View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.jaas.spi;
20  
21  import java.security.Principal;
22  import java.util.ArrayList;
23  import java.util.List;
24  import java.util.Map;
25  import java.util.Set;
26  import java.util.concurrent.ConcurrentHashMap;
27  
28  import javax.security.auth.Subject;
29  import javax.security.auth.callback.CallbackHandler;
30  
31  import org.eclipse.jetty.security.PropertyUserStore;
32  import org.eclipse.jetty.server.UserIdentity;
33  import org.eclipse.jetty.util.log.Log;
34  import org.eclipse.jetty.util.log.Logger;
35  import org.eclipse.jetty.util.security.Credential;
36  
37  /**
38   * PropertyFileLoginModule
39   */
40  public class PropertyFileLoginModule extends AbstractLoginModule
41  {
42      public static final String DEFAULT_FILENAME = "realm.properties";
43  
44      private static final Logger LOG = Log.getLogger(PropertyFileLoginModule.class);
45  
46      private static ConcurrentHashMap<String, PropertyUserStore> _propertyUserStores = new ConcurrentHashMap<String, PropertyUserStore>();
47  
48      private int _refreshInterval = 0;
49      private String _filename = DEFAULT_FILENAME;
50  
51      /**
52       * Read contents of the configured property file.
53       *
54       * @see javax.security.auth.spi.LoginModule#initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map,
55       *      java.util.Map)
56       *      
57       * @param subject the subject
58       * @param callbackHandler the callback handler
59       * @param sharedState the shared state map
60       * @param options the options map
61       */
62      public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options)
63      {
64          super.initialize(subject,callbackHandler,sharedState,options);
65          setupPropertyUserStore(options);
66      }
67  
68      private void setupPropertyUserStore(Map<String, ?> options)
69      {
70          parseConfig(options);
71  
72          if (_propertyUserStores.get(_filename) == null)
73          {
74              PropertyUserStore propertyUserStore = new PropertyUserStore();
75              propertyUserStore.setConfig(_filename);
76              propertyUserStore.setRefreshInterval(_refreshInterval);
77  
78              PropertyUserStore prev = _propertyUserStores.putIfAbsent(_filename, propertyUserStore);
79              if (prev == null)
80              {
81                  LOG.debug("setupPropertyUserStore: Starting new PropertyUserStore. PropertiesFile: " + _filename + " refreshInterval: " + _refreshInterval);
82  
83                  try
84                  {
85                      propertyUserStore.start();
86                  }
87                  catch (Exception e)
88                  {
89                      LOG.warn("Exception while starting propertyUserStore: ",e);
90                  }
91              }
92          }
93      }
94  
95      private void parseConfig(Map<String, ?> options)
96      {
97          String tmp = (String)options.get("file");
98          _filename = (tmp == null? DEFAULT_FILENAME : tmp);
99          tmp = (String)options.get("refreshInterval");
100         _refreshInterval = (tmp == null?_refreshInterval:Integer.parseInt(tmp));
101     }
102 
103     /**
104      * 
105      *
106      * @param userName the user name
107      * @throws Exception if unable to get the user information
108      */
109     public UserInfo getUserInfo(String userName) throws Exception
110     {
111         PropertyUserStore propertyUserStore = _propertyUserStores.get(_filename);
112         if (propertyUserStore == null)
113             throw new IllegalStateException("PropertyUserStore should never be null here!");
114         
115         LOG.debug("Checking PropertyUserStore "+_filename+" for "+userName);
116         UserIdentity userIdentity = propertyUserStore.getUserIdentity(userName);
117         if (userIdentity==null)
118             return null;
119 
120         //TODO in future versions change the impl of PropertyUserStore so its not
121         //storing Subjects etc, just UserInfo
122         Set<Principal> principals = userIdentity.getSubject().getPrincipals();
123 
124         List<String> roles = new ArrayList<String>();
125 
126         for ( Principal principal : principals )
127         {
128             roles.add( principal.getName() );
129         }
130 
131         Credential credential = (Credential)userIdentity.getSubject().getPrivateCredentials().iterator().next();
132         LOG.debug("Found: " + userName + " in PropertyUserStore "+_filename);
133         return new UserInfo(userName, credential, roles);
134     }
135 
136 }