implementation for #1481
Add a new base class UserStore Signed-off-by: olivier lamy <olamy@webtide.com>
This commit is contained in:
parent
6bb8f793a3
commit
a2f89f2bf9
|
@ -18,12 +18,19 @@
|
|||
|
||||
package org.eclipse.jetty.security;
|
||||
|
||||
import org.eclipse.jetty.util.PathWatcher;
|
||||
import org.eclipse.jetty.util.PathWatcher.PathWatchEvent;
|
||||
import org.eclipse.jetty.util.StringUtil;
|
||||
import org.eclipse.jetty.util.log.Log;
|
||||
import org.eclipse.jetty.util.log.Logger;
|
||||
import org.eclipse.jetty.util.resource.PathResource;
|
||||
import org.eclipse.jetty.util.resource.Resource;
|
||||
import org.eclipse.jetty.util.security.Credential;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.nio.file.Path;
|
||||
import java.security.Principal;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
|
@ -31,20 +38,6 @@ import java.util.Map;
|
|||
import java.util.Properties;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.security.auth.Subject;
|
||||
|
||||
|
||||
import org.eclipse.jetty.server.UserIdentity;
|
||||
import org.eclipse.jetty.util.PathWatcher;
|
||||
import org.eclipse.jetty.util.PathWatcher.PathWatchEvent;
|
||||
import org.eclipse.jetty.util.StringUtil;
|
||||
import org.eclipse.jetty.util.component.AbstractLifeCycle;
|
||||
import org.eclipse.jetty.util.log.Log;
|
||||
import org.eclipse.jetty.util.log.Logger;
|
||||
import org.eclipse.jetty.util.resource.PathResource;
|
||||
import org.eclipse.jetty.util.resource.Resource;
|
||||
import org.eclipse.jetty.util.security.Credential;
|
||||
|
||||
/**
|
||||
* PropertyUserStore
|
||||
* <p>
|
||||
|
@ -59,7 +52,7 @@ import org.eclipse.jetty.util.security.Credential;
|
|||
*
|
||||
* If DIGEST Authentication is used, the password must be in a recoverable format, either plain text or OBF:.
|
||||
*/
|
||||
public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.Listener
|
||||
public class PropertyUserStore extends UserStore implements PathWatcher.Listener
|
||||
{
|
||||
private static final Logger LOG = Log.getLogger(PropertyUserStore.class);
|
||||
|
||||
|
@ -69,10 +62,7 @@ public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.
|
|||
protected PathWatcher pathWatcher;
|
||||
protected boolean hotReload = false; // default is not to reload
|
||||
|
||||
protected IdentityService _identityService = new DefaultIdentityService();
|
||||
protected boolean _firstLoad = true; // true if first load, false from that point on
|
||||
protected final List<String> _knownUsers = new ArrayList<String>();
|
||||
protected final Map<String, UserIdentity> _knownUserIdentities = new HashMap<String, UserIdentity>();
|
||||
protected List<UserListener> _listeners;
|
||||
|
||||
/**
|
||||
|
@ -146,12 +136,6 @@ public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.
|
|||
_configPath = configPath;
|
||||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
public UserIdentity getUserIdentity(String userName)
|
||||
{
|
||||
return _knownUserIdentities.get(userName);
|
||||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
/**
|
||||
* @return the resource associated with the configured properties file, creating it if necessary
|
||||
|
@ -199,8 +183,8 @@ public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.
|
|||
StringBuilder s = new StringBuilder();
|
||||
s.append(this.getClass().getName());
|
||||
s.append("[");
|
||||
s.append("users.count=").append(this._knownUsers.size());
|
||||
s.append("identityService=").append(this._identityService);
|
||||
s.append("users.count=").append(this.getKnownUserIdentities().size());
|
||||
s.append("identityService=").append(this.getIdentityService());
|
||||
s.append("]");
|
||||
return s.toString();
|
||||
}
|
||||
|
@ -220,7 +204,7 @@ public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.
