|
|||||||||
| Home >> All >> org >> mortbay >> [ http overview ] | PREV CLASS NEXT CLASS | ||||||||
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||
org.mortbay.http
Class HashUserRealm
java.lang.Objectjava.util.AbstractMap
- All Implemented Interfaces:
- java.lang.Cloneable, java.io.Externalizable, java.util.Map, java.io.Serializable, SSORealm, UserRealm
- Direct Known Subclasses:
- JDBCUserRealm
- public class HashUserRealm
- extends java.util.HashMap
- implements UserRealm, SSORealm, java.io.Externalizable
- extends java.util.HashMap
HashMapped User Realm. An implementation of UserRealm that stores users and roles in-memory in HashMaps.
Typically these maps are populated by calling the load() method or passing a properties resource to the constructor. The format of the properties file is:
username: password [,rolename ...]Passwords may be clear text, obfuscated or checksummed. The class com.mortbay.Util.Password should be used to generate obfuscated passwords or password checksums. If DIGEST Authentication is used, the password must be in a recoverable format, either plain text or OBF:. The HashUserRealm also implements SSORealm but provides no implementation of SSORealm. Instead setSSORealm may be used to provide a delegate SSORealm implementation.
- Version:
- $Id: HashUserRealm.java,v 1.27 2003/10/12 11:58:32 gregwilkins Exp $
| Nested Class Summary | |
private class |
HashUserRealm.KnownUser
|
private class |
HashUserRealm.User
|
private class |
HashUserRealm.WrappedUser
|
| Nested classes inherited from class java.util.HashMap |
|
| Nested classes inherited from class java.util.AbstractMap |
|
| Nested classes inherited from class java.util.Map |
java.util.Map.Entry |
| Field Summary | |
static java.lang.String |
__SSO
HttpContext Attribute to set to activate SSO. |
private java.lang.String |
_config
|
private java.lang.String |
_realmName
|
protected java.util.HashMap |
_roles
|
private SSORealm |
_ssoRealm
|
private static org.apache.commons.logging.Log |
log
|
| Fields inherited from class java.util.HashMap |
|
| Fields inherited from class java.util.AbstractMap |
|
| Constructor Summary | |
HashUserRealm()
Constructor. |
|
HashUserRealm(java.lang.String name)
Constructor. |
|
HashUserRealm(java.lang.String name,
java.lang.String config)
Constructor. |
|
| Method Summary | |
void |
addUserToRole(java.lang.String userName,
java.lang.String roleName)
Add a user to a role. |
java.security.Principal |
authenticate(java.lang.String username,
java.lang.Object credentials,
HttpRequest request)
Authenticate a users credentials. |
void |
clearSingleSignOn(java.lang.String username)
Clear SSO for user. |
void |
disassociate(java.security.Principal user)
Dissassociate the calling context with a Principal. |
void |
dump(java.io.PrintStream out)
|
java.lang.String |
getName()
|
java.security.Principal |
getPrincipal(java.lang.String username)
Get the principal for a username. |
org.mortbay.util.Credential |
getSingleSignOn(HttpRequest request,
HttpResponse response)
Get SSO credentials. |
SSORealm |
getSSORealm()
|
boolean |
isUserInRole(java.security.Principal user,
java.lang.String roleName)
Check if a user is in a role. |
void |
load(java.lang.String config)
Load realm users from properties file. |
void |
logout(java.security.Principal user)
logout a user Principal. |
java.security.Principal |
popRole(java.security.Principal user)
Pop role from a Principal. |
java.security.Principal |
pushRole(java.security.Principal user,
java.lang.String role)
Push role onto a Principal. |
java.lang.Object |
put(java.lang.Object name,
java.lang.Object credentials)
Put user into realm. |
void |
readExternal(java.io.ObjectInput in)
This method restores an object's state by reading in the instance data for the object from the passed in stream. |
boolean |
reauthenticate(java.security.Principal user)
Re Authenticate a Principal. |
void |
setName(java.lang.String name)
|
void |
setSingleSignOn(HttpRequest request,
HttpResponse response,
java.security.Principal principal,
org.mortbay.util.Credential credential)
Set SSO principal and credential. |
void |
setSSORealm(SSORealm ssoRealm)
Set the SSORealm. |
java.lang.String |
toString()
Returns a String representation of this map. |
void |
writeExternal(java.io.ObjectOutput out)
This method is responsible for writing the instance data of an object to the passed in stream. |
| Methods inherited from class java.util.HashMap |
clear, clone, containsKey, containsValue, entrySet, get, isEmpty, keySet, putAll, remove, size, values |
| Methods inherited from class java.util.AbstractMap |
equals, hashCode |
| Methods inherited from class java.lang.Object |
finalize, getClass, notify, notifyAll, wait, wait, wait |
| Methods inherited from interface java.util.Map |
equals, hashCode |
| Field Detail |
log
private static org.apache.commons.logging.Log log
__SSO
public static final java.lang.String __SSO
- HttpContext Attribute to set to activate SSO.
