org.apache.shiro.realm.text

Class PropertiesRealm

java.lang.Object

org.apache.shiro.realm.CachingRealm

org.apache.shiro.realm.AuthenticatingRealm

org.apache.shiro.realm.AuthorizingRealm

org.apache.shiro.realm.SimpleAccountRealm

org.apache.shiro.realm.text.TextConfigurationRealm

org.apache.shiro.realm.text.PropertiesRealm

All Implemented Interfaces:

Runnable, LogoutAware, Authorizer, PermissionResolverAware, RolePermissionResolverAware, org.apache.shiro.cache.CacheManagerAware, Realm, org.apache.shiro.util.Destroyable, org.apache.shiro.util.Initializable, org.apache.shiro.util.Nameable

public class PropertiesRealm
extends TextConfigurationRealm
implements org.apache.shiro.util.Destroyable, Runnable

A TextConfigurationRealm that defers all logic to the parent class, but just enables Properties based configuration in addition to the parent class's String configuration.

This class allows processing of a single .properties file for user, role, and permission configuration.

The resourcePath MUST be set before this realm can be initialized. You can specify any resource path supported by ResourceUtils.getInputStreamForPath method.

The Properties format understood by this implementation must be written as follows:

Each line's key/value pair represents either a user-to-role(s) mapping or a role-to-permission(s) mapping.

The user-to-role(s) lines have this format:

user.username = password,role1,role2,...

Note that each key is prefixed with the token user. Each value must adhere to the the setUserDefinitions(String) JavaDoc.

The role-to-permission(s) lines have this format:

role.rolename = permissionDefinition1, permissionDefinition2, ...

where each key is prefixed with the token role. and the value adheres to the format specified in the setRoleDefinitions(String) JavaDoc.

Here is an example of a very simple properties definition that conforms to the above format rules and corresponding method JavaDocs:

user.root = rootPassword,administrator
user.jsmith = jsmithPassword,manager,engineer,employee
user.abrown = abrownPassword,qa,employee
user.djones = djonesPassword,qa,contractor

role.administrator = *
role.manager = "user:read,write", file:execute:/usr/local/emailManagers.sh
role.engineer = "file:read,execute:/usr/local/tomcat/bin/startup.sh"
role.employee = application:use:wiki
role.qa = "server:view,start,shutdown,restart:someQaServer", server:view:someProductionServer
role.contractor = application:use:timesheet

Since:

0.2

Field Summary

Fields

Modifier and Type	Field and Description
protected long	fileLastModified
protected int	reloadIntervalSeconds
protected String	resourcePath
protected ExecutorService	scheduler
protected boolean	useXmlFormat

Fields inherited from class org.apache.shiro.realm.SimpleAccountRealm

roles, ROLES_LOCK, users, USERS_LOCK

Constructor Summary

Constructors

Constructor and Description
PropertiesRealm()

Method Summary

Modifier and Type	Method and Description
protected void	afterRoleCacheSet()
void	destroy() Destroy reload scheduler if one exists.
protected String	getName(String key, String prefix)
protected String	getRolename(String key)
protected String	getUsername(String key)
protected boolean	isRolename(String key)
protected boolean	isUsername(String key)
void	onInit() Will call 'processDefinitions' on startup.
void	run()
void	setReloadIntervalSeconds(int reloadIntervalSeconds) Sets the interval in seconds at which the property file will be checked for changes and reloaded.
void	setResourcePath(String resourcePath) Sets the path of the properties file to load user, role, and permission information from.
void	setUseXmlFormat(boolean useXmlFormat) Determines whether or not the properties XML format should be used.
protected void	startReloadThread()

Methods inherited from class org.apache.shiro.realm.text.TextConfigurationRealm

getRoleDefinitions, getUserDefinitions, processDefinitions, processRoleDefinitions, processRoleDefinitions, processUserDefinitions, processUserDefinitions, setRoleDefinitions, setUserDefinitions, toLines, toMap

Methods inherited from class org.apache.shiro.realm.SimpleAccountRealm

accountExists, add, add, addAccount, addAccount, addRole, doGetAuthenticationInfo, doGetAuthorizationInfo, getRole, getUser, getUsername, getUsername, roleExists, toSet

Methods inherited from class org.apache.shiro.realm.AuthorizingRealm

afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getPermissions, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolver

Methods inherited from class org.apache.shiro.realm.AuthenticatingRealm

assertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher, supports

Methods inherited from class org.apache.shiro.realm.CachingRealm

clearCache, getAvailablePrincipal, getCacheManager, getName, isCachingEnabled, onLogout, setCacheManager, setCachingEnabled

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.shiro.util.Initializable

init

Field Detail

scheduler

protected ExecutorService scheduler

useXmlFormat

protected boolean useXmlFormat

resourcePath

protected String resourcePath

fileLastModified

protected long fileLastModified

reloadIntervalSeconds

protected int reloadIntervalSeconds

Constructor Detail

PropertiesRealm

public PropertiesRealm()

Method Detail

setUseXmlFormat

public void setUseXmlFormat(boolean useXmlFormat)

Determines whether or not the properties XML format should be used. For more information, see Properties.loadFromXML(java.io.InputStream)

Parameters:

useXmlFormat - true to use XML or false to use the normal format. Defaults to false.

setResourcePath

public void setResourcePath(String resourcePath)

Sets the path of the properties file to load user, role, and permission information from. The properties file will be loaded using ResourceUtils.getInputStreamForPath(String) so any convention recognized by that method is accepted here. For example, to load a file from the classpath use classpath:myfile.properties; to load a file from disk simply specify the full path; to load a file from a URL use url:www.mysite.com/myfile.properties.

Parameters:

resourcePath - the path to load the properties file from. This is a required property.

setReloadIntervalSeconds

public void setReloadIntervalSeconds(int reloadIntervalSeconds)

Sets the interval in seconds at which the property file will be checked for changes and reloaded. If this is set to zero or less, property file reloading will be disabled. If it is set to 1 or greater, then a separate thread will be created to monitor the property file for changes and reload the file if it is updated.

Parameters:

reloadIntervalSeconds - the interval in seconds at which the property file should be examined for changes. If set to zero or less, reloading is disabled.

onInit

public void onInit()

Description copied from class: TextConfigurationRealm

Will call 'processDefinitions' on startup.

Overrides:

onInit in class TextConfigurationRealm

See Also:

SHIRO-223

afterRoleCacheSet

protected void afterRoleCacheSet()

destroy

public void destroy()

Destroy reload scheduler if one exists.

Specified by:

destroy in interface org.apache.shiro.util.Destroyable

startReloadThread

protected void startReloadThread()

run

public void run()

Specified by:

run in interface Runnable

getName

protected String getName(String key,
                         String prefix)

isUsername

protected boolean isUsername(String key)

isRolename

protected boolean isRolename(String key)

getUsername

protected String getUsername(String key)

getRolename

protected String getRolename(String key)