Package org.apache.shiro.realm.text

Class PropertiesRealm

  • All Implemented Interfaces:
    , LogoutAware, Authorizer, PermissionResolverAware, RolePermissionResolverAware, org.apache.shiro.cache.CacheManagerAware, Realm, org.apache.shiro.util.Destroyable, org.apache.shiro.util.Initializable, org.apache.shiro.util.Nameable
    public class PropertiesRealm
extends TextConfigurationRealm
implements org.apache.shiro.util.Destroyable,
    A TextConfigurationRealm that defers all logic to the parent class, but just enables based configuration in addition to the parent class's String configuration.

    This class allows processing of a single .properties file for user, role, and permission configuration.

    The resourcePath MUST be set before this realm can be initialized. You can specify any resource path supported by ResourceUtils.getInputStreamForPath method.

    The Properties format understood by this implementation must be written as follows:

    Each line's key/value pair represents either a user-to-role(s) mapping or a role-to-permission(s) mapping.

    The user-to-role(s) lines have this format:

    user.username = password,role1,role2,...

    Note that each key is prefixed with the token user. Each value must adhere to the the setUserDefinitions(String) JavaDoc.

    The role-to-permission(s) lines have this format:

    role.rolename = permissionDefinition1, permissionDefinition2, ...

    where each key is prefixed with the token role. and the value adheres to the format specified in the setRoleDefinitions(String) JavaDoc.

    Here is an example of a very simple properties definition that conforms to the above format rules and corresponding method JavaDocs:

    user.root = rootPassword,administrator
    user.jsmith = jsmithPassword,manager,engineer,employee
    user.abrown = abrownPassword,qa,employee
    user.djones = djonesPassword,qa,contractor

    role.administrator = *
    role.manager = "user:read,write", file:execute:/usr/local/emailManagers.sh
    role.engineer = "file:read,execute:/usr/local/tomcat/bin/startup.sh"
    role.employee = application:use:wiki
    role.qa = "server:view,start,shutdown,restart:someQaServer", server:view:someProductionServer
    role.contractor = application:use:timesheet

    Since:
    0.2

    • Field Detail

      • scheduler

        protected  scheduler

      • useXmlFormat

        protected boolean useXmlFormat

      • resourcePath

        protected  resourcePath

      • fileLastModified

        protected long fileLastModified

      • reloadIntervalSeconds

        protected int reloadIntervalSeconds

    • Constructor Detail

      • PropertiesRealm

        public PropertiesRealm()

    • Method Detail

      • setUseXmlFormat

        public void setUseXmlFormat​(boolean useXmlFormat)
        Determines whether or not the properties XML format should be used. For more information, see
        Parameters:
        useXmlFormat - true to use XML or false to use the normal format. Defaults to false.

      • setResourcePath

        public void setResourcePath​( resourcePath)
        Sets the path of the properties file to load user, role, and permission information from. The properties file will be loaded using ResourceUtils.getInputStreamForPath(String) so any convention recognized by that method is accepted here. For example, to load a file from the classpath use classpath:myfile.properties; to load a file from disk simply specify the full path; to load a file from a URL use url:www.mysite.com/myfile.properties.
        Parameters:
        resourcePath - the path to load the properties file from. This is a required property.

      • setReloadIntervalSeconds

        public void setReloadIntervalSeconds​(int reloadIntervalSeconds)
        Sets the interval in seconds at which the property file will be checked for changes and reloaded. If this is set to zero or less, property file reloading will be disabled. If it is set to 1 or greater, then a separate thread will be created to monitor the property file for changes and reload the file if it is updated.
        Parameters:
        reloadIntervalSeconds - the interval in seconds at which the property file should be examined for changes. If set to zero or less, reloading is disabled.

      • afterRoleCacheSet

        protected void afterRoleCacheSet()

      • destroy

        public void destroy()
        Destroy reload scheduler if one exists.
        Specified by:
        destroy in interface org.apache.shiro.util.Destroyable

      • startReloadThread

        protected void startReloadThread()

      • run

        public void run()
        Specified by:
         in interface 

      • getName

        protected  getName​( key,
                          prefix)

      • isUsername

        protected boolean isUsername​( key)

      • isRolename

        protected boolean isRolename​( key)

      • getUsername

        protected  getUsername​( key)

      • getRolename

        protected  getRolename​( key)