1 // ======================================================================== 2 // Copyright (c) 1996-2009 Mort Bay Consulting Pty. Ltd. 3 // ------------------------------------------------------------------------ 4 // All rights reserved. This program and the accompanying materials 5 // are made available under the terms of the Eclipse Public License v1.0 6 // and Apache License v2.0 which accompanies this distribution. 7 // The Eclipse Public License is available at 8 // http://www.eclipse.org/legal/epl-v10.html 9 // The Apache License v2.0 is available at 10 // http://www.opensource.org/licenses/apache2.0.php 11 // You may elect to redistribute this code under either of these licenses. 12 // ======================================================================== 13 14 package org.eclipse.jetty.security; 15 16 import java.io.IOException; 17 18 import org.eclipse.jetty.http.security.Credential; 19 import org.eclipse.jetty.security.PropertyUserStore.UserListener; 20 import org.eclipse.jetty.server.UserIdentity; 21 import org.eclipse.jetty.util.Scanner; 22 import org.eclipse.jetty.util.log.Log; 23 import org.eclipse.jetty.util.log.Logger; 24 import org.eclipse.jetty.util.resource.Resource; 25 26 /* ------------------------------------------------------------ */ 27 /** 28 * Properties User Realm. 29 * 30 * An implementation of UserRealm that stores users and roles in-memory in HashMaps. 31 * <P> 32 * Typically these maps are populated by calling the load() method or passing a properties resource to the constructor. The format of the properties file is: 33 * 34 * <PRE> 35 * username: password [,rolename ...] 36 * </PRE> 37 * 38 * Passwords may be clear text, obfuscated or checksummed. The class com.eclipse.Util.Password should be used to generate obfuscated passwords or password 39 * checksums. 40 * 41 * If DIGEST Authentication is used, the password must be in a recoverable format, either plain text or OBF:. 42 */ 43 public class HashLoginService extends MappedLoginService implements UserListener 44 { 45 private static final Logger LOG = Log.getLogger(HashLoginService.class); 46 47 private PropertyUserStore _propertyUserStore; 48 private String _config; 49 private Resource _configResource; 50 private Scanner _scanner; 51 private int _refreshInterval = 0;// default is not to reload 52 53 /* ------------------------------------------------------------ */ 54 public HashLoginService() 55 { 56 } 57 58 /* ------------------------------------------------------------ */ 59 public HashLoginService(String name) 60 { 61 setName(name); 62 } 63 64 /* ------------------------------------------------------------ */ 65 public HashLoginService(String name, String config) 66 { 67 setName(name); 68 setConfig(config); 69 } 70 71 /* ------------------------------------------------------------ */ 72 public String getConfig() 73 { 74 return _config; 75 } 76 77 /* ------------------------------------------------------------ */ 78 public void getConfig(String config) 79 { 80 _config = config; 81 } 82 83 /* ------------------------------------------------------------ */ 84 public Resource getConfigResource() 85 { 86 return _configResource; 87 } 88 89 /* ------------------------------------------------------------ */ 90 /** 91 * Load realm users from properties file. The property file maps usernames to password specs followed by an optional comma separated list of role names. 92 * 93 * @param config 94 * Filename or url of user properties file. 95 */ 96 public void setConfig(String config) 97 { 98 _config = config; 99 } 100 101 /* ------------------------------------------------------------ */ 102 public void setRefreshInterval(int msec) 103 { 104 _refreshInterval = msec; 105 } 106 107 /* ------------------------------------------------------------ */ 108 public int getRefreshInterval() 109 { 110 return _refreshInterval; 111 } 112 113 /* ------------------------------------------------------------ */ 114 @Override 115 protected UserIdentity loadUser(String username) 116 { 117 return null; 118 } 119 120 /* ------------------------------------------------------------ */ 121 @Override 122 public void loadUsers() throws IOException 123 { 124 // TODO: Consider refactoring MappedLoginService to not have to override with unused methods 125 } 126 127 /* ------------------------------------------------------------ */ 128 /** 129 * @see org.eclipse.jetty.util.component.AbstractLifeCycle#doStart() 130 */ 131 protected void doStart() throws Exception 132 { 133 super.doStart(); 134 135 if (_propertyUserStore == null) 136 { 137 if(LOG.isDebugEnabled()) 138 LOG.debug("doStart: Starting new PropertyUserStore. PropertiesFile: " + _config + " refreshInterval: " + _refreshInterval); 139 140 _propertyUserStore = new PropertyUserStore(); 141 _propertyUserStore.setRefreshInterval(_refreshInterval); 142 _propertyUserStore.setConfig(_config); 143 _propertyUserStore.registerUserListener(this); 144 _propertyUserStore.start(); 145 } 146 } 147 148 /* ------------------------------------------------------------ */ 149 /** 150 * @see org.eclipse.jetty.util.component.AbstractLifeCycle#doStop() 151 */ 152 protected void doStop() throws Exception 153 { 154 super.doStop(); 155 if (_scanner != null) 156 _scanner.stop(); 157 _scanner = null; 158 } 159 160 /* ------------------------------------------------------------ */ 161 public void update(String userName, Credential credential, String[] roleArray) 162 { 163 if (LOG.isDebugEnabled()) 164 LOG.debug("update: " + userName + " Roles: " + roleArray.length); 165 putUser(userName,credential,roleArray); 166 } 167 168 /* ------------------------------------------------------------ */ 169 public void remove(String userName) 170 { 171 if (LOG.isDebugEnabled()) 172 LOG.debug("remove: " + userName); 173 removeUser(userName); 174 } 175 }