p96170835
/
diboot
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

去除extdata及当前用户支持附加属性

This commit is contained in:
mazhicheng 2020-05-13 20:54:25 +08:00
parent ecc5c90884
commit e3f3a0c674
16 changed files with 94 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
iam-base-starter/src/main/java/com/diboot/iam/auth/IamExtensible.java
View File

@ -26,12 +26,22 @@ import java.util.List;
* @date 2020/01/04
*/
public interface IamExtensible {
/**
* 获取可扩展的角色
* 获取用户扩展对象 (如当前岗位)
* @param userType
* @param userId
* @return
*/
List<IamRole> getExtentionRoles(String userType, Long userId);
Object getUserExtentionObj(String userType, Long userId);
/**
* 获取可扩展的角色
* @param userType
* @param userId
* @param extentionObjId 岗位等当前扩展对象id
* @return
*/
List<IamRole> getExtentionRoles(String userType, Long userId, Long extentionObjId);
}

2
iam-base-starter/src/main/java/com/diboot/iam/dto/SSOCredential.java
View File

@ -20,8 +20,6 @@ import lombok.Getter;
import lombok.Setter;
import lombok.experimental.Accessors;
import javax.validation.constraints.NotNull;
/**
* 登录凭证
* @author mazc@dibo.ltd

4
iam-base-starter/src/main/java/com/diboot/iam/entity/IamAccount.java
View File

@ -17,7 +17,7 @@ package com.diboot.iam.entity;
import com.alibaba.fastjson.annotation.JSONField;
import com.baomidou.mybatisplus.annotation.TableField;
import com.diboot.core.entity.BaseExtEntity;
import com.diboot.core.entity.BaseEntity;
import com.diboot.iam.config.Cons;
import lombok.Getter;
import lombok.Setter;
@ -33,7 +33,7 @@ import javax.validation.constraints.NotNull;
* @date 2019-12-03
*/
@Getter @Setter @Accessors(chain = true)
public class IamAccount extends BaseExtEntity {
public class IamAccount extends BaseEntity {
private static final long serialVersionUID = -6825516429612507644L;
// 用户类型

4
iam-base-starter/src/main/java/com/diboot/iam/entity/IamLoginTrace.java
View File

@ -16,7 +16,7 @@
package com.diboot.iam.entity;
import com.baomidou.mybatisplus.annotation.TableField;
import com.diboot.core.entity.BaseExtEntity;
import com.diboot.core.entity.BaseEntity;
import lombok.Getter;
import lombok.Setter;
import lombok.experimental.Accessors;
@ -31,7 +31,7 @@ import javax.validation.constraints.NotNull;
* @date 2019-12-17
*/
@Getter @Setter @Accessors(chain = true)
public class IamLoginTrace extends BaseExtEntity {
public class IamLoginTrace extends BaseEntity {
private static final long serialVersionUID = -6166037224391478085L;
// 用户类型

9
iam-base-starter/src/main/java/com/diboot/iam/entity/IamUser.java
View File

@ -16,7 +16,7 @@
package com.diboot.iam.entity;
import com.baomidou.mybatisplus.annotation.TableField;
import com.diboot.core.entity.BaseExtEntity;
import com.diboot.core.entity.BaseEntity;
import lombok.Getter;
import lombok.Setter;
import lombok.experimental.Accessors;
@ -31,7 +31,7 @@ import javax.validation.constraints.NotNull;
* @date 2019-12-17
*/
@Getter @Setter @Accessors(chain = true)
public class IamUser extends BaseExtEntity {
public class IamUser extends BaseEntity {
private static final long serialVersionUID = -8462352695775599715L;
// 组织ID
@ -75,4 +75,9 @@ public class IamUser extends BaseExtEntity {
// 头像
@TableField()
private String avatarUrl;
// 附加对象用于岗位等身份切换
@TableField(exist = false)
private Object extentionObj;
}

