blob: acf4022c38a3af74db38b024e2a2472417b88815 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
/*
* Copyright (c) 2015 Brocade Communications Systems, Inc. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* and is available at http://www.eclipse.org/legal/epl-v10.html
*/
package org.opendaylight.aaa.shiro.web.env;
import java.io.File;
import java.io.FileNotFoundException;
import java.util.Collection;
import org.apache.shiro.config.Ini;
import org.apache.shiro.config.Ini.Section;
import org.apache.shiro.web.env.IniWebEnvironment;
import org.opendaylight.aaa.shiro.accounting.Accounter;
import org.opendaylight.aaa.shiro.authorization.DefaultRBACRules;
import org.opendaylight.aaa.shiro.authorization.RBACRule;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Identical to <code>IniWebEnvironment</code> except the Ini is loaded from
* <code>$KARAF_HOME/etc/shiro.ini</code>.
*
* @author Ryan Goulding (ryandgoulding@gmail.com)
*
*/
public class KarafIniWebEnvironment extends IniWebEnvironment {
private static final Logger LOG = LoggerFactory.getLogger(KarafIniWebEnvironment.class);
public static final String DEFAULT_SHIRO_INI_FILE = "etc/shiro.ini";
public static final String SHIRO_FILE_PREFIX = "file:/";
public KarafIniWebEnvironment() {
}
@Override
public void init() {
// Initialize the Shiro environment from etc/shiro.ini then delegate to
// the parent class
Ini ini;
try {
ini = createDefaultShiroIni();
// appendCustomIniRules(ini);
setIni(ini);
} catch (FileNotFoundException e) {
final String ERROR_MESSAGE = "Could not find etc/shiro.ini";
LOG.error(ERROR_MESSAGE, e);
}
super.init();
}
/**
* A hook for installing custom default RBAC rules for security purposes.
*
* @param ini
*/
private void appendCustomIniRules(final Ini ini) {
final String INSTALL_MESSAGE = "Installing the RBAC rule: %s";
Section urlSection = getOrCreateUrlSection(ini);
Collection<RBACRule> rbacRules = DefaultRBACRules.getInstance().getRBACRules();
for (RBACRule rbacRule : rbacRules) {
urlSection.put(rbacRule.getUrlPattern(), rbacRule.getRolesInShiroFormat());
Accounter.output(String.format(INSTALL_MESSAGE, rbacRule));
}
}
/**
* Extracts the url section of the Ini file, or creates one if it doesn't
* already exist
*
* @param ini
* @return
*/
private Section getOrCreateUrlSection(final Ini ini) {
final String URL_SECTION_TITLE = "urls";
Section urlSection = ini.getSection(URL_SECTION_TITLE);
if (urlSection == null) {
LOG.debug("shiro.ini does not contain a [urls] section; creating one");
urlSection = ini.addSection(URL_SECTION_TITLE);
} else {
LOG.debug("shiro.ini contains a [urls] section; appending rules to existing");
}
return urlSection;
}
/**
*
* @return Ini associated with <code>$KARAF_HOME/etc/shiro.ini</code>
* @throws FileNotFoundException
*/
static Ini createDefaultShiroIni() throws FileNotFoundException {
return createShiroIni(DEFAULT_SHIRO_INI_FILE);
}
/**
*
* @param path
* the file path, which is either absolute or relative to
* <code>$KARAF_HOME</code>
* @return Ini loaded from <code>path</code>
*/
static Ini createShiroIni(final String path) throws FileNotFoundException {
File f = new File(path);
Ini ini = new Ini();
final String fileBasedIniPath = createFileBasedIniPath(f.getAbsolutePath());
ini.loadFromPath(fileBasedIniPath);
return ini;
}
/**
*
* @param path
* the file path, which is either absolute or relative to
* <code>$KARAF_HOME</code>
* @return <code>file:/$KARAF_HOME/etc/shiro.ini</code>
*/
static String createFileBasedIniPath(final String path) {
String fileBasedIniPath = SHIRO_FILE_PREFIX + path;
LOG.debug(fileBasedIniPath);
return fileBasedIniPath;
}
}
|
