📄 htaccesshandler.java
字号:
{ alp=true; break; } } else { // hostname if (host.endsWith(elm)) { alp=true; break; } } } } // looping for denies for (int i=0; i<_denyList.size(); i++) { elm=(String)_denyList.get(i); if (elm.equals("all")) { dep=true; break; } else { char c=elm.charAt(0); if (c>='0'&&c<='9') { // ip if (ip.startsWith(elm)) { dep=true; break; } } else { // hostname if (host.endsWith(elm)) { dep=true; break; } } } } if (_order<0) // deny,allow return !dep||alp; // mutual failure == allow,deny return alp&&!dep; } /* ------------------------------------------------------------ */ public boolean checkAuth(String user, String pass, UserRealm realm, Request request) { if (_requireName==null) return true; // Authenticate with realm Principal principal=realm==null?null:realm.authenticate(user,pass,request); if (principal==null) { // Have to authenticate the user with the password file String code=getUserCode(user); String salt=code!=null?code.substring(0,2):user; String cred=(user!=null&&pass!=null)?UnixCrypt.crypt(pass,salt):null; if (code==null||(code.equals("")&&!pass.equals(""))||!code.equals(cred)) return false; } if (_requireName.equalsIgnoreCase(USER)) { if (_requireEntities.contains(user)) return true; } else if (_requireName.equalsIgnoreCase(GROUP)) { ArrayList gps=getUserGroups(user); if (gps!=null) for (int g=gps.size(); g-->0;) if (_requireEntities.contains(gps.get(g))) return true; } else if (_requireName.equalsIgnoreCase(VALID_USER)) { return true; } return false; } /* ------------------------------------------------------------ */ public boolean isAccessLimited() { if (_allowList.size()>0||_denyList.size()>0) return true; else return false; } /* ------------------------------------------------------------ */ public boolean isAuthLimited() { if (_requireName!=null) return true; else return false; } /* ------------------------------------------------------------ */ private String getUserCode(String user) { if (_userResource==null) return null; if (_users==null||_userModified!=_userResource.lastModified()) { if (log.isDebugEnabled()) log.debug("LOAD "+_userResource,null,null); _users=new HashMap(); BufferedReader ufin=null; try { ufin=new BufferedReader(new InputStreamReader(_userResource.getInputStream())); _userModified=_userResource.lastModified(); String line; while ((line=ufin.readLine())!=null) { line=line.trim(); if (line.startsWith("#")) continue; int spos=line.indexOf(':'); if (spos<0) continue; String u=line.substring(0,spos).trim(); String p=line.substring(spos+1).trim(); _users.put(u,p); } } catch (IOException e) { log.warn("LogSupport.EXCEPTION",e); } finally { try { if (ufin!=null) ufin.close(); } catch (IOException e2) { log.warn("LogSupport.EXCEPTION",e2); } } } return (String)_users.get(user); } /* ------------------------------------------------------------ */ private ArrayList getUserGroups(String group) { if (_groupResource==null) return null; if (_groups==null||_groupModified!=_groupResource.lastModified()) { if (log.isDebugEnabled()) log.debug("LOAD "+_groupResource,null,null); _groups=new HashMap(); BufferedReader ufin=null; try { ufin=new BufferedReader(new InputStreamReader(_groupResource.getInputStream())); _groupModified=_groupResource.lastModified(); String line; while ((line=ufin.readLine())!=null) { line=line.trim(); if (line.startsWith("#")||line.length()==0) continue; StringTokenizer tok=new StringTokenizer(line,": \t"); if (!tok.hasMoreTokens()) continue; String g=tok.nextToken(); if (!tok.hasMoreTokens()) continue; while (tok.hasMoreTokens()) { String u=tok.nextToken(); ArrayList gl=(ArrayList)_groups.get(u); if (gl==null) { gl=new ArrayList(); _groups.put(u,gl); } gl.add(g); } } } catch (IOException e) { log.warn("LogSupport.EXCEPTION",e); } finally { try { if (ufin!