- See Also:
- Constant Field Values
_realmName
private java.lang.String _realmName
_config
private java.lang.String _config
_roles
protected java.util.HashMap _roles
_ssoRealm
private SSORealm _ssoRealm
| Constructor Detail |
HashUserRealm
public HashUserRealm()
- Constructor.
HashUserRealm
public HashUserRealm(java.lang.String name)
- Constructor.
HashUserRealm
public HashUserRealm(java.lang.String name, java.lang.String config) throws java.io.IOException
- Constructor.
| Method Detail |
writeExternal
public void writeExternal(java.io.ObjectOutput out) throws java.io.IOException
- Description copied from interface:
java.io.Externalizable - This method is responsible for writing the instance data of an object
to the passed in stream. Note that this stream is not a subclass of
OutputStream, but rather is a class that implements theObjectOutputinterface. That interface provides a number of methods for writing Java data values to a stream.Not that the implementation of this method must be coordinated with the implementation of
readExternal.- Specified by:
writeExternalin interfacejava.io.Externalizable
readExternal
public void readExternal(java.io.ObjectInput in) throws java.io.IOException, java.lang.ClassNotFoundException
- Description copied from interface:
java.io.Externalizable - This method restores an object's state by reading in the instance data
for the object from the passed in stream. Note that this stream is not
a subclass of
InputStream, but rather is a class that implements theObjectInputinterface. That interface provides a mechanism for reading in Java data types from a stream.Note that this method must be compatible with
writeExternal. It must read back the exact same types that were written by that method in the exact order they were written.If this method needs to read back an object instance, then the class for that object must be found and loaded. If that operation fails, then this method throws a
ClassNotFoundException- Specified by:
readExternalin interfacejava.io.Externalizable
load
public void load(java.lang.String config) throws java.io.IOException
- Load realm users from properties file.
The property file maps usernames to password specs followed by
an optional comma separated list of role names.
setName
public void setName(java.lang.String name)
getName
public java.lang.String getName()
getPrincipal
public java.security.Principal getPrincipal(java.lang.String username)
- Description copied from interface:
UserRealm - Get the principal for a username.
This method is not guaranteed to return a Principal for non-authenticated users.
- Specified by:
getPrincipalin interfaceUserRealm
authenticate
public java.security.Principal authenticate(java.lang.String username, java.lang.Object credentials, HttpRequest request)
- Description copied from interface:
UserRealm - Authenticate a users credentials.
Implementations of this method may adorn the calling context to
assoicate it with the authenticated principal (eg ThreadLocals). If
such context associations are made, they should be considered valid
until a UserRealm.deAuthenticate(UserPrincipal) call is made for this
UserPrincipal.
