HashUserRealm (Jetty HTTP Server API)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.mortbay.http
Class HashUserRealm

java.lang.Object
  |
  +--java.util.AbstractMap
        |
        +--java.util.HashMap
              |
              +--org.mortbay.http.HashUserRealm

All Implemented Interfaces:: java.lang.Cloneable, java.io.Externalizable, java.util.Map, java.io.Serializable, SSORealm, UserRealm

Direct Known Subclasses:: JDBCUserRealm

public class HashUserRealm
extends java.util.HashMap
implements UserRealm, SSORealm, java.io.Externalizable

HashMapped User Realm. An implementation of UserRealm that stores users and roles in-memory in HashMaps.

Typically these maps are populated by calling the load() method or passing a properties resource to the constructor. The format of the properties file is:

  username: password [,rolename ...]

Passwords may be clear text, obfuscated or checksummed. The class com.mortbay.Util.Password should be used to generate obfuscated passwords or password checksums. If DIGEST Authentication is used, the password must be in a recoverable format, either plain text or OBF:. The HashUserRealm also implements SSORealm but provides no implementation of SSORealm. Instead setSSORealm may be used to provide a delegate SSORealm implementation.

Version:: $Id: HashUserRealm.java,v 1.23.2.1 2003/10/12 03:08:59 gregwilkins Exp $
Author:: Greg Wilkins (gregw)
See Also:: Password, Serialized Form

Field Summary

static java.lang.String __SSO
          HttpContext Attribute to set to activate SSO.

Constructor Summary

HashUserRealm()
          Constructor.

HashUserRealm(java.lang.String name)
          Constructor.

HashUserRealm(java.lang.String name, java.lang.String config)
          Constructor.

Method Summary

void addUserToRole(java.lang.String userName, java.lang.String roleName)
          Add a user to a role.

UserPrincipal authenticate(java.lang.String username, java.lang.Object credentials, HttpRequest request)
          Authenticate a users credentials.

void clearSingleSignOn(java.lang.String username)
          Clear SSO for user.

void disassociate(UserPrincipal user)
          Dissassociate the calling context with a Principal.

void dump(java.io.PrintStream out)


java.lang.String getName()


Credential getSingleSignOn(HttpRequest request, HttpResponse response)
          Get SSO credentials.

SSORealm getSSORealm()


boolean isUserInRole(UserPrincipal user, java.lang.String roleName)
          Check if a user is in a role.

void load(java.lang.String config)
          Load realm users from properties file.

void logout(UserPrincipal user)
          Logout a role.

UserPrincipal popRole(UserPrincipal user)
          Pop role from a Principal.

UserPrincipal pushRole(UserPrincipal user, java.lang.String role)
          Push role onto a Principal.

java.lang.Object put(java.lang.Object name, java.lang.Object credentials)
          Put user into realm.

void readExternal(java.io.ObjectInput in)


void setName(java.lang.String name)


void setSingleSignOn(HttpRequest request, HttpResponse response, UserPrincipal principal, Credential credential)
          Set SSO principal and credential.

void setSSORealm(SSORealm ssoRealm)
          Set the SSORealm.

java.lang.String toString()


void writeExternal(java.io.ObjectOutput out)


Methods inherited from class java.util.HashMap

clear, clone, containsKey, containsValue, entrySet, get, isEmpty, keySet, putAll, remove, size, values

Methods inherited from class java.util.AbstractMap

equals, hashCode

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.util.Map

equals, hashCode

Field Detail

__SSO

public static final java.lang.String __SSO

HttpContext Attribute to set to activate SSO.

See Also:: Constant Field Values

Constructor Detail

HashUserRealm

public HashUserRealm()

Constructor.

HashUserRealm

public HashUserRealm(java.lang.String name)

Constructor.
Parameters:: name - Realm Name

HashUserRealm

public HashUserRealm(java.lang.String name,
                     java.lang.String config)
              throws java.io.IOException

Constructor.
Parameters:: name - Realm name; config - Filename or url of user properties file.

