org.apache.shiro.realm.text
Class PropertiesRealm
java.lang.Object
org.apache.shiro.realm.CachingRealm
org.apache.shiro.realm.AuthenticatingRealm
org.apache.shiro.realm.AuthorizingRealm
org.apache.shiro.realm.SimpleAccountRealm
org.apache.shiro.realm.text.TextConfigurationRealm
org.apache.shiro.realm.text.PropertiesRealm
- All Implemented Interfaces:
- Runnable, LogoutAware, Authorizer, PermissionResolverAware, RolePermissionResolverAware, CacheManagerAware, Realm, Destroyable, Initializable, Nameable
public class PropertiesRealm
- extends TextConfigurationRealm
- implements Destroyable, Runnable
A TextConfigurationRealm
that defers all logic to the parent class, but just enables
Properties
based configuration in addition to the parent class's String configuration.
This class allows processing of a single .properties file for user, role, and
permission configuration.
The resourcePath
MUST be set before this realm can be initialized. You
can specify any resource path supported by
ResourceUtils.getInputStreamForPath
method.
The Properties format understood by this implementation must be written as follows:
Each line's key/value pair represents either a user-to-role(s) mapping or a role-to-permission(s)
mapping.
The user-to-role(s) lines have this format:
user.username = password,role1,role2,...
Note that each key is prefixed with the token user.
Each value must adhere to the
the setUserDefinitions(String)
JavaDoc.
The role-to-permission(s) lines have this format:
role.rolename = permissionDefinition1, permissionDefinition2, ...
where each key is prefixed with the token role.
and the value adheres to the format specified in
the setRoleDefinitions(String)
JavaDoc.
Here is an example of a very simple properties definition that conforms to the above format rules and corresponding
method JavaDocs:
user.root = rootPassword,administrator
user.jsmith = jsmithPassword,manager,engineer,employee
user.abrown = abrownPassword,qa,employee
user.djones = djonesPassword,qa,contractor
role.administrator = *
role.manager = "user:read,write", file:execute:/usr/local/emailManagers.sh
role.engineer = "file:read,execute:/usr/local/tomcat/bin/startup.sh"
role.employee = application:use:wiki
role.qa = "server:view,start,shutdown,restart:someQaServer", server:view:someProductionServer
role.contractor = application:use:timesheet
- Since:
- 0.2
Methods inherited from class org.apache.shiro.realm.text.TextConfigurationRealm |
getRoleDefinitions, getUserDefinitions, processDefinitions, processRoleDefinitions, processRoleDefinitions, processUserDefinitions, processUserDefinitions, setRoleDefinitions, setUserDefinitions, toLines, toMap |
Methods inherited from class org.apache.shiro.realm.SimpleAccountRealm |
accountExists, add, add, addAccount, addAccount, addRole, doGetAuthenticationInfo, doGetAuthorizationInfo, getRole, getUser, getUsername, getUsername, roleExists, toSet |
Methods inherited from class org.apache.shiro.realm.AuthorizingRealm |
afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolver |
Methods inherited from class org.apache.shiro.realm.AuthenticatingRealm |
assertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher, supports |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
scheduler
protected ExecutorService scheduler
useXmlFormat
protected boolean useXmlFormat
resourcePath
protected String resourcePath
fileLastModified
protected long fileLastModified
reloadIntervalSeconds
protected int reloadIntervalSeconds
PropertiesRealm
public PropertiesRealm()
setUseXmlFormat
public void setUseXmlFormat(boolean useXmlFormat)
- Determines whether or not the properties XML format should be used. For more information, see
Properties.loadFromXML(java.io.InputStream)
- Parameters:
useXmlFormat
- true to use XML or false to use the normal format. Defaults to false.
setResourcePath
public void setResourcePath(String resourcePath)
- Sets the path of the properties file to load user, role, and permission information from. The properties
file will be loaded using
ResourceUtils.getInputStreamForPath(String)
so any convention recongized
by that method is accepted here. For example, to load a file from the classpath use
classpath:myfile.properties
; to load a file from disk simply specify the full path; to load
a file from a URL use url:www.mysite.com/myfile.properties
.
- Parameters:
resourcePath
- the path to load the properties file from. This is a required property.
setReloadIntervalSeconds
public void setReloadIntervalSeconds(int reloadIntervalSeconds)
- Sets the interval in seconds at which the property file will be checked for changes and reloaded. If this is
set to zero or less, property file reloading will be disabled. If it is set to 1 or greater, then a
separate thread will be created to monitor the propery file for changes and reload the file if it is updated.
- Parameters:
reloadIntervalSeconds
- the interval in seconds at which the property file should be examined for changes.
If set to zero or less, reloading is disabled.
onInit
public void onInit()
- Description copied from class:
TextConfigurationRealm
- Will call 'processDefinitions' on startup.
- Overrides:
onInit
in class TextConfigurationRealm
- See Also:
- SHIRO-223
afterRoleCacheSet
protected void afterRoleCacheSet()
destroy
public void destroy()
- Description copied from interface:
Destroyable
- Called when this object is being destroyed, allowing any necessary cleanup of internal resources.
- Specified by:
destroy
in interface Destroyable
startReloadThread
protected void startReloadThread()
run
public void run()
- Specified by:
run
in interface Runnable
getName
protected String getName(String key,
String prefix)
isUsername
protected boolean isUsername(String key)
isRolename
protected boolean isRolename(String key)
getUsername
protected String getUsername(String key)
getRolename
protected String getRolename(String key)
Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.