- Specified by:
authenticatein interfaceUserRealm
disassociate
public void disassociate(java.security.Principal user)
- Description copied from interface:
UserRealm - Dissassociate the calling context with a Principal.
This method is called when the calling context is not longer
associated with the Principal. It should be used by an implementation
to remove context associations such as ThreadLocals.
The UserPrincipal object remains authenticated, as it may be
associated with other contexts.
- Specified by:
disassociatein interfaceUserRealm
pushRole
public java.security.Principal pushRole(java.security.Principal user, java.lang.String role)
- Description copied from interface:
UserRealm - Push role onto a Principal.
This method is used to add a role to an existing principal.
popRole
public java.security.Principal popRole(java.security.Principal user)
- Description copied from interface:
UserRealm - Pop role from a Principal.
put
public java.lang.Object put(java.lang.Object name, java.lang.Object credentials)
- Put user into realm.
- Specified by:
putin interfacejava.util.Map
addUserToRole
public void addUserToRole(java.lang.String userName, java.lang.String roleName)
- Add a user to a role.
reauthenticate
public boolean reauthenticate(java.security.Principal user)
- Description copied from interface:
UserRealm - Re Authenticate a Principal.
Authenicate a principal that has previously been return from the authenticate method.
Implementations of this method may adorn the calling context to
assoicate it with the authenticated principal (eg ThreadLocals). If
such context associations are made, they should be considered valid
until a UserRealm.deAuthenticate(UserPrincipal) call is made for this
UserPrincipal.
- Specified by:
reauthenticatein interfaceUserRealm
isUserInRole
public boolean isUserInRole(java.security.Principal user, java.lang.String roleName)
- Check if a user is in a role.
- Specified by:
isUserInRolein interfaceUserRealm
logout
public void logout(java.security.Principal user)
- Description copied from interface:
UserRealm - logout a user Principal.
Called by authentication mechanisms (eg FORM) that can detect logout.
toString
public java.lang.String toString()
- Description copied from class:
java.util.AbstractMap - Returns a String representation of this map. This is a listing of the
map entries (which are specified in Map.Entry as being
getKey() + "=" + getValue()), separated by a comma and space (", "), and surrounded by braces ('{' and '}'). This implementation uses a StringBuffer and iterates over the entrySet to build the String. Note that this can fail with an exception if underlying keys or values complete abruptly in toString().
dump
public void dump(java.io.PrintStream out)
getSSORealm
public SSORealm getSSORealm()
setSSORealm
public void setSSORealm(SSORealm ssoRealm)
- Set the SSORealm.
A SSORealm implementation may be set to enable support for SSO.
getSingleSignOn
public org.mortbay.util.Credential getSingleSignOn(HttpRequest request, HttpResponse response)
- Description copied from interface:
SSORealm - Get SSO credentials.
This call is used by an authenticator to check if a SSO exists for a request.
If SSO authentiation is successful, the requests UserPrincipal and
AuthUser fields are set. If available, the credential used to
authenticate the user is returned. If recoverable credentials are not required then
null may be return.
- Specified by:
getSingleSignOnin interfaceSSORealm
setSingleSignOn
public void setSingleSignOn(HttpRequest request, HttpResponse response, java.security.Principal principal, org.mortbay.util.Credential credential)
- Description copied from interface:
SSORealm - Set SSO principal and credential.
This call is used by an authenticator to inform the SSO mechanism that
a user has signed on. The SSO mechanism should record the principal
and credential and update the response with any cookies etc. required.
- Specified by:
setSingleSignOnin interfaceSSORealm
clearSingleSignOn
public void clearSingleSignOn(java.lang.String username)
- Description copied from interface:
SSORealm - Clear SSO for user.
- Specified by:
clearSingleSignOnin interfaceSSORealm
|
|||||||||
| Home >> All >> org >> mortbay >> [ http overview ] | PREV CLASS NEXT CLASS | ||||||||
|
SUMMARY: JAVADOC | SOURCE | DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||