| <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../jacoco-resources/report.css" type="text/css"/><link rel="shortcut icon" href="../jacoco-resources/report.gif" type="image/gif"/><title>SimpleAccountRealm.java</title><link rel="stylesheet" href="../jacoco-resources/prettify.css" type="text/css"/><script type="text/javascript" src="../jacoco-resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="info"><a href="../jacoco-sessions.html" class="el_session">Sessions</a></span><a href="../index.html" class="el_report">Apache Shiro :: Core</a> > <a href="index.source.html" class="el_package">org.apache.shiro.realm</a> > <span class="el_source">SimpleAccountRealm.java</span></div><h1>SimpleAccountRealm.java</h1><pre class="source lang-java linenums">/* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package org.apache.shiro.realm; |
| |
| import org.apache.shiro.authc.*; |
| import org.apache.shiro.authz.AuthorizationInfo; |
| import org.apache.shiro.authz.SimpleRole; |
| import org.apache.shiro.subject.PrincipalCollection; |
| import org.apache.shiro.util.CollectionUtils; |
| |
| import java.util.HashSet; |
| import java.util.LinkedHashMap; |
| import java.util.Map; |
| import java.util.Set; |
| import java.util.concurrent.locks.Lock; |
| import java.util.concurrent.locks.ReadWriteLock; |
| import java.util.concurrent.locks.ReentrantReadWriteLock; |
| |
| /** |
| * A simple implementation of the {@link Realm Realm} interface that |
| * uses a set of configured user accounts and roles to support authentication and authorization. Each account entry |
| * specifies the username, password, and roles for a user. Roles can also be mapped |
| * to permissions and associated with users. |
| * <p/> |
| * User accounts and roles are stored in two {@code Map}s in memory, so it is expected that the total number of either |
| * is not sufficiently large. |
| * |
| * @since 0.1 |
| */ |
| public class SimpleAccountRealm extends AuthorizingRealm { |
| |
| //TODO - complete JavaDoc |
| protected final Map<String, SimpleAccount> users; //username-to-SimpleAccount |
| protected final Map<String, SimpleRole> roles; //roleName-to-SimpleRole |
| protected final ReadWriteLock USERS_LOCK; |
| protected final ReadWriteLock ROLES_LOCK; |
| |
| <span class="fc" id="L54"> public SimpleAccountRealm() {</span> |
| <span class="fc" id="L55"> this.users = new LinkedHashMap<String, SimpleAccount>();</span> |
| <span class="fc" id="L56"> this.roles = new LinkedHashMap<String, SimpleRole>();</span> |
| <span class="fc" id="L57"> USERS_LOCK = new ReentrantReadWriteLock();</span> |
| <span class="fc" id="L58"> ROLES_LOCK = new ReentrantReadWriteLock();</span> |
| //SimpleAccountRealms are memory-only realms - no need for an additional cache mechanism since we're |
| //already as memory-efficient as we can be: |
| <span class="fc" id="L61"> setCachingEnabled(false);</span> |
| <span class="fc" id="L62"> }</span> |
| |
| public SimpleAccountRealm(String name) { |
| <span class="nc" id="L65"> this();</span> |
| <span class="nc" id="L66"> setName(name);</span> |
| <span class="nc" id="L67"> }</span> |
| |
| protected SimpleAccount getUser(String username) { |
| <span class="fc" id="L70"> USERS_LOCK.readLock().lock();</span> |
| try { |
| <span class="fc" id="L72"> return this.users.get(username);</span> |
| } finally { |
| <span class="pc" id="L74"> USERS_LOCK.readLock().unlock();</span> |
| } |
| } |
| |
| public boolean accountExists(String username) { |
| <span class="fc bfc" id="L79" title="All 2 branches covered."> return getUser(username) != null;</span> |
| } |
| |
| public void addAccount(String username, String password) { |
| <span class="nc" id="L83"> addAccount(username, password, (String[]) null);</span> |
| <span class="nc" id="L84"> }</span> |
| |
| public void addAccount(String username, String password, String... roles) { |
| <span class="nc" id="L87"> Set<String> roleNames = CollectionUtils.asSet(roles);</span> |
| <span class="nc" id="L88"> SimpleAccount account = new SimpleAccount(username, password, getName(), roleNames, null);</span> |
| <span class="nc" id="L89"> add(account);</span> |
| <span class="nc" id="L90"> }</span> |