Method Detail

writeExternal

public void writeExternal(java.io.ObjectOutput out)
                   throws java.io.IOException

Specified by:: writeExternal in interface java.io.Externalizable

java.io.IOException

readExternal

public void readExternal(java.io.ObjectInput in)
                  throws java.io.IOException,
                         java.lang.ClassNotFoundException

Specified by:: readExternal in interface java.io.Externalizable

java.io.IOException

java.lang.ClassNotFoundException

load

public void load(java.lang.String config)
          throws java.io.IOException

Load realm users from properties file. The property file maps usernames to password specs followed by an optional comma separated list of role names.

Parameters:: config - Filename or url of user properties file.
Throws:: java.io.IOException

setName

public void setName(java.lang.String name)

Parameters:: name - The realm name

getName

public java.lang.String getName()

Specified by:: getName in interface UserRealm

Returns:: The realm name.

authenticate

public UserPrincipal authenticate(java.lang.String username,
                                  java.lang.Object credentials,
                                  HttpRequest request)

Description copied from interface: UserRealm

Authenticate a users credentials. Implementations of this method may adorn the calling context to assoicate it with the authenticated principal (eg ThreadLocals). If such context associations are made, they should be considered valid until a UserRealm.deAuthenticate(UserPrincipal) call is made for this UserPrincipal.

Specified by:: authenticate in interface UserRealm

Parameters:: username - The username.; credentials - The user credentials, normally a String password.; request - The request to be authenticated. Additional parameters may be extracted or set on this request as needed for the authentication mechanism (none required for BASIC and FORM authentication).
Returns:: The authenticated UserPrincipal.

disassociate

public void disassociate(UserPrincipal user)

Description copied from interface: UserRealm

Dissassociate the calling context with a Principal. This method is called when the calling context is not longer associated with the Principal. It should be used by an implementation to remove context associations such as ThreadLocals. The UserPrincipal object remains authenticated, as it may be associated with other contexts.

Specified by:: disassociate in interface UserRealm

Parameters:: user - A UserPrincipal allocated from this realm.

pushRole

public UserPrincipal pushRole(UserPrincipal user,
                              java.lang.String role)

Description copied from interface: UserRealm

Push role onto a Principal. This method is used to add a role to an existing principal.

Specified by:: pushRole in interface UserRealm

Parameters:: user - An existing UserPrincipal or null for an anonymous user.; role - The role to add.
Returns:: A new UserPrincipal object that wraps the passed user, but with the added role.

popRole

public UserPrincipal popRole(UserPrincipal user)

Description copied from interface: UserRealm

Pop role from a Principal.

Specified by:: popRole in interface UserRealm

Parameters:: user - A UserPrincipal previously returned from pushRole
Returns:: The principal without the role. Most often this will be the original UserPrincipal passed.

put

public java.lang.Object put(java.lang.Object name,
                            java.lang.Object credentials)

Put user into realm.

Specified by:: put in interface java.util.Map
Overrides:: put in class java.util.HashMap

Parameters:: name - User name; credentials - String password, Password or UserPrinciple instance.
Returns:: Old UserPrinciple value or null

addUserToRole

public void addUserToRole(java.lang.String userName,
                          java.lang.String roleName)

Add a user to a role.

Parameters:: userName -; roleName -

isUserInRole

public boolean isUserInRole(UserPrincipal user,
                            java.lang.String roleName)

Check if a user is in a role.

Parameters:: user - The user, which must be from this realm; roleName -
Returns:: True if the user can act in the role.

logout

public void logout(UserPrincipal user)

Description copied from interface: UserRealm

Logout a role. This method is called for authentication mechanisms that have a concept of logout (which is only FORM). Most Authenticaton mechanisms need not do anything with this method.

Specified by:: logout in interface UserRealm

toString

public java.lang.String toString()

Overrides:: toString in class java.util.AbstractMap

dump

public void dump(java.io.PrintStream out)

getSSORealm

public SSORealm getSSORealm()

Returns:: The SSORealm to delegate single sign on requests to.

setSSORealm

public void setSSORealm(SSORealm ssoRealm)

Set the SSORealm. A SSORealm implementation may be set to enable support for SSO.

