public class HashUserRealm extends java.util.HashMap implements UserRealm, SSORealm, java.io.Externalizable
Typically these maps are populated by calling the load() method or passing a properties resource to the constructor. The format of the properties file is:
username: password [,rolename ...]Passwords may be clear text, obfuscated or checksummed. The class com.mortbay.Util.Password should be used to generate obfuscated passwords or password checksums. If DIGEST Authentication is used, the password must be in a recoverable format, either plain text or OBF:. The HashUserRealm also implements SSORealm but provides no implementation of SSORealm. Instead setSSORealm may be used to provide a delegate SSORealm implementation.
Password
,
Serialized FormModifier and Type | Field and Description |
---|---|
static java.lang.String |
__SSO
HttpContext Attribute to set to activate SSO.
|
protected java.util.HashMap |
_roles |
Constructor and Description |
---|
HashUserRealm()
Constructor.
|
HashUserRealm(java.lang.String name)
Constructor.
|
HashUserRealm(java.lang.String name,
java.lang.String config)
Constructor.
|
Modifier and Type | Method and Description |
---|---|
void |
addUserToRole(java.lang.String userName,
java.lang.String roleName)
Add a user to a role.
|
java.security.Principal |
authenticate(java.lang.String username,
java.lang.Object credentials,
HttpRequest request)
Authenticate a users credentials.
|
void |
clearSingleSignOn(java.lang.String username)
Clear SSO for user.
|
void |
disassociate(java.security.Principal user)
Dissassociate the calling context with a Principal.
|
void |
dump(java.io.PrintStream out) |
java.lang.String |
getName() |
java.security.Principal |
getPrincipal(java.lang.String username)
Get the principal for a username.
|
Credential |
getSingleSignOn(HttpRequest request,
HttpResponse response)
Get SSO credentials.
|
SSORealm |
getSSORealm() |
boolean |
isUserInRole(java.security.Principal user,
java.lang.String roleName)
Check if a user is in a role.
|
void |
load(java.lang.String config)
Load realm users from properties file.
|
void |
logout(java.security.Principal user)
logout a user Principal.
|
java.security.Principal |
popRole(java.security.Principal user)
Pop role from a Principal.
|
java.security.Principal |
pushRole(java.security.Principal user,
java.lang.String role)
Push role onto a Principal.
|
java.lang.Object |
put(java.lang.Object name,
java.lang.Object credentials)
Put user into realm.
|
void |
readExternal(java.io.ObjectInput in) |
boolean |
reauthenticate(java.security.Principal user)
Re Authenticate a Principal.
|
void |
setName(java.lang.String name) |
void |
setSingleSignOn(HttpRequest request,
HttpResponse response,
java.security.Principal principal,
Credential credential)
Set SSO principal and credential.
|
void |
setSSORealm(SSORealm ssoRealm)
Set the SSORealm.
|
java.lang.String |
toString() |
void |
writeExternal(java.io.ObjectOutput out) |
clear, clone, containsKey, containsValue, entrySet, get, isEmpty, keySet, putAll, remove, size, values
public static final java.lang.String __SSO
protected java.util.HashMap _roles
public HashUserRealm()
public HashUserRealm(java.lang.String name)
name
- Realm Namepublic HashUserRealm(java.lang.String name, java.lang.String config) throws java.io.IOException
name
- Realm nameconfig
- Filename or url of user properties file.java.io.IOException
public void writeExternal(java.io.ObjectOutput out) throws java.io.IOException
writeExternal
in interface java.io.Externalizable
java.io.IOException
public void readExternal(java.io.ObjectInput in) throws java.io.IOException, java.lang.ClassNotFoundException
readExternal
in interface java.io.Externalizable
java.io.IOException
java.lang.ClassNotFoundException
public void load(java.lang.String config) throws java.io.IOException
config
- Filename or url of user properties file.java.io.IOException
public void setName(java.lang.String name)
name
- The realm namepublic java.lang.String getName()
public java.security.Principal getPrincipal(java.lang.String username)
UserRealm
getPrincipal
in interface UserRealm
public java.security.Principal authenticate(java.lang.String username, java.lang.Object credentials, HttpRequest request)
UserRealm
authenticate
in interface UserRealm
username
- The username.credentials
- The user credentials, normally a String password.request
- The request to be authenticated. Additional
parameters may be extracted or set on this request as needed
for the authentication mechanism (none required for BASIC and
FORM authentication).public void disassociate(java.security.Principal user)
UserRealm
disassociate
in interface UserRealm
user
- A UserPrincipal allocated from this realm.public java.security.Principal pushRole(java.security.Principal user, java.lang.String role)
UserRealm
public java.security.Principal popRole(java.security.Principal user)
UserRealm
public java.lang.Object put(java.lang.Object name, java.lang.Object credentials)
put
in interface java.util.Map
put
in class java.util.HashMap
name
- User namecredentials
- String password, Password or UserPrinciple
instance.public void addUserToRole(java.lang.String userName, java.lang.String roleName)
userName
- roleName
- public boolean reauthenticate(java.security.Principal user)
UserRealm
reauthenticate
in interface UserRealm
public boolean isUserInRole(java.security.Principal user, java.lang.String roleName)
isUserInRole
in interface UserRealm
user
- The user, which must be from this realmroleName
- public void logout(java.security.Principal user)
UserRealm
public java.lang.String toString()
toString
in class java.util.AbstractMap
public void dump(java.io.PrintStream out)
public SSORealm getSSORealm()
public void setSSORealm(SSORealm ssoRealm)
ssoRealm
- The SSORealm to delegate single sign on requests to.public Credential getSingleSignOn(HttpRequest request, HttpResponse response)
SSORealm
getSingleSignOn
in interface SSORealm
request
- The request to SSO.response
- The response to SSO.public void setSingleSignOn(HttpRequest request, HttpResponse response, java.security.Principal principal, Credential credential)
SSORealm
setSingleSignOn
in interface SSORealm
request
- The authenticated request.response
- The authenticated response/principal
- The principal that has been authenticated.credential
- The credentials used to authenticate.public void clearSingleSignOn(java.lang.String username)
SSORealm
clearSingleSignOn
in interface SSORealm
username
- The user to clear.Copyright © 2004 Mortbay Consulting Pty. Ltd. All Rights Reserved.