ConfigFilepublic class ConfigFile extends Configuration This class represents a default implementation for
javax.security.auth.login.Configuration.
This object stores the runtime login configuration representation,
and is the amalgamation of multiple static login
configurations that resides in files.
The algorithm for locating the login configuration file(s) and reading their
information into this Configuration object is:
-
Loop through the
java.security.Security properties,
login.config.url.1, login.config.url.2, ...,
login.config.url.X. These properties are set
in the Java security properties file, which is located in the file named
<JAVA_HOME>/lib/security/java.security, where <JAVA_HOME>
refers to the directory where the JDK was installed.
Each property value specifies a URL pointing to a
login configuration file to be loaded. Read in and load
each configuration.
-
The
java.lang.System property
java.security.auth.login.config
may also be set to a URL pointing to another
login configuration file
(which is the case when a user uses the -D switch at runtime).
If this property is defined, and its use is allowed by the
security property file (the Security property,
policy.allowSystemProperty is set to true),
also load that login configuration.
-
If the java.security.auth.login.config property is defined using
"==" (rather than "="), then ignore all other specified
login configurations and only load this configuration.
-
If no system or security properties were set, try to read from the file,
${user.home}/.java.login.config, where ${user.home} is the value
represented by the "user.home" System property.
The configuration syntax supported by this implementation
is exactly that syntax specified in the
javax.security.auth.login.Configuration class. |
| Fields Summary |
|---|
| private StreamTokenizer | st | | private int | lookahead | | private int | linenum | | private HashMap | configuration | | private boolean | expandProp | | private boolean | testing |
| Constructors Summary |
|---|
public ConfigFile()Create a new Configuration object.
String expandProperties = (String)
java.security.AccessController.doPrivileged
(new java.security.PrivilegedAction() {
public Object run() {
return System.getProperty("policy.expandProperties");
}
});
if ("false".equals(expandProperties))
expandProp = false;
try {
init();
} catch (IOException ioe) {
throw (SecurityException)
new SecurityException(ioe.getMessage()).initCause(ioe);
}
|
| Methods Summary |
|---|
| private java.lang.String | expand(java.lang.String value)
if ("".equals(value)) {
return value;
}
if (expandProp) {
String s = PropertyExpander.expand(value);
if (s == null || s.length() == 0) {
MessageFormat form = new MessageFormat(ResourcesMgr.getString
("Configuration Error:\n\tLine line: " +
"system property [value] expanded to empty value",
"sun.security.util.AuthResources"));
Object[] source = {new Integer(linenum), value};
throw new IOException(form.format(source));
}
return s;
} else {
return value;
}
| | public javax.security.auth.login.AppConfigurationEntry[] | getAppConfigurationEntry(java.lang.String applicationName)Retrieve an entry from the Configuration using an application name
as an index.
LinkedList list = null;
synchronized (configuration) {
list = (LinkedList)configuration.get(applicationName);
}
if (list == null || list.size() == 0)
return null;
AppConfigurationEntry[] entries =
new AppConfigurationEntry[list.size()];
Iterator iterator = list.iterator();
for (int i = 0; iterator.hasNext(); i++) {
AppConfigurationEntry e = (AppConfigurationEntry)iterator.next();
entries[i] = new AppConfigurationEntry(e.getLoginModuleName(),
e.getControlFlag(),
e.getOptions());
}
return entries;
| | private java.io.InputStream | getInputStream(java.net.URL url)
if ("file".equals(url.getProtocol())) {
String path = url.getFile().replace('/", File.separatorChar);
return new FileInputStream(path);
} else {
return url.openStream();
}
| | private void | init()Read and initialize the entire login Configuration.