Parameters:: ssoRealm - The SSORealm to delegate single sign on requests to.

getSingleSignOn

public Credential getSingleSignOn(HttpRequest request,
                                  HttpResponse response)

Description copied from interface: SSORealm

Get SSO credentials. This call is used by an authenticator to check if a SSO exists for a request. If SSO authentiation is successful, the requests UserPrincipal and AuthUser fields are set. If available, the credential used to authenticate the user is returned. If recoverable credentials are not required then null may be return.

Specified by:: getSingleSignOn in interface SSORealm

Parameters:: request - The request to SSO.; response - The response to SSO.
Returns:: A credential if available for SSO authenticated requests.

setSingleSignOn

public void setSingleSignOn(HttpRequest request,
                            HttpResponse response,
                            UserPrincipal principal,
                            Credential credential)

Description copied from interface: SSORealm

Set SSO principal and credential. This call is used by an authenticator to inform the SSO mechanism that a user has signed on. The SSO mechanism should record the principal and credential and update the response with any cookies etc. required.

Specified by:: setSingleSignOn in interface SSORealm

Parameters:: request - The authenticated request.; response - The authenticated response/; principal - The principal that has been authenticated.; credential - The credentials used to authenticate.

clearSingleSignOn

public void clearSingleSignOn(java.lang.String username)

Description copied from interface: SSORealm

Clear SSO for user.

Specified by:: clearSingleSignOn in interface SSORealm

Parameters:: username - The user to clear.

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

Field Summary
`static java.lang.String`	`__SSO` HttpContext Attribute to set to activate SSO.

Constructor Summary
`HashUserRealm()` Constructor.
`HashUserRealm(java.lang.String name)` Constructor.
`HashUserRealm(java.lang.String name, java.lang.String config)` Constructor.

Method Summary
`void`	`addUserToRole(java.lang.String userName, java.lang.String roleName)` Add a user to a role.
`UserPrincipal`	`authenticate(java.lang.String username, java.lang.Object credentials, HttpRequest request)` Authenticate a users credentials.
`void`	`clearSingleSignOn(java.lang.String username)` Clear SSO for user.
`void`	`disassociate(UserPrincipal user)` Dissassociate the calling context with a Principal.
`void`	`dump(java.io.PrintStream out)`
`java.lang.String`	`getName()`
`Credential`	`getSingleSignOn(HttpRequest request, HttpResponse response)` Get SSO credentials.
`SSORealm`	`getSSORealm()`
`boolean`	`isUserInRole(UserPrincipal user, java.lang.String roleName)` Check if a user is in a role.
`void`	`load(java.lang.String config)` Load realm users from properties file.
`void`	`logout(UserPrincipal user)` Logout a role.
`UserPrincipal`	`popRole(UserPrincipal user)` Pop role from a Principal.
`UserPrincipal`	`pushRole(UserPrincipal user, java.lang.String role)` Push role onto a Principal.
`java.lang.Object`	`put(java.lang.Object name, java.lang.Object credentials)` Put user into realm.
`void`	`readExternal(java.io.ObjectInput in)`
`void`	`setName(java.lang.String name)`
`void`	`setSingleSignOn(HttpRequest request, HttpResponse response, UserPrincipal principal, Credential credential)` Set SSO principal and credential.
`void`	`setSSORealm(SSORealm ssoRealm)` Set the SSORealm.
`java.lang.String`	`toString()`
`void`	`writeExternal(java.io.ObjectOutput out)`

org.mortbay.http Class HashUserRealm

__SSO

HashUserRealm

HashUserRealm

HashUserRealm

writeExternal

readExternal

load

setName

getName

authenticate

disassociate

pushRole

popRole

put

addUserToRole

isUserInRole

logout

toString

dump

getSSORealm

setSSORealm

getSingleSignOn

setSingleSignOn

clearSingleSignOn

org.mortbay.http
Class HashUserRealm