If you’d like to use Continual’s IAM framework in a system that does not use Continual’s Assembly framework for component setup, you can instantiate IAM components directly in your code.
Example Code
The following code shows how you might take a username and password and authenticate the user via the IAM database interface. This example uses our AWS S3 backing store.
package io.continual.iam.examples ;
import org.json.JSONObject ;
import io.continual.builder.Builder.BuildFailure ;
import io.continual.iam.IamDb ;
import io.continual.iam.credentials.UsernamePasswordCredential ;
import io.continual.iam.exceptions.IamSvcException ;
import io.continual.iam.identity.Identity ;
import io.continual.iam.impl.s3.S3IamDb ;
* An example of using IAM components outside of the Continual Assembly framework.
public class NonAssemblyIamUse
* entry point that expects a username and password
public static void main ( String [] args )
// get the credentials as authentication input
System . err . println ( " usage: <username> <password> " ) ;
final String username = args[ 0 ];
final String password = args[ 1 ];
// setup our IAM database (normally done once per process at startup, not per request!)
final IamDb < ? , ? > db = useS3Db () ;
// run our authentication call
final Identity user = db . authenticate ( new UsernamePasswordCredential ( username, password ) ) ;
System . out . println ( " Authenticated " + username ) ;
System . err . println ( " Could not authenticate " + username ) ;
catch ( BuildFailure | IamSvcException x )
System . err . println ( x . getMessage () ) ;
// connect to an S3 IAM DB implementation
private static S3IamDb useS3Db () throws IamSvcException , BuildFailure
// we need some info from the environment
final String awsAccessKey = System . getenv ( " AWS_IAM_ACCESS_KEY " ) ;
final String awsSecretKey = System . getenv ( " AWS_IAM_ACCESS_SECRET " ) ;
final String bucketName = System . getenv ( " AWS_IAM_BUCKET " ) ;
String pathPrefix = System . getenv ( " AWS_IAM_PATHPREFIX " ) ;
if ( pathPrefix != null && pathPrefix . length () == 0 ) pathPrefix = null ;
return new S3IamDb. Builder ()
. withAccessKey ( awsAccessKey )
. withSecretKey ( awsSecretKey )
. withBucket ( bucketName )
. withPathPrefix ( pathPrefix )
Multisource Database
In an environment that uses a combination of identity databases (e.g. interactive users as well as interprocess “service account” users), you can wrap one or more IAM database instances inside a MultiSourceDb
instance.
The example above can be adjusted to do this:
Additional Imports
import io.continual.iam.impl.MultiSourceDb ;
import io.continual.iam.impl.auth0.Auth0IamDb ;
Use a Multisource DB
// setup our IAM database (normally done once per process at startup, not per request!)
final IamDb < ? , ? > db = useMultiSrcDb () ;
Build Instantiation Methods
Note that some of the non-Assembly instantiation calls on the MultiSourceDb
class are very new and may not in the open-source distribution yet.
// connect to an Auth0 IAM DB implementation
private static Auth0IamDb useAuth0Db () throws IamSvcException, BuildFailure
return Auth0IamDb . fromJson ( new JSONObject ()
. put ( " domain " , System . getenv ( " AUTH0_DOMAIN " ) )
. put ( " clientId " , System . getenv ( " AUTH0_CLIENTID " ) )
. put ( " clientSecret " , System . getenv ( " AUTH0_CLIENTSECRET " ) )
// Connect to a "multisrc-db" implementation. Here we're suppressing the raw type
// related warnings because the two databases use different internal identity classes.
// Our client code uses the top-level interfaces only.
@ SuppressWarnings ({ " rawtypes " , " unchecked " })
private static IamDb<? , ?> useMultiSrcDb () throws IamSvcException, BuildFailure
final MultiSourceDb db = new MultiSourceDb () ;
db . addDatabase ( useAuth0Db () ) ;
db . addDatabase ( useS3Db () ) ;