| |
| protected String getUsername(SimpleAccount account) { |
| <span class="fc" id="L93"> return getUsername(account.getPrincipals());</span> |
| } |
| |
| protected String getUsername(PrincipalCollection principals) { |
| <span class="fc" id="L97"> return getAvailablePrincipal(principals).toString();</span> |
| } |
| |
| protected void add(SimpleAccount account) { |
| <span class="fc" id="L101"> String username = getUsername(account);</span> |
| <span class="fc" id="L102"> USERS_LOCK.writeLock().lock();</span> |
| try { |
| <span class="fc" id="L104"> this.users.put(username, account);</span> |
| } finally { |
| <span class="pc" id="L106"> USERS_LOCK.writeLock().unlock();</span> |
| <span class="fc" id="L107"> }</span> |
| <span class="fc" id="L108"> }</span> |
| |
| protected SimpleRole getRole(String rolename) { |
| <span class="fc" id="L111"> ROLES_LOCK.readLock().lock();</span> |
| try { |
| <span class="fc" id="L113"> return roles.get(rolename);</span> |
| } finally { |
| <span class="pc" id="L115"> ROLES_LOCK.readLock().unlock();</span> |
| } |
| } |
| |
| public boolean roleExists(String name) { |
| <span class="fc bfc" id="L120" title="All 2 branches covered."> return getRole(name) != null;</span> |
| } |
| |
| public void addRole(String name) { |
| <span class="nc" id="L124"> add(new SimpleRole(name));</span> |
| <span class="nc" id="L125"> }</span> |
| |
| protected void add(SimpleRole role) { |
| <span class="fc" id="L128"> ROLES_LOCK.writeLock().lock();</span> |
| try { |
| <span class="fc" id="L130"> roles.put(role.getName(), role);</span> |
| } finally { |
| <span class="pc" id="L132"> ROLES_LOCK.writeLock().unlock();</span> |
| <span class="fc" id="L133"> }</span> |
| <span class="fc" id="L134"> }</span> |
| |
| protected static Set<String> toSet(String delimited, String delimiter) { |
| <span class="nc bnc" id="L137" title="All 4 branches missed."> if (delimited == null || delimited.trim().equals("")) {</span> |
| <span class="nc" id="L138"> return null;</span> |
| } |
| |
| <span class="nc" id="L141"> Set<String> values = new HashSet<String>();</span> |
| <span class="nc" id="L142"> String[] rolenamesArray = delimited.split(delimiter);</span> |
| <span class="nc bnc" id="L143" title="All 2 branches missed."> for (String s : rolenamesArray) {</span> |
| <span class="nc" id="L144"> String trimmed = s.trim();</span> |
| <span class="nc bnc" id="L145" title="All 2 branches missed."> if (trimmed.length() > 0) {</span> |
| <span class="nc" id="L146"> values.add(trimmed);</span> |
| } |
| } |
| |
| <span class="nc" id="L150"> return values;</span> |
| } |
| |
| protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { |
| <span class="fc" id="L154"> UsernamePasswordToken upToken = (UsernamePasswordToken) token;</span> |
| <span class="fc" id="L155"> SimpleAccount account = getUser(upToken.getUsername());</span> |
| |
| <span class="pc bpc" id="L157" title="1 of 2 branches missed."> if (account != null) {</span> |
| |
| <span class="pc bpc" id="L159" title="1 of 2 branches missed."> if (account.isLocked()) {</span> |
| <span class="nc" id="L160"> throw new LockedAccountException("Account [" + account + "] is locked.");</span> |
| } |
| <span class="pc bpc" id="L162" title="1 of 2 branches missed."> if (account.isCredentialsExpired()) {</span> |
| <span class="nc" id="L163"> String msg = "The credentials for account [" + account + "] are expired";</span> |
| <span class="nc" id="L164"> throw new ExpiredCredentialsException(msg);</span> |
| } |
| |
| } |
| |
| <span class="fc" id="L169"> return account;</span> |
| } |
| |
| protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { |
| <span class="fc" id="L173"> String username = getUsername(principals);</span> |
| <span class="fc" id="L174"> USERS_LOCK.readLock().lock();</span> |
| try { |
| <span class="fc" id="L176"> return this.users.get(username);</span> |
| } finally { |
| <span class="pc" id="L178"> USERS_LOCK.readLock().unlock();</span> |
| } |
| } |
| } |
| </pre><div class="footer"><span class="right">Created with <a href="http://www.eclemma.org/jacoco">JaCoCo</a> 0.7.7.201606060606</span></div></body></html> |