boolean initialized = false;
FileReader fr = null;
String sep = File.separator;
// new configuration
HashMap newConfig = new HashMap();
String allowSys = java.security.Security.getProperty
("policy.allowSystemProperty");
if ("true".equalsIgnoreCase(allowSys)) {
String extra_config = System.getProperty
("java.security.auth.login.config");
if (extra_config != null) {
boolean overrideAll = false;
if (extra_config.startsWith("=")) {
overrideAll = true;
extra_config = extra_config.substring(1);
}
try {
extra_config = PropertyExpander.expand(extra_config);
} catch (PropertyExpander.ExpandException peee) {
MessageFormat form = new MessageFormat
(ResourcesMgr.getString
("Unable to properly expand config",
"sun.security.util.AuthResources"));
Object[] source = {extra_config};
throw new IOException(form.format(source));
}
URL configURL = null;
try {
configURL = new URL(extra_config);
} catch (java.net.MalformedURLException mue) {
File configFile = new File(extra_config);
if (configFile.exists()) {
configURL = new URL("file:" +
configFile.getCanonicalPath());
} else {
MessageFormat form = new MessageFormat
(ResourcesMgr.getString
("extra_config (No such file or directory)",
"sun.security.util.AuthResources"));
Object[] source = {extra_config};
throw new IOException(form.format(source));
}
}
if (testing)
System.out.println("reading "+configURL);
init(configURL, newConfig);
initialized = true;
if (overrideAll) {
if (testing)
System.out.println("overriding other policies!");
}
}
}
int n = 1;
String config_url;
while ((config_url = java.security.Security.getProperty
("login.config.url."+n)) != null) {
try {
config_url = PropertyExpander.expand
(config_url).replace(File.separatorChar, '/");
if (testing)
System.out.println("\tReading config: " + config_url);
init(new URL(config_url), newConfig);
initialized = true;
} catch (PropertyExpander.ExpandException peee) {
MessageFormat form = new MessageFormat
(ResourcesMgr.getString
("Unable to properly expand config",
"sun.security.util.AuthResources"));
Object[] source = {config_url};
throw new IOException(form.format(source));
}
n++;
}
if (initialized == false && n == 1 && config_url == null) {
// get the config from the user's home directory
if (testing)
System.out.println("\tReading Policy " +
"from ~/.java.login.config");
config_url = System.getProperty("user.home");
try {
init(new URL("file:" + config_url +
File.separatorChar + ".java.login.config"),
newConfig);
} catch (IOException ioe) {
throw new IOException(ResourcesMgr.getString
("Unable to locate a login configuration",
"sun.security.util.AuthResources"));
}
}
configuration = newConfig;
| | private void | init(java.net.URL config, java.util.HashMap newConfig)
InputStreamReader isr
= new InputStreamReader(getInputStream(config), "UTF-8");
readConfig(isr, newConfig);
isr.close();
| | private java.lang.String | match(java.lang.String expect)
String value = null;
switch(lookahead) {
case StreamTokenizer.TT_EOF:
MessageFormat form1 = new MessageFormat(ResourcesMgr.getString
("Configuration Error:\n\texpected [expect], " +
"read [end of file]",
"sun.security.util.AuthResources"));
Object[] source1 = {expect};
throw new IOException(form1.format(source1));
case '"":
case StreamTokenizer.TT_WORD:
if (expect.equalsIgnoreCase("module class name") ||
expect.equalsIgnoreCase("controlFlag") ||
expect.equalsIgnoreCase("option key") ||
expect.equalsIgnoreCase("option value")) {
value = st.sval;
lookahead = nextToken();
} else {
MessageFormat form = new MessageFormat(ResourcesMgr.getString
("Configuration Error:\n\tLine line: " +
"expected [expect], found [value]",
"sun.security.util.AuthResources"));
Object[] source = {new Integer(linenum), expect, st.sval};
throw new IOException(form.format(source));
}
break;
case '{":
if (expect.equalsIgnoreCase("{")) {
lookahead = nextToken();
} else {
MessageFormat form = new MessageFormat(ResourcesMgr.getString
("Configuration Error:\n\tLine line: expected [expect]",
"sun.security.util.AuthResources"));
Object[] source = {new Integer(linenum), expect, st.sval};
throw new IOException(form.format(source));
}
break;
case ';":
if (expect.equalsIgnoreCase(";")) {
lookahead = nextToken();
} else {
MessageFormat form = new MessageFormat(ResourcesMgr.getString
("Configuration Error:\n\tLine line: expected [expect]",
"sun.security.util.AuthResources"));
Object[] source = {new Integer(linenum), expect, st.sval};
throw new IOException(form.format(source));
}
break;
case '}":
if (expect.equalsIgnoreCase("}")) {
lookahead = nextToken();
} else {
MessageFormat form = new MessageFormat(ResourcesMgr.getString
("Configuration Error:\n\tLine line: expected [expect]",
"sun.security.util.AuthResources"));
Object[] source = {new Integer(linenum), expect, st.sval};
