>
<auth>
<className>org.jivesoftware.openfire.auth.JDBCAuthProvider</className>
</auth>
<user>
<className>org.jivesoftware.openfire.user.JDBCUserProvider</className>
</user>
<group>
<className>org.jivesoftware.openfire.group.JDBCGroupProvider</className>
</group>
</provider>
<jdbcAuthProvider>
<passwordSQL>SELECT password FROM user_account WHERE username=?</passwordSQL>
<passwordType>plain</passwordType>
</jdbcAuthProvider>
<jdbcUserProvider>
<loadUserSQL>SELECT name,email FROM myUser WHERE username=?</loadUserSQL>
<userCountSQL>SELECT COUNT(*) FROM myUser</userCountSQL>
<allUsersSQL>SELECT username FROM myUser</allUsersSQL>
<searchSQL>SELECT username FROM myUser WHERE</searchSQL>
<usernameField>username</usernameField>
<nameField>name</nameField>
<emailField>email</emailField>
</jdbcUserProvider>
<jdbcGroupProvider>
<groupCountSQL>SELECT count(*) FROM myGroups</groupCountSQL>
<allGroupsSQL>SELECT groupName FROM myGroups</allGroupsSQL>
<userGroupsSQL>SELECT groupName FROM myGroupUsers WHERE username=?</userGroupsSQL>
<descriptionSQL>SELECT groupDescription FROM myGroups WHERE groupName=?</descriptionSQL>
<loadMembersSQL>SELECT username FROM myGroupUsers WHERE groupName=? AND isAdmin='N'</loadMembersSQL>
<loadAdminsSQL>SELECT username FROM myGroupUsers WHERE groupName=? AND isAdmin='Y'</loadAdminsSQL>
</jdbcGroupProvider>
...
</jive>
Custom Database Integration Guide的更多相关文章
- openfire当中的Custom Database Integration Guide的配置
openfire官网配置的链接为:Custom Database Integration Guide 按照上面的步骤一步步配置在xml当中,发现始终不起作用,最后在stackoverflow找到的链接 ...
- openfire 使用已有的数据库作为用户认证数据库 Custom Database Integration Guide
http://download.igniterealtime.org/openfire/docs/latest/documentation/db-integration-guide.html Intr ...
- Structured Streaming + Kafka Integration Guide 结构化流+Kafka集成指南 (Kafka broker version 0.10.0 or higher)
用于Kafka 0.10的结构化流集成从Kafka读取数据并将数据写入到Kafka. 1. Linking 对于使用SBT/Maven项目定义的Scala/Java应用程序,用以下工件artifact ...
- Integration Guide
This document, along with the samples and Javadoc™ in the IBM Sametime Software Development Kit (SDK ...
- Spark Streaming + Kafka Integration Guide原文翻译及解析
前面写了关于kafka和spark streaming的结合使用(https://www.cnblogs.com/qfxydtk/p/11662591.html),其具体使用用法其实来自于原文:htt ...
- [转]Using NLog for ASP.NET Core to write custom information to the database
本文转自:https://github.com/NLog/NLog/issues/1366 In the previous versions of NLog it was easily possibl ...
- 《Continuous Integration》读书笔记
Trigger a Build whenever a change occurs. it can help us reduce assumptions on a projecvt by rebuild ...
- Structured Streaming编程 Programming Guide
Structured Streaming编程 Programming Guide Overview Quick Example Programming Model Basic Concepts Han ...
- Database name和SID
http://docs.oracle.com/cd/B19306_01/install.102/b15667/rev_precon_db.htm#i1027493 The Oracle Databas ...
随机推荐
- Interleaving String——是否由两个string交叉、DP
Given s1, s2, s3, find whether s3 is formed by the interleaving of s1 and s2. For example,Given:s1 = ...
- DevOps企业实践与架构
原文地址:http://www.sohu.com/a/112351816_355140 什么是DevOps及其误区 DevOps概念从2009年提出已有8个年头.可是在8年前的那个时候,为什么DevO ...
- 1.1 合用weightSum属性和layout_weight属性
<打造高质量Android应用:Android开发必知的50个诀窍>第1章活用布局,本章将介绍Android布局相关的一些窍门和建议.通过本章,读者不仅可以学习如何从零开始创建特定类型的布 ...
- PHP的对象和引用
PHP 的引用是别名,就是两个不同的变量名字指向相同的内容.在 PHP 5,一个对象变量已经不再保存整个对象的值.只是保存一个标识符来访问真正的对象内容. 当对象作为参数传递,作为结果返回,或者赋值给 ...
- 优秀JS学习站点
第一个:电子书类集合站点:http://www.javascriptcn.com/thread-2.html 第二类:移动端博客学习: https://segmentfault.com/a/11900 ...
- 30天自制操作系统(二)汇编语言学习与Makefile入门
1 介绍文本编辑器 这部分可直接略过 2 继续开发 helloos.nas中核心程序之前的内容和启动区以外的内容先不讲了,因为还涉及到一些软盘方面的知识. 然后来讲的是helloos.nas这个文件 ...
- gitlab多人协同工作
gitlab多人协同工作 本文为亨利向<Git权威指南>的作者蒋鑫老师的答疑邮件写成. 这里特别感谢蒋鑫老师对我询问gitlab的协同工作流程问题的详细解答. 蒋鑫老师的细致专业的解答让我 ...
- smokeping插件使用及说明
smokeping七大组件:general(普通设置) .alerts(警报设置).Datebase(数据库参数).presentation(网络自定义).slaves(从smokeping定义).t ...
- 15 nginx反向代理实现nginx+apache动静分离
一:nginx反向代理实现nginx+apache动静分离-------------概念--------------------------- nginx反向代理服务器+负载均衡 用nginx做反向代 ...
- sql查询的日期判断问题
在SQLSERVE中,如果某个数据表的类型被定义成datetime类型,那么数据是包含秒的.这时候如何查询某天的数据呢?新手们可能想:最直接的做法是把时间部分去掉,只取日期部分.于是日期的函数就用上了 ...