login.config.url should be set to a url, not a file path

The System property java.security.auth.login.config will only be used if the useSystemProperty option is enabled. This is the default.
2005-09-26 14:14:42 +00:00 · 2005-09-26 14:14:42 +00:00 · a39339674e
parent bc14dd62db
commit a39339674e
1 changed files with 33 additions and 10 deletions
--- a/core/src/main/java/org/acegisecurity/providers/jaas/JaasAuthenticationProvider.java
+++ b/core/src/main/java/org/acegisecurity/providers/jaas/JaasAuthenticationProvider.java
@ -156,6 +156,11 @@ import javax.security.auth.login.LoginException;
 *  </pre>
 * </p>
 *
+ * A configuration note:
+ * The JaasAuthenticationProvider configures jaas using the system property 'java.security.auth.login.config' by default.
+ * If use of the java.security.auth.login.config property is not allowed by the Security property 'policy.allowSystemProperty', OR if the JaasAuthenticationProvider
+ * useSystemProperty option is false, then Jaas will be configured using the 'login.config.url.x' properties.
+ *
 * @author Ray Krueger
 * @version $Id$
 */
@ -174,6 +179,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
    private String loginContextName = "ACEGI";
    private AuthorityGranter[] authorityGranters;
    private JaasAuthenticationCallbackHandler[] callbackHandlers;
+    private boolean useSystemProperty = true;

    //~ Methods ================================================================

@ -297,12 +303,16 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
        boolean allowed = "true".equalsIgnoreCase(Security.getProperty(
                    "policy.allowSystemProperty"));

-        if (allowed && (System.getProperty(SYSPROP) == null)) {
+        if (useSystemProperty && allowed) {
            log.debug("Setting system property [" + SYSPROP + "] to: "
                + loginConfigStr);
            System.setProperty(SYSPROP, loginConfigStr);
        } else {
-            setPropertyUsingLoop(loginConfigStr);
+            if (useSystemProperty && !allowed) {
+                log.warn("useSystemProperty is true, but the security property 'policy.allowSystemProperty' is false. " +
+                        "Jaas will be configured using the login.config.url property.");
+            }
+            setPropertyUsingLoop(loginConfig.getURL().toString());
        }

        Assert.notNull(Configuration.getConfiguration(),
@ -453,6 +463,19 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
        }
    }

+    public boolean isUseSystemProperty() {
+        return useSystemProperty;
+    }
+
+    /**
+     * If true, the JaasAuthenticationProvider will configure Jaas using the system property 'java.security.auth.login.config'.
+     * If false, the JaasAuthenticationProvider will configure Jaas using the 'login.config.url.x' property.
+     * <br/><b>Default:True</b>
+     * @param useSystemProperty
+     */
+    public void setUseSystemProperty(boolean useSystemProperty) {
+        this.useSystemProperty = useSystemProperty;
+    }
    //~ Inner Classes ==========================================================

    /**