|
|||
if (getConfigResource().exists())
|
||||
properties.load(getConfigResource().getInputStream());
|
||||
|
||||
Set<String> known = new HashSet<String>();
|
||||
Set<String> known = new HashSet<>();
|
||||
|
||||
for (Map.Entry<Object, Object> entry : properties.entrySet())
|
||||
{
|
||||
|
@ -243,27 +227,12 @@ public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.
|
|||
}
|
||||
known.add(username);
|
||||
Credential credential = Credential.getCredential(credentials);
|
||||
|
||||
Principal userPrincipal = new AbstractLoginService.UserPrincipal(username,credential);
|
||||
Subject subject = new Subject();
|
||||
subject.getPrincipals().add(userPrincipal);
|
||||
subject.getPrivateCredentials().add(credential);
|
||||
|
||||
if (roles != null)
|
||||
{
|
||||
for (String role : roleArray)
|
||||
{
|
||||
subject.getPrincipals().add(new AbstractLoginService.RolePrincipal(role));
|
||||
}
|
||||
}
|
||||
|
||||
subject.setReadOnly();
|
||||
|
||||
_knownUserIdentities.put(username,_identityService.newUserIdentity(subject,userPrincipal,roleArray));
|
||||
addUser( username, credential, roleArray );
|
||||
notifyUpdate(username,credential,roleArray);
|
||||
}
|
||||
}
|
||||
|
||||
final List<String> _knownUsers = new ArrayList<String>();
|
||||
synchronized (_knownUsers)
|
||||
{
|
||||
/*
|
||||
|
@ -277,7 +246,7 @@ public class PropertyUserStore extends AbstractLifeCycle implements PathWatcher.
|
|||
String user = users.next();
|
||||
if (!known.contains(user))
|
||||
{
|
||||
_knownUserIdentities.remove(user);
|
||||
removeUser( user );
|
||||
notifyRemove(user);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,76 @@
|
|||
//
|
||||
// ========================================================================
|
||||
// Copyright (c) 1995-2017 Mort Bay Consulting Pty. Ltd.
|
||||
// ------------------------------------------------------------------------
|
||||
// All rights reserved. This program and the accompanying materials
|
||||
// are made available under the terms of the Eclipse Public License v1.0
|
||||
// and Apache License v2.0 which accompanies this distribution.
|
||||
//
|
||||
// The Eclipse Public License is available at
|
||||
// http://www.eclipse.org/legal/epl-v10.html
|
||||
//
|
||||
// The Apache License v2.0 is available at
|
||||
// http://www.opensource.org/licenses/apache2.0.php
|
||||
//
|
||||
// You may elect to redistribute this code under either of these licenses.
|
||||
// ========================================================================
|
||||
//
|
||||
|
||||
package org.eclipse.jetty.security;
|
||||
|
||||
import org.eclipse.jetty.server.UserIdentity;
|
||||
import org.eclipse.jetty.util.component.AbstractLifeCycle;
|
||||
import org.eclipse.jetty.util.security.Credential;
|
||||
|
||||
import javax.security.auth.Subject;
|
||||
import java.security.Principal;
|
||||
import java.util.Map;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
|
||||
/**
|
||||
* Base class to store User
|
||||
*/
|
||||
public class UserStore extends AbstractLifeCycle
|
||||
{
|
||||
private IdentityService _identityService = new DefaultIdentityService();
|
||||
private final Map<String, UserIdentity> _knownUserIdentities = new ConcurrentHashMap<>();
|
||||
|
||||
protected void addUser( String username, Credential credential, String[] roles)
|
||||
{
|
||||
Principal userPrincipal = new AbstractLoginService.UserPrincipal( username, credential);
|
||||
Subject subject = new Subject();
|
||||
subject.getPrincipals().add(userPrincipal);