throw new IOException(form.format(source));
}
break;
case '=":
if (expect.equalsIgnoreCase("=")) {
lookahead = nextToken();
} else {
MessageFormat form = new MessageFormat(ResourcesMgr.getString
("Configuration Error:\n\tLine line: expected [expect]",
"sun.security.util.AuthResources"));
Object[] source = {new Integer(linenum), expect, st.sval};
throw new IOException(form.format(source));
}
break;
default:
MessageFormat form = new MessageFormat(ResourcesMgr.getString
("Configuration Error:\n\tLine line: " +
"expected [expect], found [value]",
"sun.security.util.AuthResources"));
Object[] source = {new Integer(linenum), expect, st.sval};
throw new IOException(form.format(source));
}
return value;
| | private int | nextToken()
int tok;
while ((tok = st.nextToken()) == StreamTokenizer.TT_EOL) {
linenum++;
}
return tok;
| | private void | parseLoginEntry(java.util.HashMap newConfig)
String appName;
String moduleClass;
String sflag;
AppConfigurationEntry.LoginModuleControlFlag controlFlag;
LinkedList configEntries = new LinkedList();
// application name
appName = st.sval;
lookahead = nextToken();
if (testing)
System.out.println("appName = " + appName);
match("{");
// get the modules
while (peek("}") == false) {
HashSet argSet = new HashSet();
// get the module class name
moduleClass = match("module class name");
// controlFlag (required, optional, etc)
sflag = match("controlFlag");
if (sflag.equalsIgnoreCase("REQUIRED"))
controlFlag =
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
else if (sflag.equalsIgnoreCase("REQUISITE"))
controlFlag =
AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
else if (sflag.equalsIgnoreCase("SUFFICIENT"))
controlFlag =
AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
else if (sflag.equalsIgnoreCase("OPTIONAL"))
controlFlag =
AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
else {
MessageFormat form = new MessageFormat(ResourcesMgr.getString
("Configuration Error:\n\tInvalid control flag, flag",
"sun.security.util.AuthResources"));
Object[] source = {sflag};
throw new IOException(form.format(source));
}
// get the args
HashMap options = new HashMap();
String key;
String value;
while (peek(";") == false) {
key = match("option key");
match("=");
try {
value = expand(match("option value"));
} catch (PropertyExpander.ExpandException peee) {
throw new IOException(peee.getLocalizedMessage());
}
options.put(key, value);
}
lookahead = nextToken();
// create the new element
if (testing) {
System.out.print("\t\t" + moduleClass + ", " + sflag);
java.util.Iterator i = options.keySet().iterator();
while (i.hasNext()) {
key = (String)i.next();
System.out.print(", " +
key +
"=" +
(String)options.get(key));
}
System.out.println("");
}
AppConfigurationEntry entry = new AppConfigurationEntry
(moduleClass,
controlFlag,
options);
configEntries.add(entry);
}
match("}");
match(";");
// add this configuration entry
if (newConfig.containsKey(appName)) {
MessageFormat form = new MessageFormat(ResourcesMgr.getString
("Configuration Error:\n\t" +
"Can not specify multiple entries for appName",
"sun.security.util.AuthResources"));
Object[] source = {appName};
throw new IOException(form.format(source));
}
newConfig.put(appName, configEntries);
if (testing)
System.out.println("\t\t***Added entry for " +
appName + " to overall configuration***");
| | private boolean | peek(java.lang.String expect)
boolean found = false;
switch (lookahead) {
case ',":
if (expect.equalsIgnoreCase(","))
found = true;
break;
case ';":
if (expect.equalsIgnoreCase(";"))
found = true;
break;
case '{":
if (expect.equalsIgnoreCase("{"))
found = true;
break;
case '}":
if (expect.equalsIgnoreCase("}"))
found = true;
break;
default:
}
return found;
| | private void | readConfig(java.io.Reader reader, java.util.HashMap newConfig)
int linenum = 1;
if (!(reader instanceof BufferedReader))
reader = new BufferedReader(reader);
st = new StreamTokenizer(reader);
st.quoteChar('"");
st.wordChars('$", '$");
st.wordChars('_", '_");
st.wordChars('-", '-");
st.lowerCaseMode(false);
st.slashSlashComments(true);
st.slashStarComments(true);
st.eolIsSignificant(true);
lookahead = nextToken();
while (lookahead != StreamTokenizer.TT_EOF) {
if (testing)
System.out.print("\tReading next config entry: ");
parseLoginEntry(newConfig);
}
| | public synchronized void | refresh()Refresh and reload the Configuration by re-reading all of the
login configurations.
java.lang.SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new AuthPermission("refreshLoginConfiguration"));
java.security.AccessController.doPrivileged
(new java.security.PrivilegedAction() {
public Object run() {
try {
init();
} catch (java.io.IOException ioe) {
throw new SecurityException(ioe.getLocalizedMessage());
}
return null;
}
});
|
|
