-
Notifications
You must be signed in to change notification settings - Fork 1.9k
/
PropertyFileLoginModule.java
143 lines (132 loc) · 5.09 KB
/
PropertyFileLoginModule.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
//
// ========================================================================
// Copyright (c) 1995 Mort Bay Consulting Pty Ltd and others.
//
// This program and the accompanying materials are made available under the
// terms of the Eclipse Public License v. 2.0 which is available at
// https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
// which is available at https://www.apache.org/licenses/LICENSE-2.0.
//
// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
// ========================================================================
//
package org.eclipse.jetty.security.jaas.spi;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import org.eclipse.jetty.security.PropertyUserStore;
import org.eclipse.jetty.security.RolePrincipal;
import org.eclipse.jetty.security.UserPrincipal;
import org.eclipse.jetty.security.jaas.JAASLoginService;
import org.eclipse.jetty.security.jaas.PropertyUserStoreManager;
import org.eclipse.jetty.util.resource.Resource;
import org.eclipse.jetty.util.resource.ResourceFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* PropertyFileLoginModule
*/
public class PropertyFileLoginModule extends AbstractLoginModule
{
public static final String DEFAULT_FILENAME = "realm.properties";
private static final Logger LOG = LoggerFactory.getLogger(PropertyFileLoginModule.class);
private PropertyUserStore _store;
/**
* Use a PropertyUserStore to read the authentication and authorizaton information contained in
* the file named by the option "file".
*
* @param subject the subject
* @param callbackHandler the callback handler
* @param sharedState the shared state map
* @param options the options map
* @see javax.security.auth.spi.LoginModule#initialize(Subject, CallbackHandler, Map,
* Map)
*/
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options)
{
super.initialize(subject, callbackHandler, sharedState, options);
setupPropertyUserStore(options);
}
/**
* Get an existing, or create a new PropertyUserStore to read the
* authentication and authorization information from the file named by
* the option "file".
*
* @param options configuration options
*/
private void setupPropertyUserStore(Map<String, ?> options)
{
String filename = (String)options.get("file");
filename = (filename == null ? DEFAULT_FILENAME : filename);
PropertyUserStoreManager mgr = JAASLoginService.INSTANCE.get().getBean(PropertyUserStoreManager.class);
if (mgr == null)
throw new IllegalStateException("No PropertyUserStoreManager");
_store = mgr.getPropertyUserStore(filename);
if (_store == null)
{
int reloadInterval = 0;
String tmp = (String)options.get("reloadInterval");
if (tmp != null)
{
try
{
reloadInterval = Integer.parseInt(tmp);
}
catch (NumberFormatException e)
{
LOG.warn("'reloadInterval' is not an integer");
}
}
else
{
tmp = (String)options.get("hotReload");
if (tmp != null)
{
LOG.warn("Use 'reloadInterval' boolean property instead of 'hotReload'");
reloadInterval = Boolean.parseBoolean(tmp) ? 1 : 0;
}
}
PropertyUserStore newStore = new PropertyUserStore();
ResourceFactory resourceFactory = ResourceFactory.of(newStore);
Resource config = resourceFactory.newResource(filename);
newStore.setConfig(config);
newStore.setReloadInterval(reloadInterval);
_store = mgr.addPropertyUserStore(filename, newStore);
try
{
_store.start();
}
catch (Exception e)
{
LOG.warn("Exception starting propertyUserStore {} ", config, e);
}
}
}
/**
* @param userName the user name
* @throws Exception if unable to get the user information
*/
@Override
public JAASUser getUser(String userName) throws Exception
{
if (LOG.isDebugEnabled())
LOG.debug("Checking PropertyUserStore {} for {}", _store.getConfig(), userName);
UserPrincipal up = _store.getUserPrincipal(userName);
if (up == null)
return null;
List<RolePrincipal> rps = _store.getRolePrincipals(userName);
List<String> roles = rps == null ? Collections.emptyList() : rps.stream().map(RolePrincipal::getName).collect(Collectors.toList());
return new JAASUser(up)
{
@Override
public List<String> doFetchRoles()
{
return roles;
}
};
}
}