diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/PropertyUserStore.java b/jetty-security/src/main/java/org/eclipse/jetty/security/PropertyUserStore.java
index 3940f8ba57c..0c418ea65a6 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/PropertyUserStore.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/PropertyUserStore.java
@@ -23,16 +23,16 @@ import org.eclipse.jetty.util.PathWatcher.PathWatchEvent;
 import org.eclipse.jetty.util.StringUtil;
 import org.eclipse.jetty.util.log.Log;
 import org.eclipse.jetty.util.log.Logger;
+import org.eclipse.jetty.util.resource.JarResource;
 import org.eclipse.jetty.util.resource.PathResource;
 import org.eclipse.jetty.util.resource.Resource;
 import org.eclipse.jetty.util.security.Credential;
 
 import java.io.File;
-import java.io.FileInputStream;
 import java.io.IOException;
-import java.io.OutputStream;
 import java.nio.file.Files;
 import java.nio.file.Path;
+import java.nio.file.Paths;
 import java.util.ArrayList;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -40,8 +40,6 @@ import java.util.List;
 import java.util.Map;
 import java.util.Properties;
 import java.util.Set;
-import java.util.zip.ZipEntry;
-import java.util.zip.ZipInputStream;
 
 /**
  * PropertyUserStore
@@ -148,33 +146,16 @@ public class PropertyUserStore extends UserStore implements PathWatcher.Listener
         throws IOException
     {
         int fileIndex = configFile.indexOf( "!" );
-        String filePath = configFile.substring( JAR_FILE.length(), fileIndex );
         String entryPath = configFile.substring( fileIndex + 1, configFile.length() );
 
-        try (FileInputStream fileInputStream = new FileInputStream( new File( filePath ) ))
-        {
-            try (ZipInputStream zin = new ZipInputStream( fileInputStream ))
-            {
-                for ( ZipEntry e; ( e = zin.getNextEntry() ) != null; )
-                {
-                    if ( e.getName().equals( entryPath ) )
-                    {
-                        Path extractedPath = Files.createTempFile( "users_store", ".tmp" );
-                        byte[] buffer = new byte[1024];
-                        int bytesRead;
-                        try (OutputStream textOutputStream = Files.newOutputStream( extractedPath ))
-                        {
-                            while ( ( bytesRead = zin.read( buffer ) ) != -1 )
-                            {
-                                textOutputStream.write( buffer, 0, bytesRead );
-                            }
-                        }
-                        return extractedPath;
-                    }
-                }
-            }
-        }
-        throw new RuntimeException( "cannot find file from url " + configFile );
+        Path tmpDirectory = Files.createTempDirectory( "users_store" );
+        Path extractedPath = Paths.get(tmpDirectory.toString(), entryPath);
+        // delete if exists as copyTo do not overwrite
+        Files.deleteIfExists( extractedPath );
+        // delete on shutdown
+        extractedPath.toFile().deleteOnExit();
+        JarResource.newResource( configFile ).copyTo( tmpDirectory.toFile() );
+        return extractedPath;
     }
 
     /**
diff --git a/jetty-security/src/test/java/org/eclipse/jetty/security/PropertyUserStoreTest.java b/jetty-security/src/test/java/org/eclipse/jetty/security/PropertyUserStoreTest.java
index 70feca6503a..2f24ebb6d56 100644
--- a/jetty-security/src/test/java/org/eclipse/jetty/security/PropertyUserStoreTest.java
+++ b/jetty-security/src/test/java/org/eclipse/jetty/security/PropertyUserStoreTest.java
@@ -115,7 +115,7 @@ public class PropertyUserStoreTest
         File users = dir.resolve( "users.txt" ).toFile();
         writeUser( users );
         File usersJar = dir.resolve( "users.jar" ).toFile();
-        String entryPath = "/mountain_goat/pale_ale.txt";
+        String entryPath = "mountain_goat/pale_ale.txt";
         try (FileInputStream fileInputStream = new FileInputStream( users ))
         {
             try (OutputStream outputStream = new FileOutputStream( usersJar ))
@@ -123,7 +123,7 @@ public class PropertyUserStoreTest
                 try (JarOutputStream jarOutputStream = new JarOutputStream( outputStream ))
                 {
                     // add fake entry
-                    jarOutputStream.putNextEntry( new JarEntry( "/foo/wine" ) );
+                    jarOutputStream.putNextEntry( new JarEntry( "foo/wine" ) );
 
                     JarEntry jarEntry = new JarEntry( entryPath );
                     jarOutputStream.putNextEntry( jarEntry );
@@ -134,12 +134,12 @@ public class PropertyUserStoreTest
                         jarOutputStream.write( buffer, 0, bytesRead );
                     }
                     // add fake entry
-                    jarOutputStream.putNextEntry( new JarEntry( "/foo/cheese" ) );
+                    jarOutputStream.putNextEntry( new JarEntry( "foo/cheese" ) );
                 }
             }
 
         }
-        return "jar:file:" + usersJar.getCanonicalPath() + "!" + entryPath;
+        return "jar:file:" + usersJar.getCanonicalPath() + "!/" + entryPath;
     }
 
     private void writeUser(File usersFile)