1 // ========================================================================
2 // Copyright (c) 1996-2009 Mort Bay Consulting Pty. Ltd.
3 // ------------------------------------------------------------------------
4 // All rights reserved. This program and the accompanying materials
5 // are made available under the terms of the Eclipse Public License v1.0
6 // and Apache License v2.0 which accompanies this distribution.
7 // The Eclipse Public License is available at
8 // http://www.eclipse.org/legal/epl-v10.html
9 // The Apache License v2.0 is available at
10 // http://www.opensource.org/licenses/apache2.0.php
11 // You may elect to redistribute this code under either of these licenses.
12 // ========================================================================
13
14 package org.eclipse.jetty.security;
15
16 import java.io.IOException;
17
18 import org.eclipse.jetty.http.security.Credential;
19 import org.eclipse.jetty.security.PropertyUserStore.UserListener;
20 import org.eclipse.jetty.server.UserIdentity;
21 import org.eclipse.jetty.util.Scanner;
22 import org.eclipse.jetty.util.log.Log;
23 import org.eclipse.jetty.util.log.Logger;
24 import org.eclipse.jetty.util.resource.Resource;
25
26 /* ------------------------------------------------------------ */
27 /**
28 * Properties User Realm.
29 *
30 * An implementation of UserRealm that stores users and roles in-memory in HashMaps.
31 * <P>
32 * Typically these maps are populated by calling the load() method or passing a properties resource to the constructor. The format of the properties file is:
33 *
34 * <PRE>
35 * username: password [,rolename ...]
36 * </PRE>
37 *
38 * Passwords may be clear text, obfuscated or checksummed. The class com.eclipse.Util.Password should be used to generate obfuscated passwords or password
39 * checksums.
40 *
41 * If DIGEST Authentication is used, the password must be in a recoverable format, either plain text or OBF:.
42 */
43 public class HashLoginService extends MappedLoginService implements UserListener
44 {
45 private static final Logger LOG = Log.getLogger(HashLoginService.class);
46
47 private PropertyUserStore _propertyUserStore;
48 private String _config;
49 private Resource _configResource;
50 private Scanner _scanner;
51 private int _refreshInterval = 0;// default is not to reload
52
53 /* ------------------------------------------------------------ */
54 public HashLoginService()
55 {
56 }
57
58 /* ------------------------------------------------------------ */
59 public HashLoginService(String name)
60 {
61 setName(name);
62 }
63
64 /* ------------------------------------------------------------ */
65 public HashLoginService(String name, String config)
66 {
67 setName(name);
68 setConfig(config);
69 }
70
71 /* ------------------------------------------------------------ */
72 public String getConfig()
73 {
74 return _config;
75 }
76
77 /* ------------------------------------------------------------ */
78 public void getConfig(String config)
79 {
80 _config = config;
81 }
82
83 /* ------------------------------------------------------------ */
84 public Resource getConfigResource()
85 {
86 return _configResource;
87 }
88
89 /* ------------------------------------------------------------ */
90 /**
91 * Load realm users from properties file. The property file maps usernames to password specs followed by an optional comma separated list of role names.
92 *
93 * @param config
94 * Filename or url of user properties file.
95 */
96 public void setConfig(String config)
97 {
98 _config = config;
99 }
100
101 /* ------------------------------------------------------------ */
102 public void setRefreshInterval(int msec)
103 {
104 _refreshInterval = msec;
105 }
106
107 /* ------------------------------------------------------------ */
108 public int getRefreshInterval()
109 {
110 return _refreshInterval;
111 }
112
113 /* ------------------------------------------------------------ */
114 @Override
115 protected UserIdentity loadUser(String username)
116 {
117 return null;
118 }
119
120 /* ------------------------------------------------------------ */
121 @Override
122 public void loadUsers() throws IOException
123 {
124 // TODO: Consider refactoring MappedLoginService to not have to override with unused methods
125 }
126
127 /* ------------------------------------------------------------ */
128 /**
129 * @see org.eclipse.jetty.util.component.AbstractLifeCycle#doStart()
130 */
131 protected void doStart() throws Exception
132 {
133 super.doStart();
134
135 if (_propertyUserStore == null)
136 {
137 if(LOG.isDebugEnabled())
138 LOG.debug("doStart: Starting new PropertyUserStore. PropertiesFile: " + _config + " refreshInterval: " + _refreshInterval);
139
140 _propertyUserStore = new PropertyUserStore();
141 _propertyUserStore.setRefreshInterval(_refreshInterval);
142 _propertyUserStore.setConfig(_config);
143 _propertyUserStore.registerUserListener(this);
144 _propertyUserStore.start();
145 }
146 }
147
148 /* ------------------------------------------------------------ */
149 /**
150 * @see org.eclipse.jetty.util.component.AbstractLifeCycle#doStop()
151 */
152 protected void doStop() throws Exception
153 {
154 super.doStop();
155 if (_scanner != null)
156 _scanner.stop();
157 _scanner = null;
158 }
159
160 /* ------------------------------------------------------------ */
161 public void update(String userName, Credential credential, String[] roleArray)
162 {
163 if (LOG.isDebugEnabled())
164 LOG.debug("update: " + userName + " Roles: " + roleArray.length);
165 putUser(userName,credential,roleArray);
166 }
167
168 /* ------------------------------------------------------------ */
169 public void remove(String userName)
170 {
171 if (LOG.isDebugEnabled())
172 LOG.debug("remove: " + userName);
173 removeUser(userName);
174 }
175 }