24
iam-base-starter/src/main/java/com/diboot/iam/jwt/BaseJwtRealm.java
View File

@ -105,6 +105,17 @@ public class BaseJwtRealm extends AuthorizingRealm {
if(userObject == null){
throw new AuthenticationException("用户不存在");
}
if(iamUserRoleService.getIamExtensible() != null){
Object extentionObj = iamUserRoleService.getIamExtensible().getUserExtentionObj(jwtToken.getUserTypeClass().getSimpleName(), account.getUserId());
if(extentionObj != null){
try{
BeanUtils.setProperty(userObject, "extentionObj", extentionObj);
}
catch (Exception e){
log.warn("设置{}.extentionObj异常属性不存在? {}", jwtToken.getUserTypeClass().getSimpleName(), e.getMessage());
}
}
}
// 清空当前用户缓存
this.clearCachedAuthorizationInfo(IamSecurityUtils.getSubject().getPrincipals());
return new SimpleAuthenticationInfo(userObject, jwtToken.getCredentials(), this.getName());
@ -122,7 +133,18 @@ public class BaseJwtRealm extends AuthorizingRealm {
Object currentUser = principals.getPrimaryPrincipal();
// 根据用户类型与用户id获取roleList
Long userId = (Long) BeanUtils.getProperty(currentUser, Cons.FieldName.id.name());
List<IamRole> roleList = iamUserRoleService.getUserRoleList(currentUser.getClass().getSimpleName(), userId);
Long extentionObjId = null;
try{
Object extentionObj = BeanUtils.getProperty(currentUser, "extentionObj");
if(extentionObj != null){
extentionObjId = (Long)BeanUtils.getProperty(extentionObj, Cons.FieldName.id.name());
}
}
catch (Exception e){
log.warn("解析user.extentionObj异常: {}", e.getMessage());
}
// 获取角色列表
List<IamRole> roleList = iamUserRoleService.getUserRoleList(currentUser.getClass().getSimpleName(), userId, extentionObjId);
// 如果没有任何角色返回
if (V.isEmpty(roleList)){
return authorizationInfo;

15
iam-base-starter/src/main/java/com/diboot/iam/service/IamUserRoleService.java
View File

@ -15,6 +15,7 @@
*/
package com.diboot.iam.service;
import com.diboot.iam.auth.IamExtensible;
import com.diboot.iam.entity.IamRole;
import com.diboot.iam.entity.IamUserRole;
@ -36,6 +37,15 @@ public interface IamUserRoleService extends BaseIamService<IamUserRole> {
*/
List<IamRole> getUserRoleList(String userType, Long userId);
/**
* 获取用户所有的全部角色
* @param userType
* @param userId
* @param extentionObjId 岗位等扩展对象id
* @return
*/
List<IamRole> getUserRoleList(String userType, Long userId, Long extentionObjId);
/**
* 批量创建用户-角色的关系
* @param userType
@ -54,4 +64,9 @@ public interface IamUserRoleService extends BaseIamService<IamUserRole> {
*/
boolean updateUserRoleRelations(String userType, Long userId, List<Long> roleIds);
/**
* 获取Iam扩展实现
* @return
*/
IamExtensible getIamExtensible();
}

1
iam-base-starter/src/main/java/com/diboot/iam/service/impl/IamRolePermissionServiceImpl.java
View File

@ -16,7 +16,6 @@
package com.diboot.iam.service.impl;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.diboot.core.util.IGetter;
import com.diboot.core.util.V;
import com.diboot.iam.entity.IamFrontendPermission;
import com.diboot.iam.entity.IamRolePermission;

38
iam-base-starter/src/main/java/com/diboot/iam/service/impl/IamUserRoleServiceImpl.java
View File

@ -58,7 +58,6 @@ public class IamUserRoleServiceImpl extends BaseIamServiceImpl<IamUserRoleMapper
// 扩展接口
private IamExtensible iamExtensible;
private boolean iamExtensibleImplChecked = false;
/**
* 超级管理员的角色ID
@ -67,6 +66,11 @@ public class IamUserRoleServiceImpl extends BaseIamServiceImpl<IamUserRoleMapper
@Override
public List<IamRole> getUserRoleList(String userType, Long userId) {
return getUserRoleList(userType, userId, null);
}
@Override
public List<IamRole> getUserRoleList(String userType, Long userId, Long extentionObjId) {
List<IamUserRole> userRoleList = getEntityList(Wrappers.<IamUserRole>lambdaQuery()
.select(IamUserRole::getRoleId)
.eq(IamUserRole::getUserType, userType)
@ -81,15 +85,8 @@ public class IamUserRoleServiceImpl extends BaseIamServiceImpl<IamUserRoleMapper
.select(IamRole::getId, IamRole::getName, IamRole::getCode)
.in(IamRole::getId, roleIds));
// 加载扩展角色
if(!iamExtensibleImplChecked){
try{
iamExtensible = ContextHelper.getBean(IamExtensible.class);
}
catch (Exception e){}
iamExtensibleImplChecked = true;
}
if(iamExtensible != null){
List<IamRole> extRoles = iamExtensible.getExtentionRoles(userType, userId);
if(getIamExtensible() != null){
List<IamRole> extRoles = getIamExtensible().getExtentionRoles(userType, userId, extentionObjId);
if(V.notEmpty(extRoles)){
roles.addAll(extRoles);
roles = BeanUtils.distinctByKey(roles, IamRole::getId);
@ -210,6 +207,27 @@ public class IamUserRoleServiceImpl extends BaseIamServiceImpl<IamUserRoleMapper
return success;
}
// 扩展接口检查标记
private boolean iamExtensibleImplChecked = false;
/**
* 获取Iam扩展实现
* @return
*/
@Override
public IamExtensible getIamExtensible(){
// 加载扩展角色
if(!iamExtensibleImplChecked){
try{
iamExtensible = ContextHelper.getBean(IamExtensible.class);
}
catch (Exception e){}
iamExtensibleImplChecked = true;
}
return iamExtensible;
}
/**
* 获取超级管理员角色ID
* @return

5
iam-base-starter/src/main/java/com/diboot/iam/starter/IamBaseAutoConfig.java
View File

@ -20,7 +20,10 @@ import com.diboot.core.util.V;
import com.diboot.iam.config.Cons;
import com.diboot.iam.jwt.BaseJwtRealm;
import com.diboot.iam.jwt.DefaultJwtAuthFilter;
import com.diboot.iam.service.impl.*;
import com.diboot.iam.service.impl.IamAccountServiceImpl;
import com.diboot.iam.service.impl.IamFrontendPermissionServiceImpl;
import com.diboot.iam.service.impl.IamRoleServiceImpl;
import com.diboot.iam.service.impl.IamUserServiceImpl;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.mgt.SessionsSecurityManager;

2
iam-base-starter/src/main/java/com/diboot/iam/util/HttpHelper.java
View File

@ -24,7 +24,7 @@ import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.io.*;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.Map;

3
iam-base-starter/src/main/resources/META-INF/sql/init-iam-base-mariadb.sql
View File

@ -11,7 +11,6 @@ create table iam_user
email varchar(50) null comment 'Email',
avatar_url varchar(200) null comment '头像地址',
status varchar(10) default 'A' not null comment '状态',
extdata varchar(100) null comment '扩展属性',
is_deleted tinyint(1) default 0 not null comment '是否删除',
create_time timestamp default CURRENT_TIMESTAMP not null comment '创建时间'
)AUTO_INCREMENT=10000 DEFAULT CHARSET=utf8 COMMENT '系统用户';
@ -31,7 +30,6 @@ create table iam_account
auth_secret varchar(32) null comment '密码',
secret_salt varchar(32) null comment '加密盐',
status varchar(10) default 'A' not null comment '用户状态',
extdata varchar(100) null comment '扩展属性',
is_deleted tinyint(1) default 0 not null comment '是否删除',
create_time timestamp default CURRENT_TIMESTAMP not null comment '创建时间'
) AUTO_INCREMENT=10000 DEFAULT CHARSET=utf8 COMMENT '登录账号';
@ -101,7 +99,6 @@ create table iam_login_trace
auth_account varchar(100) not null comment '用户名',
ip_address varchar(50) null comment 'IP',
user_agent varchar(200) null comment '客户端信息',
extdata varchar(100) null comment '扩展字段',
is_success tinyint(1) default 0 not null comment '是否成功',
create_time timestamp default CURRENT_TIMESTAMP not null comment '创建时间'
) AUTO_INCREMENT=10000 DEFAULT CHARSET=utf8 COMMENT '登录日志';

3
iam-base-starter/src/main/resources/META-INF/sql/init-iam-base-mysql.sql
View File

@ -11,7 +11,6 @@ create table iam_user
email varchar(50) null comment 'Email',
avatar_url varchar(200) null comment '头像地址',
status varchar(10) default 'A' not null comment '状态',
extdata varchar(100) null comment '扩展属性',
is_deleted tinyint(1) default 0 not null comment '是否删除',
create_time timestamp default CURRENT_TIMESTAMP not null comment '创建时间'
)AUTO_INCREMENT=10000 DEFAULT CHARSET=utf8 COMMENT '系统用户';
@ -31,7 +30,6 @@ create table iam_account
auth_secret varchar(32) null comment '密码',
secret_salt varchar(32) null comment '加密盐',
status varchar(10) default 'A' not null comment '用户状态',
extdata varchar(100) null comment '扩展属性',
is_deleted tinyint(1) default 0 not null comment '是否删除',
create_time timestamp default CURRENT_TIMESTAMP not null comment '创建时间'
) AUTO_INCREMENT=10000 DEFAULT CHARSET=utf8 COMMENT '登录账号';
@ -102,7 +100,6 @@ create table iam_login_trace
auth_account varchar(100) not null comment '用户名',
ip_address varchar(50) null comment 'IP',
user_agent varchar(200) null comment '客户端信息',
extdata varchar(100) null comment '扩展字段',
is_success tinyint(1) default 0 not null comment '是否成功',
create_time timestamp default CURRENT_TIMESTAMP not null comment '创建时间'
) AUTO_INCREMENT=10000 DEFAULT CHARSET=utf8 COMMENT '登录日志';

6
iam-base-starter/src/main/resources/META-INF/sql/init-iam-base-oracle.sql
View File

@ -11,7 +11,6 @@ create table ${SCHEMA}.iam_user
email VARCHAR2(50) null,
avatar_url VARCHAR2(200) null,
status VARCHAR2(10) default 'A' not null,
extdata VARCHAR2(100) null,
is_deleted NUMBER(1) DEFAULT 0 not null,
create_time timestamp default CURRENT_TIMESTAMP not null,
constraint PK_iam_user primary key (id)
@ -27,7 +26,6 @@ comment on column ${SCHEMA}.iam_user.mobile_phone is '手机号';
comment on column ${SCHEMA}.iam_user.email is 'Email';
comment on column ${SCHEMA}.iam_user.avatar_url is '头像';
comment on column ${SCHEMA}.iam_user.status is '状态';
comment on column ${SCHEMA}.iam_user.extdata is '扩展属性';
comment on column ${SCHEMA}.iam_user.is_deleted is '删除标记';
comment on column ${SCHEMA}.iam_user.create_time is '创建时间';
comment on table ${SCHEMA}.iam_user is '系统用户';
@ -47,7 +45,6 @@ create table ${SCHEMA}.iam_account
auth_secret VARCHAR2(32) null,
secret_salt VARCHAR2(32) null,
status VARCHAR2(10) default 'A' not null,
extdata VARCHAR2(100) null,
is_deleted NUMBER(1) DEFAULT 0 not null,
create_time timestamp default CURRENT_TIMESTAMP not null,
constraint PK_iam_account primary key (id)
@ -60,7 +57,6 @@ comment on column ${SCHEMA}.iam_account.auth_account is '用户名';
comment on column ${SCHEMA}.iam_account.auth_secret is '密码';
comment on column ${SCHEMA}.iam_account.secret_salt is '加密盐';
comment on column ${SCHEMA}.iam_account.status is '用户状态';
comment on column ${SCHEMA}.iam_account.extdata is '扩展属性';
comment on column ${SCHEMA}.iam_account.is_deleted is '是否删除';
comment on column ${SCHEMA}.iam_account.create_time is '创建时间';
comment on table ${SCHEMA}.iam_account is '登录账号';
@ -166,7 +162,6 @@ create table ${SCHEMA}.iam_login_trace
auth_account VARCHAR2(100) not null,
ip_address VARCHAR2(50) null,
user_agent VARCHAR2(200) null,
extdata VARCHAR2(100) null,
is_success NUMBER(1) DEFAULT 0 not null,
create_time timestamp default CURRENT_TIMESTAMP not null,
constraint PK_iam_login_trace primary key (id)
@ -178,7 +173,6 @@ comment on column ${SCHEMA}.iam_login_trace.auth_type is '认证方式';
comment on column ${SCHEMA}.iam_login_trace.auth_account is '用户名';
comment on column ${SCHEMA}.iam_login_trace.ip_address is 'IP';
comment on column ${SCHEMA}.iam_login_trace.user_agent is '客户端信息';
comment on column ${SCHEMA}.iam_login_trace.extdata is '扩展字段';
comment on column ${SCHEMA}.iam_login_trace.is_success is '是否成功';
comment on column ${SCHEMA}.iam_login_trace.create_time is '创建时间';
comment on table ${SCHEMA}.iam_login_trace is '登录日志';