|
||||
subject.getPrivateCredentials().add(credential);
|
||||
|
||||
if (roles != null)
|
||||
{
|
||||
for (String role : roles)
|
||||
{
|
||||
subject.getPrincipals().add(new AbstractLoginService.RolePrincipal(role));
|
||||
}
|
||||
}
|
||||
|
||||
subject.setReadOnly();
|
||||
_knownUserIdentities.put(username,_identityService.newUserIdentity(subject,userPrincipal,roles));
|
||||
}
|
||||
|
||||
protected void removeUser(String username)
|
||||
{
|
||||
_knownUserIdentities.remove(username);
|
||||
}
|
||||
|
||||
public UserIdentity getUserIdentity(String userName)
|
||||
{
|
||||
return _knownUserIdentities.get(userName);
|
||||
}
|
||||
|
||||
public IdentityService getIdentityService()
|
||||
{
|
||||
return _identityService;
|
||||
}
|
||||
|
||||
protected Map<String, UserIdentity> getKnownUserIdentities()
|
||||
{
|
||||
return _knownUserIdentities;
|
||||
}
|
||||
}
|
|
@ -19,9 +19,14 @@
|
|||
|
||||
package org.eclipse.jetty.security;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.eclipse.jetty.server.UserIdentity;
|
||||
import org.eclipse.jetty.util.security.Credential;
|
||||
|
||||
/**
|
||||
|
@ -31,9 +36,8 @@ import org.eclipse.jetty.util.security.Credential;
|
|||
*/
|
||||
public class TestLoginService extends AbstractLoginService
|
||||
{
|
||||
protected Map<String, UserPrincipal> _users = new HashMap<>();
|
||||
protected Map<String, String[]> _roles = new HashMap<>();
|
||||
|
||||
UserStore userStore = new UserStore();
|
||||
|
||||
|
||||
public TestLoginService(String name)
|
||||
|
@ -43,9 +47,7 @@ public class TestLoginService extends AbstractLoginService
|
|||
|
||||
public void putUser (String username, Credential credential, String[] roles)
|
||||
{
|
||||
UserPrincipal userPrincipal = new UserPrincipal(username,credential);
|
||||
_users.put(username, userPrincipal);
|
||||
_roles.put(username, roles);
|
||||
userStore.addUser( username, credential, roles );
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -54,7 +56,16 @@ public class TestLoginService extends AbstractLoginService
|
|||
@Override
|
||||
protected String[] loadRoleInfo(UserPrincipal user)
|
||||
{
|
||||
return _roles.get(user.getName());
|
||||
UserIdentity userIdentity = userStore.getUserIdentity( user.getName() );
|
||||
Set<RolePrincipal> roles = userIdentity.getSubject().getPrincipals( RolePrincipal.class);
|
||||
if (roles == null)
|
||||
return null;
|
||||
|
||||
List<String> list = new ArrayList<>();
|
||||
for (RolePrincipal r:roles)
|
||||
list.add(r.getName());
|
||||
|
||||
return list.toArray(new String[roles.size()]);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -63,7 +74,8 @@ public class TestLoginService extends AbstractLoginService
|
|||
@Override
|
||||
protected UserPrincipal loadUserInfo(String username)
|
||||
{
|
||||
return _users.get(username);
|
||||
UserIdentity userIdentity = userStore.getUserIdentity( username );
|
||||
return userIdentity == null ? null : (UserPrincipal) userIdentity.getUserPrincipal();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
2
pom.xml
2
pom.xml
|
@ -581,7 +581,7 @@
|
|||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-surefire-plugin</artifactId>
|
||||
<version>2.19.1</version>
|
||||
<version>2.20</version>
|
||||
<configuration>
|
||||
<argLine>@{argLine} -Dfile.encoding=UTF-8 -Duser.language=en -Duser.region=US -showversion -Xmx1g -Xms1g -XX:+PrintGCDetails</argLine>
|
||||
<failIfNoTests>false</failIfNoTests>
|
||||
|
|
Loading…
Reference in New Issue