=null) ufin.close(); } catch (IOException e2) { log.warn("LogSupport.EXCEPTION",e2); } } } return (ArrayList)_groups.get(group); } /* ------------------------------------------------------------ */ public String toString() { StringBuffer buf=new StringBuffer(); buf.append("AuthUserFile="); buf.append(_userFile); buf.append(", AuthGroupFile="); buf.append(_groupFile); buf.append(", AuthName="); buf.append(_name); buf.append(", AuthType="); buf.append(_type); buf.append(", Methods="); buf.append(_methods); buf.append(", satisfy="); buf.append(_satisfy); if (_order<0) buf.append(", order=deny,allow"); else if (_order>0) buf.append(", order=allow,deny"); else buf.append(", order=mutual-failure"); buf.append(", Allow from="); buf.append(_allowList); buf.append(", deny from="); buf.append(_denyList); buf.append(", requireName="); buf.append(_requireName); buf.append(" "); buf.append(_requireEntities); return buf.toString(); } /* ------------------------------------------------------------ */ private void parse(BufferedReader htin) throws IOException { String line; while ((line=htin.readLine())!=null) { line=line.trim(); if (line.startsWith("#")) continue; else if (line.startsWith("AuthUserFile")) { _userFile=line.substring(13).trim(); } else if (line.startsWith("AuthGroupFile")) { _groupFile=line.substring(14).trim(); } else if (line.startsWith("AuthName")) { _name=line.substring(8).trim(); } else if (line.startsWith("AuthType")) { _type=line.substring(8).trim(); } // else if (line.startsWith("<Limit")) { else if (line.startsWith("<Limit")) { int limit=line.length(); int endp=line.indexOf('>'); StringTokenizer tkns; if (endp<0) endp=limit; tkns=new StringTokenizer(line.substring(6,endp)); while (tkns.hasMoreTokens()) { _methods.put(tkns.nextToken(),Boolean.TRUE); } while ((line=htin.readLine())!=null) { line=line.trim(); if (line.startsWith("#")) continue; else if (line.startsWith("satisfy")) { int pos1=7; limit=line.length(); while ((pos1<limit)&&(line.charAt(pos1)<=' ')) pos1++; int pos2=pos1; while ((pos2<limit)&&(line.charAt(pos2)>' ')) pos2++; String l_string=line.substring(pos1,pos2); if (l_string.equals("all")) _satisfy=1; else if (l_string.equals("any")) _satisfy=0; } else if (line.startsWith("require")) { int pos1=7; limit=line.length(); while ((pos1<limit)&&(line.charAt(pos1)<=' ')) pos1++; int pos2=pos1; while ((pos2<limit)&&(line.charAt(pos2)>' ')) pos2++; _requireName=line.substring(pos1,pos2).toLowerCase(); if (USER.equals(_requireName)) _requireName=USER; else if (GROUP.equals(_requireName)) _requireName=GROUP; else if (VALID_USER.equals(_requireName)) _requireName=VALID_USER; pos1=pos2+1; if (pos1<limit) { while ((pos1<limit)&&(line.charAt(pos1)<=' ')) pos1++; tkns=new StringTokenizer(line.substring(pos1)); while (tkns.hasMoreTokens()) { _requireEntities.add(tkns.nextToken()); } } } else if (line.startsWith("order")) { if (log.isDebugEnabled()) log.debug("orderline="+line+"order="+_order,null,null); if (line.indexOf("allow,deny")>0) { log.debug("==>allow+deny",null,null); _order=1; } else if (line.indexOf("deny,allow")>0) { log.debug("==>deny,allow",null,null); _order=-1; } else if (line.indexOf("mutual-failure")>0) { log.debug("==>mutual",null,null); _order=0; } else { } } else if (line.startsWith("allow from")) { int pos1=10; limit=line.length(); while ((pos1<limit)&&(line.charAt(pos1)<=' ')) pos1++; if (log.isDebugEnabled()) log.debug("allow process:"+line.substring(pos1),null,null); tkns=new StringTokenizer(line.substring(pos1)); while (tkns.hasMoreTokens()) { _allowList.add(tkns.nextToken()); } } else if (line.startsWith("deny from")) { int pos1=9; limit=line.length(); while ((pos1<limit)&&(line.charAt(pos1)<=' ')) pos1++; if (log.isDebugEnabled()) log.debug("deny process:"+line.substring(pos1),null,null); tkns=new StringTokenizer(line.substring(pos1)); while (tkns.hasMoreTokens()) { _denyList.add(tkns.nextToken()); } } else if (line.startsWith("</Limit>")) break; } } } } } /** * Getter for property protegee. * * @return Returns the protegee. */ protected Handler getProtegee() { return this.protegee; } /** * Setter for property protegee. * * @param protegee * The protegee to set. */ public void setProtegee(Handler protegee) { this.protegee=protegee; }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -