2 // ========================================================================
3 // Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
19 package org.eclipse.jetty.security;
21 import java.io.IOException;
23 import org.eclipse.jetty.security.PropertyUserStore.UserListener;
24 import org.eclipse.jetty.server.UserIdentity;
25 import org.eclipse.jetty.util.Scanner;
26 import org.eclipse.jetty.util.log.Log;
27 import org.eclipse.jetty.util.log.Logger;
28 import org.eclipse.jetty.util.resource.Resource;
29 import org.eclipse.jetty.util.security.Credential;
31 /* ------------------------------------------------------------ */
33 * Properties User Realm.
35 * An implementation of UserRealm that stores users and roles in-memory in HashMaps.
37 * Typically these maps are populated by calling the load() method or passing a properties resource to the constructor. The format of the properties file is:
40 * username: password [,rolename ...]
43 * Passwords may be clear text, obfuscated or checksummed. The class com.eclipse.Util.Password should be used to generate obfuscated passwords or password
46 * If DIGEST Authentication is used, the password must be in a recoverable format, either plain text or OBF:.
48 public class HashLoginService extends MappedLoginService implements UserListener
50 private static final Logger LOG = Log.getLogger(HashLoginService.class);
52 private PropertyUserStore _propertyUserStore;
53 private String _config;
54 private Resource _configResource;
55 private int _refreshInterval = 0;// default is not to reload
57 /* ------------------------------------------------------------ */
58 public HashLoginService()
62 /* ------------------------------------------------------------ */
63 public HashLoginService(String name)
68 /* ------------------------------------------------------------ */
69 public HashLoginService(String name, String config)
75 /* ------------------------------------------------------------ */
76 public String getConfig()
81 /* ------------------------------------------------------------ */
82 public void getConfig(String config)
87 /* ------------------------------------------------------------ */
88 public Resource getConfigResource()
90 return _configResource;
93 /* ------------------------------------------------------------ */
95 * Load realm users from properties file. The property file maps usernames to password specs followed by an optional comma separated list of role names.
98 * Filename or url of user properties file.
100 public void setConfig(String config)
105 /* ------------------------------------------------------------ */
106 public void setRefreshInterval(int msec)
108 _refreshInterval = msec;
111 /* ------------------------------------------------------------ */
112 public int getRefreshInterval()
114 return _refreshInterval;
117 /* ------------------------------------------------------------ */
119 protected UserIdentity loadUser(String username)
124 /* ------------------------------------------------------------ */
126 public void loadUsers() throws IOException
128 // TODO: Consider refactoring MappedLoginService to not have to override with unused methods
131 /* ------------------------------------------------------------ */
133 * @see org.eclipse.jetty.util.component.AbstractLifeCycle#doStart()
136 protected void doStart() throws Exception
140 if (_propertyUserStore == null)
142 if(LOG.isDebugEnabled())
143 LOG.debug("doStart: Starting new PropertyUserStore. PropertiesFile: " + _config + " refreshInterval: " + _refreshInterval);
145 _propertyUserStore = new PropertyUserStore();
146 _propertyUserStore.setRefreshInterval(_refreshInterval);
147 _propertyUserStore.setConfig(_config);
148 _propertyUserStore.registerUserListener(this);
149 _propertyUserStore.start();
153 /* ------------------------------------------------------------ */
155 * @see org.eclipse.jetty.util.component.AbstractLifeCycle#doStop()
158 protected void doStop() throws Exception
161 if (_propertyUserStore != null)
162 _propertyUserStore.stop();
163 _propertyUserStore = null;
166 /* ------------------------------------------------------------ */
168 public void update(String userName, Credential credential, String[] roleArray)
170 if (LOG.isDebugEnabled())
171 LOG.debug("update: " + userName + " Roles: " + roleArray.length);
172 putUser(userName,credential,roleArray);
175 /* ------------------------------------------------------------ */
177 public void remove(String userName)
179 if (LOG.isDebugEnabled())
180 LOG.debug("remove: " + userName);
181 removeUser(userName);