jGuard and ORM (Hibernate)

jGuard and ORM (Hibernate)

Overview

since several years, the use of Object-Relational Mapping frameworks is growing. one of the more popular one is Hibernate. ORMs framework provides many useful features. they act as a layer between the object world, and the Database world. the facade of the Database world is the JDBC Driver.

Jguard cannot use hibernate for its purpose, because jGuard persists some JDK security classes which does not fullfills Hibernate requirements (empty constructor is one of them).

so, jGuard use the 'classical' way to persist its objects, with direct access to database through JDBC Driver or JNDI Datasource. but you can use jGuard transparently with any ORM including Hibernate!

Using jGuard with Hibernate transparently

Hibernate and jGuard create connections with Driver parameters, or Datasource grabbed by JNDI. so, they can act on the same database, to manipulate related informations. but how to communicate each others?

the common scope of Hibernate and jGuard is the object scope: informations persisted by Hibernate and informations persisted by jGuard should communicate only at the object scope, and not on the SQL scope.

jGuard manage users, principals/roles,domains, permissions, which are linked each others. these objects are very "isolated" in a functional way. so, the most common class which will linked to others classes(object navigation), is the user class.

remind that CRUD operations on users, roles, permissions are dedicated to AuthenticationManager and AuthorizationManager implementations.

example

if your webapp persists through Hibernate a class called Enterprise, which contains some users(persisted by jGuard) contained in a Collection, you want to navigate from Enterprise class to users. the Enterprise Class contains getter for these users. this class is mapped with Hibernate through an Enterprise.hbm.xml, which contains fields persisted by Hibernate:

don't declare the users field in this configuration file. you will have only to implement the getUsers method like this:

public Collection getUsers()  throws AuthenticationManagerException{
return  AuthenticationManagerFactory.getAuthenticationManager().getUsers();
}