TextConfigurationRealm (JSecurity API 0.9.0)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

JSecurity

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.jsecurity.realm.text
Class TextConfigurationRealm

java.lang.Object
  org.jsecurity.realm.CachingRealm
      org.jsecurity.realm.AuthenticatingRealm
          org.jsecurity.realm.AuthorizingRealm
              org.jsecurity.realm.SimpleAccountRealm
                  org.jsecurity.realm.text.TextConfigurationRealm

All Implemented Interfaces:: LogoutAware, Authorizer, PermissionResolverAware, CacheManagerAware, Realm, Initializable

Direct Known Subclasses:: PropertiesRealm

public class TextConfigurationRealm
extends SimpleAccountRealm
extends SimpleAccountRealm

a SimpleAccountRealm that enables text-based configuration of the initial User, Role, and Permission objects created at startup.

Each User account definition specifies the username, password, and roles for a user. Each Role definition specifies a name and an optional collection of assigned Permissions. Users can be assigned Roles, and Roles can be assigned Permissions. By transitive association, each User 'has' all of their Role's Permissions.

User and user-to-role definitinos are specified via the setUserDefinitions(java.lang.String) method and Role-to-permission definitions are specified via the setRoleDefinitions(java.lang.String) method.

Since:: 0.9
Author:: Les Hazlewood

Field Summary

Fields inherited from class org.jsecurity.realm.SimpleAccountRealm
`roles`

Constructor Summary
`TextConfigurationRealm()`

Method Summary
`protected void`	`accountAndRoleCachesCreated()`
`String`	`getRoleDefinitions()`
`String`	`getUserDefinitions()`
`void`	`onLogout(PrincipalCollection accountPrincipal)` If authorization caching is enabled, this will remove the AuthorizationInfo from the cache.
`protected void`	`processDefinitions()`
`protected void`	`processRoleDefinitions()`
`protected void`	`processUserDefinitions()`
`void`	`setRoleDefinitions(String roleDefinitions)` Sets a newline (\n) delimited String that defines role-to-permission definitions.
`void`	`setUserDefinitions(String userDefinitions)` Sets a newline (\n) delimited String that defines user-to-password-and-role(s) key/value pairs according to the following format: `username = password, role1, role2,...`
`protected static Set<String>`	`toLines(String s)`
`protected static Map<String,String>`	`toMap(Collection<String> keyValuePairs)`

Methods inherited from class org.jsecurity.realm.SimpleAccountRealm
`accountExists, add, add, addAccount, addAccount, addRole, afterAuthorizationCacheSet, afterRoleCacheSet, doGetAuthenticationInfo, doGetAuthorizationInfo, getAuthorizationCacheKey, getRole, getUser, initRoleCache, roleExists, toSet`

Methods inherited from class org.jsecurity.realm.AuthorizingRealm
afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, clearCachedAuthorizationInfo, getAuthorizationCache, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, init, initAuthorizationCache, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, setAuthorizationCache, setAuthorizationCacheName, setPermissionResolver

Methods inherited from class org.jsecurity.realm.AuthorizingRealm

afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, clearCachedAuthorizationInfo, getAuthorizationCache, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, init, initAuthorizationCache, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, setAuthorizationCache, setAuthorizationCacheName, setPermissionResolver

Methods inherited from class org.jsecurity.realm.AuthenticatingRealm
`getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, setAuthenticationTokenClass, setCredentialsMatcher, supports`

Methods inherited from class org.jsecurity.realm.CachingRealm
`getCacheManager, getName, setCacheManager, setName`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

TextConfigurationRealm

public TextConfigurationRealm()

Method Detail

getUserDefinitions

public String getUserDefinitions()

setUserDefinitions

public void setUserDefinitions(String userDefinitions)

Sets a newline (\n) delimited String that defines user-to-password-and-role(s) key/value pairs according to the following format:

username = password, role1, role2,...

Here are some examples of what these lines might look like:

root = reallyHardToGuessPassword, administrator jsmith = jsmithsPassword, manager, engineer, employee abrown = abrownsPassword, qa, employee djones = djonesPassword, qa, contractor guest = guestPassword

Parameters:: userDefinitions - the user definitions to be parsed and converted to Map.Entry elements

getRoleDefinitions

public String getRoleDefinitions()

setRoleDefinitions

public void setRoleDefinitions(String roleDefinitions)

Sets a newline (\n) delimited String that defines role-to-permission definitions.

Each line within the string must define a role-to-permission(s) key/value mapping with the equals character signifies the key/value separation, like so:

rolename = permissionDefinition1, permissionDefinition2, ...

where permissionDefinition is an arbitrary String, but must people will want to use Strings that conform to the WildcardPermission format for ease of use and flexibility. Note that if an individual permissionDefnition needs to be internally comma-delimited (e.g. printer:5thFloor:print,info), you will need to surround that definition with double quotes (") to avoid parsing errors (e.g. "printer:5thFloor:print,info").

NOTE: if you have roles that don't require permission associations, don't include them in this definition - just defining the role name in the userDefinitions is enough to create the role if it does not yet exist. This property is really only for configuring realms that have one or more assigned Permission.

Parameters:: roleDefinitions - the role definitions to be parsed at initialization

accountAndRoleCachesCreated

protected void accountAndRoleCachesCreated()

Overrides:: accountAndRoleCachesCreated in class SimpleAccountRealm

processDefinitions

protected void processDefinitions()

processRoleDefinitions

protected void processRoleDefinitions()
                               throws ParseException

Throws:: ParseException

processUserDefinitions

protected void processUserDefinitions()
                               throws ParseException

Throws:: ParseException

toLines

protected static Set<String> toLines(String s)

toMap

protected static Map<String,String> toMap(Collection<String> keyValuePairs)
                                   throws ParseException

Throws:: ParseException

onLogout

public void onLogout(PrincipalCollection accountPrincipal)

Description copied from class: AuthorizingRealm

If authorization caching is enabled, this will remove the AuthorizationInfo from the cache. Subclasses are free to override for additional behavior, but be sure to call super.onLogout to ensure cache cleanup.

Specified by:: onLogout in interface LogoutAware
Overrides:: onLogout in class AuthorizingRealm

Parameters:: accountPrincipal - the application-specific Subject/user identifier.