Fork me on GitHub

Relational database (v1.9)

pac4j allows you to validate username / password on a SQL database.

1) Dependency

You need to use the following module: pac4j-sql.

Example (Maven dependency):


2) DbAuthenticator

The DbAuthenticator validates username / password on a relational database. It is built from a javax.sql.DataSource.

It can be defined for HTTP clients which deal with UsernamePasswordCredentials.

After a successful credentials validation, it “returns” a DbProfile.


DataSource dataSource = JdbcConnectionPool.create("jdbc:h2:mem:test", dbuser, dbpwd);
DbAuthenticator authenticator = new DbAuthenticator(dataSource);

The users table in the database must be created with the following script (for Oracle):

  username varchar(255),
  password varchar(255)

To define attributes for the user profile, the appropriate columns must be added to the table (like first_name and last_name) and the DbAuthenticator must be configured accordingly with the setAttributes(String attributes) method (like authenticator.setAttributes("firt_name,last_name");).

In fact, you can even adapt to a new / existing structure for the users table by changing the query which is performed on the database, using the setStartQuery and setEndQuery methods.

The query is built as: startQuery + "," + attributes + endQuery and by default, startQuery is “select username, password” and endQuery is “ from users where username = username;”.

This DbAuthenticator supports the use of a specific PasswordEncoder.