pac4j allows you to validate username/password and create, update and delete users on a CouchDB database.

1) Dependency

You need to use the following module:pac4j-couch.

Example (Maven dependency):

<dependency><groupId>org.pac4j</groupId><artifactId>pac4j-couch</artifactId><version>${pac4j.version}</version></dependency>

2)CouchProfileService

TheCouchProfileService allows you to:

• validate a username/password on a CouchDB database (it can be defined as theAuthenticator for HTTP clients which deal withUsernamePasswordCredentials)
• create, update or delete a user in the CouchDB database.

It works with aCouchProfile.

It is built from aorg.ektorp.CouchDbConnector.

Example:

HttpClienthttpClient=newStdHttpClient.Builder().url(couchDbUrl).build();CouchDbInstancedbInstance=newStdCouchDbInstance(httpClient);CouchDbConnectorcouchDbConnector=dbInstance.createConnector("users",true);CouchProfileServicecouchProfileService=newCouchProfileService(couchDbConnector);

The choice of the database name is irrelevant toCouchProfileService. The database containing the users must contain the following design document:

{"_id":"_design/pac4j","language":"javascript","views":{"by_username":{"map":"function(doc) {if (doc.username) emit(doc.username, doc);}"},"by_linkedid":{"map":"function(doc) {if (doc.linkedid) emit(doc.linkedid, doc);}"}}}

Theid,username andpassword attribute names can be changed using thesetIdAttribute,setUsernameAttribute andsetPasswordAttribute methods. By default, theid attribute is CouchDB’s_id attribute. If you change theusername orlinkedid attribute, please change the design document accordingly. You can also get/set the ObjectMapper used to serialize the JSON data from CouchDB withgetObjectMapper() andsetObjectMapper(), the default one is simplynew ObjectMapper().

The attributes of the user profile can be managed in the CouchDB collection in two ways:

• either each attribute is explicitly saved in a specific attribute and all these attributes are defined as a list of names separated by commas via thesetAttributes method (it’s the legacy mode existing since version 1.9)
• or the whole user profile is serialized and saved in theserializedprofile attribute.

ThisCouchProfileService supports the use of a specificPasswordEncoder to encode the passwords in the CouchDB database.