[JBoss-dev] CVS update: jbosssx/src/main/org/jboss/security/auth/spi UsersRolesLoginModule.java
User: starksm Date: 02/02/06 12:01:31 Modified:src/main/org/jboss/security/auth/spi Tag: Branch_2_4 UsersRolesLoginModule.java Log: Add new login module options: usersProperties: The name of the properties resource containing user/passwords. The default is "users.properties" rolesProperties: The name of the properties resource containing user/roles The default is "roles.properties". Revision ChangesPath No revision No revision 1.6.4.3 +29 -20 jbosssx/src/main/org/jboss/security/auth/spi/UsersRolesLoginModule.java Index: UsersRolesLoginModule.java === RCS file: /cvsroot/jboss/jbosssx/src/main/org/jboss/security/auth/spi/UsersRolesLoginModule.java,v retrieving revision 1.6.4.2 retrieving revision 1.6.4.3 diff -u -r1.6.4.2 -r1.6.4.3 --- UsersRolesLoginModule.java2002/02/05 18:59:04 1.6.4.2 +++ UsersRolesLoginModule.java2002/02/06 20:01:31 1.6.4.3 @@ -32,10 +32,11 @@ /** A simple properties file based login module that consults two Java Properties formatted text files for username to password("users.properties") and -username to roles("roles.properties") mapping. The properties files are loaded -during initialization using the thread context class loader. This means that -these files can be placed into the J2EE deployment jar or the JBoss config -directory. +username to roles("roles.properties") mapping. The names of the properties +files may be overriden by the usersProperties and rolesProperties options. +The properties files are loaded during initialization using the thread context +class loader. This means that these files can be placed into the J2EE +deployment jar or the JBoss config directory. The users.properties file uses a format: username1=password1 @@ -62,19 +63,34 @@ */ public class UsersRolesLoginModule extends UsernamePasswordLoginModule { +/** The name of the properties resource containing user/passwords */ +private String usersRsrcName = "users.properties"; +/** The name of the properties resource containing user/roles */ +private String rolesRsrcName = "roles.properties"; /** The users.properties values */ private Properties users; /** The roles.properties values */ private Properties roles; -/** - * Initialize this LoginModule. +/** Initialize this LoginModule. + *@param options, the login module option map. Supported options include: + *usersProperties: The name of the properties resource containing + user/passwords. The default is "users.properties" + *rolesProperties: The name of the properties resource containing user/roles + The default is "roles.properties". */ public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { super.initialize(subject, callbackHandler, sharedState, options); try { +// Check for usersProperties & rolesProperties +String option = (String) options.get("usersProperties"); +if( option != null ) + usersRsrcName = option; +option = (String) options.get("rolesProperties"); +if( option != null ) + rolesRsrcName = option; // Load the properties file that contains the list of users and passwords loadUsers(); loadRoles(); @@ -87,17 +103,11 @@ } } -/** - * Method to authenticate a Subject (phase 1). - * - * Most of the changes from the original SimpleServerLoginModule - * are made in this method. They are: - * users and passwords read from users.properties file - * users and roles read from roles.properties file - * - * I've also removed the notion of a guest login. If you want to provide 'guest' - * access to your beans then simply disable security on them. - * +/** Method to authenticate a Subject (phase 1). This validates that the + *users and roles properties files were loaded and then calls + *super.login to perform the validation of the password. + *@exception LoginException, thrown if the users or roles properties files + *were not found or the super.login method fails. */ public boolean login() throws LoginException { @@ -180,12 +190,12 @@ private void loadUsers() throws IOException { -users = loadProperties("users.properties"); +users = loadProperties(usersRsrcName); } private void loadRoles() throws IOException { -roles = loadProperties("roles.properties"); +roles = loadProperties(rolesRsrcName); }
[JBoss-dev] CVS update: jbosssx/src/main/org/jboss/security/auth/spi UsersRolesLoginModule.java
User: starksm Date: 02/02/05 10:59:04 Modified:src/main/org/jboss/security/auth/spi Tag: Branch_2_4 UsersRolesLoginModule.java Log: Fix problem with role assignment with users have a common prefix in their username. Bug #513245 Revision ChangesPath No revision No revision 1.6.4.2 +8 -5 jbosssx/src/main/org/jboss/security/auth/spi/UsersRolesLoginModule.java Index: UsersRolesLoginModule.java === RCS file: /cvsroot/jboss/jbosssx/src/main/org/jboss/security/auth/spi/UsersRolesLoginModule.java,v retrieving revision 1.6.4.1 retrieving revision 1.6.4.2 diff -u -r1.6.4.1 -r1.6.4.2 --- UsersRolesLoginModule.java2001/10/19 23:50:08 1.6.4.1 +++ UsersRolesLoginModule.java2002/02/05 18:59:04 1.6.4.2 @@ -127,12 +127,15 @@ String value = roles.getProperty(user); // See if this entry is of the form targetUser[.GroupName]=roles int index = user.indexOf('.'); -int length = index > 0 ? index : user.length(); -if( targetUser.regionMatches(0, user, 0, length) == false ) -continue; +boolean isRoleGroup = false; +boolean userMatch = false; +if( index > 0 && targetUser.regionMatches(0, user, 0, index) == true ) +isRoleGroup = true; +else + userMatch = targetUser.equals(user); // Check for username.RoleGroup pattern -if( index > 0 ) +if( isRoleGroup == true ) { String groupName = user.substring(index+1); if( groupName.equals("Roles") ) @@ -144,7 +147,7 @@ groups.add(group); } } -else +else if( userMatch == true ) { // Place these roles into the Default "Roles" group parseGroupMembers(rolesGroup, value); ___ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
[JBoss-dev] CVS update: jbosssx/src/main/org/jboss/security/auth/spi UsersRolesLoginModule.java
User: starksm Date: 01/05/30 05:25:07 Modified:src/main/org/jboss/security/auth/spi UsersRolesLoginModule.java Log: Prevent NPE for missing users/roles properties files Fix problem with parsing of similar username roles Revision ChangesPath 1.6 +46 -40 jbosssx/src/main/org/jboss/security/auth/spi/UsersRolesLoginModule.java Index: UsersRolesLoginModule.java === RCS file: /cvsroot/jboss/jbosssx/src/main/org/jboss/security/auth/spi/UsersRolesLoginModule.java,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- UsersRolesLoginModule.java2001/04/23 16:22:17 1.5 +++ UsersRolesLoginModule.java2001/05/30 12:25:07 1.6 @@ -62,10 +62,10 @@ */ public class UsersRolesLoginModule extends UsernamePasswordLoginModule { - // users+passwords, users+roles -private Properties _users; // You might think these should be static. The only problem with -private Properties _roles; // static attributes is they are shared across the VM. So I chose safety - // over performance. +/** The users.properties values */ +private Properties users; +/** The roles.properties values */ +private Properties roles; /** * Initialize this LoginModule. @@ -75,16 +75,16 @@ super.initialize(subject, callbackHandler, sharedState, options); try { -// Load the properties file that contains the list of users and passwords - LoadUsers(); - LoadRoles(); +// Load the properties file that contains the list of users and passwords +loadUsers(); +loadRoles(); } catch (Exception e) { - System.out.print("[JAASSecurity] PANIC! Couldn't load users/passwords/role files.\n"); - e.printStackTrace(); -// Note that although this exception isn't passed on, _users or _roles will be null -// so that any call to login will throw a LoginException. +// Note that although this exception isn't passed on, users or roles will be null +// so that any call to login will throw a LoginException. +System.out.print("Error, couldn't load users/passwords/role files.