Facebook Login Servlet Configuration File

back to main?

About

Fb_psnc.xml is a XML configuration file for Facebook Login Servlet. Together with fb_psnc.xsd Schema, provides complex configuration information for FLS.

Attributes

Facebook Login Servlet need to be registered as an application in Facebook. Each of such applications posses unique APP_ID and generated APP_SECRET used for authentication purposes. Both attributes have to be obtained from Facebook and specified in you configuration file.

APP_ID - Application number necessary to authenticate application in Facebook  (App Authentication)

APP_SECRET - Application "password" necessary to authenticate application in Facebook  (App Authentication)

If you don't know how to obtain them see IdpFbRegistration for further datails

FacebookParameters

In this element installer can define which of  Fields from Facebook Graph will be requested. Possible values "name" attribute are defined in fb_pcns.xsd Schema.

Beside "name", each element is described by three more attributes, one obligatory and two optional. "Return" attribute specifies either this specific Facebook Parameter should be returned to a Service Provider as a part of Principal or will it only be used as a part of SQL query.

Number In Statement delimits to which undefined parameter in SQL query should FacebookParameter value be bind.

Example:

<FacebookParameters>

<FbParameter name="email" return="true" numberInStatement="2"/>



...

</FacebookParameters>

...

<DataBaseConfiguration isUsed="true">

...

<Statement>SELECT * FROM users WHERE id=? and name=?</Statement>


...

</DataBaseConfiguration>


will bind current Facebook Parameter as a value of "name" in SQL statement

In Principals generation process FacebookParameters, which has "return" attribute equal true will be returned as first in chain of all attributes. In general some of them may be equal null, because Facebook User is not obligated to fill i.e. political preferences or relationship status. In this case value "null" will be returned to Identity Provider. Beware if one of Facebook Parameters, which is a part of one or both SQL queries, is null value of "null" will be bind into SQL statements. Remember that ID and email will never be null and are reliable parameters. All single-value parameters from  Fields from Facebook Graph are available for you use but stay alert.

Parameters

On a contrary to FacebookParameters this element defines parameters which should be a result of an SQL query.

Beside "name" attribute, each element has also obligatory "default" attribute. It specifies a return value for Parameter in case of no matching result from SQL query. It defines "guest values" for user.

Attributes received from SQL database are fetched into Parameters, defined in IdpConfFile, in order of their appearance both in SQL query and in this xml element, no further validation of column name (from sql result set) and "name" attribute are performed. Co it is crucial for correct processing that Parameters has the same order as attributes in sql query.

Example:

<DataBaseConfiguration isUsed="true">

..

<Statement>SELECT sample1, sample2, email FROM my_table WHERE email=?</Statement>
..

</DataBaseConfiguration>

<Parameters>

<Parameter name="ret_email" default="guest@"/> <Parameter name="ret_sample1" default="guest1"/> <Parameter name="ret_sample2" default="guest2"/>

</Parameters>

<Parameters>

<Parameter name="ret_sample1" default="guest1"/> <Parameter name="ret_sample2" default="guest2"/> <Parameter name="ret_email" default="guest@"/>

</Parameters>

Will result in

ret_email = sample1 (FROM my_table)
ret_sample1 = sample2 (FROM my_table)
ret_sample2 = email (FROM my_table)

ret_sample1 = sample1 (FROM my_table)
ret_sample2 = sample2 (FROM my_table)
ret_email = email (FROM my_table)

And in case of guest-user

ret_email = guest@
ret_sample1 = guest1
ret_sample2 = guest2

ret_sample1 = guest1
ret_sample2 = guest2
ret_email = guest@

BlackListConfiguration

This element contains JDBC class name, database information (database address and name, username, password) for so called "Black List". If SQL query returns even a single row identification fails, and user is redirected to a site also define as sub-element of BlackListConfiguration. FacebookParameters with attribute "numberInBlackListStatement" will be bound into appropriate place of sql query. This whole mechanism can be disabled simply by changing attribute "isUsed" from true to false.

Example:

<BlackListConfiguration? isUsed="true">

..

<Statement>SELECT count( * ) FROM banned_users WHERE email LIKE substr( ? , LOCATE( '@', ? ) +1 )</Statement>
..

</BlackListConfiguration?>


<FacebookParameters?>

<FbParameter? name="email" return="true" numberInStatement="1" numberInBlackListStatement="1"/>
<FbParameter? name="email" return="false" numberInBlackListStatement="2"/>

</FacebookParameters?>

Will enable simple mail domain filtering

DataBaseConfiguration

This element contains JDBC class name, database information (database address and name, username, password) for proper SQL query. FacebookParameters with attribute "numberInStatement" will be bind into appropriate place of SQL query. If result set is empty, FLC returns "default" values of Parameters. This whole mechanism can be disabled simply by changing attribute "isUsed" from true to false.

Section <Driver> is used to define which JDBC databse driver class should FLS use.

MySQL:
<Driver>com.mysql.jdbc.Driver</Driver>

Postgres:
<Driver>org.postgresql.Driver</Driver>

Section <DatabaseName> is used to define database address and name in JDBC convention

MySQL:
<DatabaseName>jdbc:mysql://MY_BASE_ADDRESS/MY_BASE</DatabaseName>

Postgres:
<DatabaseName>jdbc:postgresql://MY_BASE_ADDRESS/MY_BASE</DatabaseName>

Section <Statement> indicates what SQL statement should be used to retrieve infarmation about user, from database. Also indicates places where attributes received from Facebook should be binded

<Statement>SELECT sample1, sample2, sample3 FROM my_table WHERE email=?</Statement>

Section <InsertStatement> specifies SQL statement which should be used to create user account in database, using data received freom Facebook. It is realy important that after execution of <InsertStatement> repeated execution of <Statement> returns user data otherwise the whole process will end up with an error and error page will be displayed

<InsertStatement>INSERT INTO users(surname, email) VALUES (?,?)</InsertStatement>

If you want to use multiple queries (separated with semicolon) inside <statement> don't forget to add "?allowMultiQueries=true" in DatabaseName section

i.e.
jdbc:mysql://localhost:3306/DBS?allowMultiQueries=true

ATTENTION

FLS can be used in even more interesting way. If both [BlackListConfiguration] and [DataBaseConfiguration] have their "isUsed" attribute set to false FLS changes int an IDP which uses Facebook as a database and forwards User Filds from Facebook as attributes to Service Provider. In this case it changes into Facebook Data Connector

Attachments

  • fb_psnc.xsd Download (17.8 KB) - added by jaftowicz 7 years ago. XML Schema for FLS configuration file
  • fb_psnc.xml Download (3.4 KB) - added by jaftowicz 7 years ago. Sample configuration file for FLS