6
iam-base-starter/src/main/resources/META-INF/sql/init-iam-base-postgresql.sql
View File

@ -11,7 +11,6 @@ create table iam_user
email varchar(50) null,
avatar_url varchar(200) null,
status varchar(10) not null default 'A',
extdata varchar(100) null,
is_deleted BOOLEAN not null DEFAULT FALSE,
create_time timestamp not null default CURRENT_TIMESTAMP
);
@ -26,7 +25,6 @@ comment on column iam_user.mobile_phone is '手机号';
comment on column iam_user.email is 'Email';
comment on column iam_user.avatar_url is '头像';
comment on column iam_user.status is '状态';
comment on column iam_user.extdata is '扩展属性';
comment on column iam_user.is_deleted is '删除标记';
comment on column iam_user.create_time is '创建时间';
comment on table iam_user is '系统用户';
@ -46,7 +44,6 @@ create table iam_account
auth_secret varchar(32) null,
secret_salt varchar(32) null,
status varchar(10) default 'A' not null,
extdata varchar(100) null,
is_deleted BOOLEAN default FALSE not null,
create_time timestamp default CURRENT_TIMESTAMP not null
);
@ -58,7 +55,6 @@ comment on column iam_account.auth_account is '用户名';
comment on column iam_account.auth_secret is '密码';
comment on column iam_account.secret_salt is '加密盐';
comment on column iam_account.status is '用户状态';
comment on column iam_account.extdata is '扩展属性';
comment on column iam_account.is_deleted is '是否删除';
comment on column iam_account.create_time is '创建时间';
comment on table iam_account is '登录账号';
@ -161,7 +157,6 @@ create table iam_login_trace
auth_account varchar(100) not null ,
ip_address varchar(50) null ,
user_agent varchar(200) null ,
extdata varchar(100) null ,
is_success BOOLEAN default FALSE not null ,
create_time timestamp default CURRENT_TIMESTAMP not null
);
@ -172,7 +167,6 @@ comment on column iam_login_trace.auth_type is '认证方式';
comment on column iam_login_trace.auth_account is '用户名';
comment on column iam_login_trace.ip_address is 'IP';
comment on column iam_login_trace.user_agent is '客户端信息';
comment on column iam_login_trace.extdata is '扩展字段';
comment on column iam_login_trace.is_success is '是否成功';
comment on column iam_login_trace.create_time is '创建时间';
comment on table iam_login_trace is '登录日志';

6
iam-base-starter/src/main/resources/META-INF/sql/init-iam-base-sqlserver.sql
View File

