📄 htpasswd.java
字号:
} if (!found) { // allow wildcard entry, for example "*:ad9dfjhf0" for (Enumeration e = this.htpasswdMap.keys();e.hasMoreElements() ; ) { key = (String)e.nextElement(); if (key.equals("*")) { Container container = (Container)this.htpasswdMap.get(key); pws.addElement(container); } } } return pws; } /** * Check of MethodName is allowed to be invoked by user. * * @param sessionHolder The user * @param dataHolder The method called * @return true if is authorized, false if no access */ public boolean isAuthorized(SessionHolder sessionHolder, DataHolder dataHolder) { if (this.htpasswdMap == null) return true; SessionInfo sessionInfo = sessionHolder.getSessionInfo(); if (sessionInfo == null) { log.warning("sessionInfo is null, will not authorize"); return false; } SessionName sessionName = sessionInfo.getSessionName(); if (sessionName == null) { log.warning("sessionName for '" + sessionInfo.toXml() + "' is null, will not authorize"); return false; } String loginName = sessionName.getLoginName(); if (loginName == null) { log.warning("loginName for '" + sessionName.toXml() + "' is null, will not authorize"); return false; } Container container = (Container)this.containerCache.get(loginName); if (container == null) { Vector pws = lookup(loginName); if (pws.size() > 0) { container = (Container)pws.elementAt(0); this.containerCache.put(loginName, container); } } if (container == null) { StringBuffer buf = new StringBuffer(1024); Object[] keys = this.htpasswdMap.keySet().toArray(); for (int i=0; i < keys.length; i++) buf.append("'").append(keys[i]).append("' "); log.severe("The login entry '" + loginName + "' has not been found in '" + this.htpasswdFilename + "'. Found entries are : " + buf.toString()); return false; } if (container.allowedMethodNames == null) return true; if (dataHolder.getMsgUnit() == null || dataHolder.getMsgUnit().getKeyData() == null) return false; return container.isAllowed(dataHolder.getAction(), dataHolder.getKeyUrl()); } /** * Read passwords file * 16/11/01 20:42 mad@ktaland.com * @param the password filename * @return true if file all readed & well formated */ boolean readHtpasswordFile( String htpasswdFilename ) throws XmlBlasterException { if (log.isLoggable(Level.FINER)) log.finer(htpasswdFilename); File htpasswdFile ; if( htpasswdFilename == null) throw new XmlBlasterException(glob, ErrorCode.RESOURCE_CONFIGURATION, ME, "missing property Security.Server.Plugin.htpasswd.secretfile" ); htpasswdFile =new File(htpasswdFilename) ; if( ! htpasswdFile.exists() ) { log.severe( "Secret file doesn't exist : "+htpasswdFilename + ", please check your 'Security.Server.Plugin.htpasswd.secretfile' setting."); throw new XmlBlasterException(glob, ErrorCode.RESOURCE_CONFIGURATION, ME, "secret file doesn't exist : "+htpasswdFilename ); } if( ! htpasswdFile.canRead() ) { log.severe( "Secret file '"+htpasswdFilename + "' has no read permission"); throw new XmlBlasterException(glob, ErrorCode.RESOURCE_CONFIGURATION, ME, "no read access on file : "+htpasswdFilename ); } long curr = htpasswdFile.lastModified(); if (this.lastModified == curr) return true; this.lastModified = curr; this.containerCache.clear(); try { String rawString = FileLocator.readAsciiFile(htpasswdFilename); java.util.Map map = org.xmlBlaster.util.StringPairTokenizer.parseToStringStringPairs(rawString, "\n", ":"); java.util.Iterator it = map.keySet().iterator(); while (it.hasNext()) { String user = (String)it.next(); user = user.trim(); if (user.startsWith("#" ) || user.length() < 1) { continue; } String tail = (String)map.get(user); // joe:secret:CONNECT,PUBLISH,ERASE:other stuff in future String[] tokens = StringPairTokenizer.parseLine(tail, ':', StringPairTokenizer.DEFAULT_QUOTE_CHARACTER, false, true); Container container = new Container(user); if (tokens.length > 0) container.password = tokens[0].trim(); if (tokens.length > 1) { // parse "!SUBSCRIBE,ERASE" or 'CONNECT,DISCONNECT,PUBLISH("xpath://key"),subscribe("exact:hello")' // joe:079cv:: allows all methods String methodNames = tokens[1].trim(); if (methodNames != null && methodNames.length() > 0) { boolean positiveList = !methodNames.startsWith("!"); container.allowedMethodNames = new java.util.HashMap(); if (positiveList) { String[] nameArr = org.xmlBlaster.util.StringPairTokenizer.parseLine(methodNames, ',', StringPairTokenizer.DEFAULT_QUOTE_CHARACTER, false); for (int j=0; j<nameArr.length; j++) { String name = nameArr[j].trim(); HashSet set = new HashSet(); int start = name.indexOf('('); if (start != -1) { int end = name.lastIndexOf(')'); if (end != -1) { String topics = name.substring(start+1, end); String[] topicArr = org.xmlBlaster.util.StringPairTokenizer.parseLine(topics, ';'); for (int n=0; n<topicArr.length; n++) { String url = topicArr[n].trim(); // expecting: "hello" or "exact:hello" or "xpath://key" or "domain:sport" if (url.length() == 0) continue; if (url.indexOf(":") == -1) { url = Constants.EXACT_URL_PREFIX+url; } set.add(url.trim()); } } name = name.substring(0, start); } try { MethodName methodName = MethodName.toMethodName(name); container.allowedMethodNames.put(methodName, set); } catch (IllegalArgumentException e) { log.severe("Ignoring authorization method name, please check your configuration in '" + htpasswdFilename + "': " + e.toString()); } } } else { MethodName[] all = MethodName.getAll(); HashSet set = new HashSet(); for (int k=0; k<all.length; k++) container.allowedMethodNames.put(all[k], set); String[] nameArr = org.xmlBlaster.util.StringPairTokenizer.parseLine(methodNames.substring(1), ','); for (int j=0; j<nameArr.length; j++) { try { MethodName methodName = MethodName.toMethodName(nameArr[j].trim()); container.allowedMethodNames.remove(methodName); } catch (IllegalArgumentException e) { log.severe("Ignoring authorization method name, please check your configuration in '" + htpasswdFilename + "': " + e.toString()); } } } } } if (this.htpasswdMap == null) this.htpasswdMap = new Hashtable(); this.htpasswdMap.put(user, container); if (user.equals("*") && container.password.length() < 1) { //This is the third case I mentioned above -> the password-file just contains a '*' -> all connection requests are authenticated useFullUsername = SWITCH_OFF; if (firstWild) { log.warning("Security risk, no access control: '" + htpasswdFile + "' contains '*'"); firstWild = false; } } } // Dump it: if (log.isLoggable(Level.FINEST)) { if (this.htpasswdMap != null) { java.util.Iterator i = this.htpasswdMap.values().iterator(); System.out.println("========================================"); while (i.hasNext()) { Container container = (Container)i.next(); System.out.println(container.toString()); } System.out.println("========================================"); } else { System.out.println("======NO PASSWD ENTRY=================================="); } } //log.info("Successfully read " + htpasswdFilename + " with " + this.htpasswdMap.size() + " entries"); return true; } catch(Exception ex) { this.htpasswdMap = null ; throw new XmlBlasterException(glob, ErrorCode.RESOURCE_CONFIGURATION, ME, "Problem when reading password file '"+htpasswdFilename+"'", ex); } }//readHtpasswordFile public String getPasswdFileName() { return htpasswdFilename; } public void reset() { this.containerCache.clear(); this.htpasswdMap.clear(); this.lastModified = -1L; }}//class HtAccess⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -