Package org.apache.shiro.realm.text

Class TextConfigurationRealm

  • All Implemented Interfaces:
    LogoutAware, Authorizer, PermissionResolverAware, RolePermissionResolverAware, org.apache.shiro.cache.CacheManagerAware, Realm, org.apache.shiro.util.Initializable, org.apache.shiro.util.Nameable
    Direct Known Subclasses:
    IniRealm, PropertiesRealm
    public class TextConfigurationRealm
extends SimpleAccountRealm
    A SimpleAccountRealm that enables text-based configuration of the initial User, Role, and Permission objects created at startup.

    Each User account definition specifies the username, password, and roles for a user. Each Role definition specifies a name and an optional collection of assigned Permissions. Users can be assigned Roles, and Roles can be assigned Permissions. By transitive association, each User 'has' all of their Role's Permissions.

    User and user-to-role definitions are specified via the setUserDefinitions(java.lang.String) method and Role-to-permission definitions are specified via the setRoleDefinitions(java.lang.String) method.
    Since:
    0.9

    • Constructor Detail

      • TextConfigurationRealm

        public TextConfigurationRealm()

    • Method Detail

      • getUserDefinitions

        public String getUserDefinitions()

      • setUserDefinitions

        public void setUserDefinitions(String userDefinitions)

        Sets a newline (\n) delimited String that defines user-to-password-and-role(s) key/value pairs according to the following format:

        username = password, role1, role2,...

        Here are some examples of what these lines might look like:

        root = reallyHardToGuessPassword, administrator
        jsmith = jsmithsPassword, manager, engineer, employee
        abrown = abrownsPassword, qa, employee
        djones = djonesPassword, qa, contractor
        guest = guestPassword

        Parameters:
        userDefinitions - the user definitions to be parsed and converted to Map.Entry elements

      • getRoleDefinitions

        public String getRoleDefinitions()

      • setRoleDefinitions

        public void setRoleDefinitions(String roleDefinitions)
        Sets a newline (\n) delimited String that defines role-to-permission definitions.

        Each line within the string must define a role-to-permission(s) key/value mapping with the equals character signifies the key/value separation, like so:

        rolename = permissionDefinition1, permissionDefinition2, ...

        where permissionDefinition is an arbitrary String, but must people will want to use Strings that conform to the WildcardPermission format for ease of use and flexibility. Note that if an individual permissionDefinition needs to be internally comma-delimited (e.g. printer:5thFloor:print,info), you will need to surround that definition with double quotes (") to avoid parsing errors (e.g. "printer:5thFloor:print,info").

        NOTE: if you have roles that don't require permission associations, don't include them in this definition - just defining the role name in the userDefinitions is enough to create the role if it does not yet exist. This property is really only for configuring realms that have one or more assigned Permission.

        Parameters:
        roleDefinitions - the role definitions to be parsed at initialization

      • processDefinitions

        protected void processDefinitions()

      • processRoleDefinitions

        protected void processRoleDefinitions(Map<String,String> roleDefs)

      • processUserDefinitions

        protected void processUserDefinitions(Map<String,String> userDefs)