\n"); +e.printStackTrace(); } } @@ -102,9 +102,9 @@ */ public boolean login() throws LoginException { -if(_users == null ) +if( users == null ) throw new LoginException("Missing users.properties file."); -if(_roles == null ) +if( roles == null ) throw new LoginException("Missing roles.properties file."); return super.login(); @@ -118,19 +118,21 @@ protected Group[] getRoleSets() throws LoginException { String targetUser = getUsername(); -Enumeration users = _roles.propertyNames(); +Enumeration users = roles.propertyNames(); SimpleGroup rolesGroup = new SimpleGroup("Roles"); ArrayList groups = new ArrayList(); groups.add(rolesGroup); while( users.hasMoreElements() ) { String user = (String) users.nextElement(); -String value = _roles.getProperty(user); -if( user.startsWith(targetUser) == false ) +String value = roles.getProperty(user); +// See if this entry is of the form targetUser[.GroupName]=roles +int index = user.indexOf('.'); +int length = index > 0 ? index : user.length(); +if( targetUser.regionMatches(0, user, 0, length) == false ) continue; // Check for username.RoleGroup pattern -int index = user.indexOf('.'); if( index > 0 ) { String groupName = user.substring(index+1); @@ -139,7 +141,7 @@ else { SimpleGroup group = new SimpleGroup(groupName); -parseGroupMembers(rolesGroup, value); +parseGroupMembers(group, value); groups.add(group); } } @@ -155,7 +157,11 @@ } protected String getUsersPassword() { -return _users.getProperty(getUsername(), null); +String username = getUsername(); +String password = null; +if( username != null ) +password = users.getProperty(username , null); +return password; } // utility methods @@ -170,14 +176,14 @@ } } -private void LoadUsers() throws IOException +private void loadUsers() throws IOException { - _users = LoadProperties("users.
[JBoss-dev] CVS update: jbosssx/src/main/org/jboss/security/auth/spi UsersRolesLoginModule.java
User: starksm Date: 01/04/23 09:17:33 Modified:src/main/org/jboss/security/auth/spi UsersRolesLoginModule.java Log: Clean up properties file loading to avoid NPEs Revision ChangesPath 1.4 +8 -4 jbosssx/src/main/org/jboss/security/auth/spi/UsersRolesLoginModule.java Index: UsersRolesLoginModule.java === RCS file: /cvsroot/jboss/jbosssx/src/main/org/jboss/security/auth/spi/UsersRolesLoginModule.java,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- UsersRolesLoginModule.java2001/04/13 20:04:54 1.3 +++ UsersRolesLoginModule.java2001/04/23 16:17:33 1.4 @@ -182,17 +182,21 @@ private Properties LoadProperties(String propertiesName) throws IOException { Properties bundle = null; - InputStream is =Thread.currentThread().getContextClassLoader().getResource(propertiesName).openStream(); - - if (null != is) + ClassLoader loader = Thread.currentThread().getContextClassLoader(); + URL url = loader.getResource(propertiesName); + if( url == null ) + throw new IOException("Properties file " + propertiesName + " not found"); + InputStream is = url.openStream(); + if( is != null ) { bundle = new Properties(); bundle.load(is); } else { - throw new IOException("Properties file " + propertiesName + " not found"); + throw new IOException("Properties file " + propertiesName + " not avilable"); } return bundle; } } + ___ Jboss-development mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-development
[JBoss-dev] CVS update: jbosssx/src/main/org/jboss/security/auth/spi UsersRolesLoginModule.java
User: starksm Date: 01/04/23 09:22:17 Modified:src/main/org/jboss/security/auth/spi UsersRolesLoginModule.java Log: Update the package imports Revision ChangesPath 1.5 +8 -2 jbosssx/src/main/org/jboss/security/auth/spi/UsersRolesLoginModule.java Index: UsersRolesLoginModule.java === RCS file: /cvsroot/jboss/jbosssx/src/main/org/jboss/security/auth/spi/UsersRolesLoginModule.java,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- UsersRolesLoginModule.java2001/04/23 16:17:33 1.4 +++ UsersRolesLoginModule.java2001/04/23 16:22:17 1.5 @@ -6,8 +6,14 @@ */ package org.jboss.security.auth.spi; -import java.util.*; -import java.io.*; +import java.io.InputStream; +import java.io.IOException; +import java.net.URL; +import java.util.ArrayList; +import java.util.Enumeration; +import java.util.Map; +import java.util.Properties; +import java.util.StringTokenizer; import java.security.acl.Group; import javax.security.auth.Subject; ___ Jboss-development mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-development