@ -11,7 +11,6 @@ create table ${SCHEMA}.iam_user
email varchar(50) null,
avatar_url varchar(200) null,
status varchar(10) not null default 'A',
extdata varchar(100) null,
is_deleted tinyint not null DEFAULT 0,
create_time datetime not null default CURRENT_TIMESTAMP,
constraint PK_iam_user primary key (id)
@ -27,7 +26,6 @@ execute sp_addextendedproperty 'MS_Description', N'手机号', 'SCHEMA', '${SCHE
execute sp_addextendedproperty 'MS_Description', N'Email', 'SCHEMA', '${SCHEMA}', 'table', iam_user, 'column', 'email';
execute sp_addextendedproperty 'MS_Description', N'头像', 'SCHEMA', '${SCHEMA}', 'table', iam_user, 'column', 'avatar_url';
execute sp_addextendedproperty 'MS_Description', N'状态', 'SCHEMA', '${SCHEMA}', 'table', iam_user, 'column', 'status';
execute sp_addextendedproperty 'MS_Description', N'扩展属性', 'SCHEMA', '${SCHEMA}', 'table', iam_user, 'column', 'extdata';
execute sp_addextendedproperty 'MS_Description', N'删除标记', 'SCHEMA', '${SCHEMA}', 'table', iam_user, 'column', 'is_deleted';
execute sp_addextendedproperty 'MS_Description', N'创建时间', 'SCHEMA', '${SCHEMA}', 'table', iam_user, 'column', 'create_time';
execute sp_addextendedproperty 'MS_Description', N'系统用户', 'SCHEMA', '${SCHEMA}', 'table', iam_user, null, null;
@ -47,7 +45,6 @@ create table ${SCHEMA}.iam_account
auth_secret varchar(32) null,
secret_salt varchar(32) null,
status varchar(10) default 'A' not null,
extdata varchar(100) null,
is_deleted tinyint default 0 not null,
create_time datetime default CURRENT_TIMESTAMP not null,
constraint PK_iam_account primary key (id)
@ -60,7 +57,6 @@ execute sp_addextendedproperty 'MS_Description', N'用户名', 'SCHEMA', '${SCHE
execute sp_addextendedproperty 'MS_Description', N'密码', 'SCHEMA', '${SCHEMA}', 'table', iam_account, 'column', 'auth_secret';
execute sp_addextendedproperty 'MS_Description', N'加密盐', 'SCHEMA', '${SCHEMA}', 'table', iam_account, 'column', 'secret_salt';
execute sp_addextendedproperty 'MS_Description', N'用户状态', 'SCHEMA', '${SCHEMA}', 'table', iam_account, 'column', 'status';
execute sp_addextendedproperty 'MS_Description', N'扩展属性', 'SCHEMA', '${SCHEMA}', 'table', iam_account, 'column', 'extdata';
execute sp_addextendedproperty 'MS_Description', N'是否删除', 'SCHEMA', '${SCHEMA}', 'table', iam_account, 'column', 'is_deleted';
execute sp_addextendedproperty 'MS_Description', N'创建时间', 'SCHEMA', '${SCHEMA}', 'table', iam_account, 'column', 'create_time';
execute sp_addextendedproperty 'MS_Description', N'登录账号', 'SCHEMA', '${SCHEMA}', 'table', iam_account, null, null;
@ -167,7 +163,6 @@ create table ${SCHEMA}.iam_login_trace
auth_account varchar(100) not null ,
ip_address varchar(50) null ,
user_agent varchar(200) null ,
extdata varchar(100) null ,
is_success tinyint default 0 not null,
create_time datetime default CURRENT_TIMESTAMP not null,
constraint PK_iam_login_trace primary key (id)
@ -179,7 +174,6 @@ execute sp_addextendedproperty 'MS_Description', N'认证方式', 'SCHEMA', '${S
execute sp_addextendedproperty 'MS_Description', N'用户名', 'SCHEMA', '${SCHEMA}', 'table', iam_login_trace, 'column', 'auth_account';
execute sp_addextendedproperty 'MS_Description', N'IP', 'SCHEMA', '${SCHEMA}', 'table', iam_login_trace, 'column', 'ip_address';
execute sp_addextendedproperty 'MS_Description', N'客户端信息', 'SCHEMA', '${SCHEMA}', 'table', iam_login_trace, 'column', 'user_agent';
execute sp_addextendedproperty 'MS_Description', N'扩展字段', 'SCHEMA', '${SCHEMA}', 'table', iam_login_trace, 'column', 'extdata';
execute sp_addextendedproperty 'MS_Description', N'是否成功', 'SCHEMA', '${SCHEMA}', 'table', iam_login_trace, 'column', 'is_success';
execute sp_addextendedproperty 'MS_Description', N'创建时间', 'SCHEMA', '${SCHEMA}', 'table', iam_login_trace, 'column', 'create_time';
execute sp_addextendedproperty 'MS_Description', N'登录日志', 'SCHEMA', '${SCHEMA}', 'table', iam_login_trace, null, null;