List of usage examples for org.apache.shiro.config Ini.Section entrySet
public Set<Entry<String, Section>> entrySet()
From source file:org.apache.access.provider.file.SimplePolicyEngine.java
License:Apache License
/** * Parse the resource. Should not be used in the normal course *///from w w w .ja v a 2s . c om protected void parse() { LOGGER.info("Parsing " + resourcePath); Roles roles = new Roles(); try { perDbResources.clear(); Ini ini = PolicyFiles.loadFromPath(fileSystem, resourcePath); if (LOGGER.isDebugEnabled()) { for (String sectionName : ini.getSectionNames()) { LOGGER.debug("Section: " + sectionName); Ini.Section section = ini.get(sectionName); for (String key : section.keySet()) { String value = section.get(key); LOGGER.debug(key + " = " + value); } } } ImmutableSetMultimap<String, String> globalRoles; Map<String, ImmutableSetMultimap<String, String>> perDatabaseRoles = Maps.newHashMap(); globalRoles = parseIni(null, ini); Ini.Section filesSection = ini.getSection(DATABASES); if (filesSection == null) { LOGGER.info("Section " + DATABASES + " needs no further processing"); } else { for (Map.Entry<String, String> entry : filesSection.entrySet()) { String database = Strings.nullToEmpty(entry.getKey()).trim().toLowerCase(); Path perDbPolicy = new Path(Strings.nullToEmpty(entry.getValue()).trim()); if (isRelative(perDbPolicy)) { perDbPolicy = new Path(resourcePath.getParent(), perDbPolicy); } try { LOGGER.info("Parsing " + perDbPolicy); perDatabaseRoles.put(database, parseIni(database, PolicyFiles.loadFromPath(fileSystem, perDbPolicy))); perDbResources.add(perDbPolicy); } catch (Exception e) { LOGGER.error("Error processing key " + entry.getKey() + ", skipping " + entry.getValue(), e); throw e; } } } roles = new Roles(globalRoles, ImmutableMap.copyOf(perDatabaseRoles)); } catch (Exception e) { LOGGER.error("Error processing file, ignoring " + resourcePath, e); } rolesReference.set(roles); }
From source file:org.apache.access.provider.file.SimplePolicyEngine.java
License:Apache License
private ImmutableSetMultimap<String, String> parsePermissions(@Nullable String database, Ini.Section rolesSection, Ini.Section groupsSection) { ImmutableSetMultimap.Builder<String, String> resultBuilder = ImmutableSetMultimap.builder(); Multimap<String, String> roleNameToPrivilegeMap = HashMultimap.create(); List<? extends RoleValidator> validators = Lists.newArrayList(new ServersAllIsInvalid(), new DatabaseMustMatch(), new DatabaseRequiredInRole(), new ServerNameMustMatch(serverName)); for (Map.Entry<String, String> entry : rolesSection.entrySet()) { String roleName = Strings.nullToEmpty(entry.getKey()).trim(); String roleValue = Strings.nullToEmpty(entry.getValue()).trim(); boolean invalidConfiguration = false; if (roleName.isEmpty()) { LOGGER.warn("Empty role name encountered in {}", resourcePath); invalidConfiguration = true; }/*from w ww.ja va 2 s . c om*/ if (roleValue.isEmpty()) { LOGGER.warn("Empty role value encountered in {}", resourcePath); invalidConfiguration = true; } if (roleNameToPrivilegeMap.containsKey(roleName)) { LOGGER.warn("Role {} defined twice in {}", roleName, resourcePath); } Set<String> roles = PermissionUtils.toPermissionStrings(roleValue); if (!invalidConfiguration && roles != null) { for (String role : roles) { for (RoleValidator validator : validators) { validator.validate(database, role.trim()); } } roleNameToPrivilegeMap.putAll(roleName, roles); } } Splitter roleSplitter = ROLE_SPLITTER.omitEmptyStrings().trimResults(); for (Map.Entry<String, String> entry : groupsSection.entrySet()) { String groupName = Strings.nullToEmpty(entry.getKey()).trim(); String groupPrivileges = Strings.nullToEmpty(entry.getValue()).trim(); Collection<String> resolvedGroupPrivileges = Sets.newHashSet(); for (String roleName : roleSplitter.split(groupPrivileges)) { if (roleNameToPrivilegeMap.containsKey(roleName)) { resolvedGroupPrivileges.addAll(roleNameToPrivilegeMap.get(roleName)); } else { LOGGER.warn("Role {} for group {} does not exist in privileges section in {}", new Object[] { roleName, groupName, resourcePath }); } } resultBuilder.putAll(groupName, resolvedGroupPrivileges); } return resultBuilder.build(); }
From source file:org.apache.sentry.provider.file.SimpleFileProviderBackend.java
License:Apache License
private void parse() { configErrors.clear();/*w w w .j av a 2 s. c om*/ configWarnings.clear(); Table<String, String, Set<String>> groupRolePrivilegeTableTemp = HashBasedTable.create(); Ini ini; LOGGER.info("Parsing " + resourcePath); try { try { ini = PolicyFiles.loadFromPath(fileSystem, resourcePath); } catch (IOException e) { configErrors.add("Failed to read policy file " + resourcePath + " Error: " + e.getMessage()); throw new SentryConfigurationException("Error loading policy file " + resourcePath, e); } catch (IllegalArgumentException e) { configErrors.add("Failed to read policy file " + resourcePath + " Error: " + e.getMessage()); throw new SentryConfigurationException("Error loading policy file " + resourcePath, e); } if (LOGGER.isDebugEnabled()) { for (String sectionName : ini.getSectionNames()) { LOGGER.debug("Section: " + sectionName); Ini.Section section = ini.get(sectionName); for (String key : section.keySet()) { String value = section.get(key); LOGGER.debug(key + " = " + value); } } } parseIni(null, ini, validators, resourcePath, groupRolePrivilegeTableTemp); mergeResult(groupRolePrivilegeTableTemp); groupRolePrivilegeTableTemp.clear(); Ini.Section filesSection = ini.getSection(DATABASES); if (filesSection == null) { LOGGER.info("Section " + DATABASES + " needs no further processing"); } else if (!allowPerDatabaseSection) { String msg = "Per-db policy file is not expected in this configuration."; throw new SentryConfigurationException(msg); } else { for (Map.Entry<String, String> entry : filesSection.entrySet()) { String database = Strings.nullToEmpty(entry.getKey()).trim().toLowerCase(); Path perDbPolicy = new Path(Strings.nullToEmpty(entry.getValue()).trim()); if (isRelative(perDbPolicy)) { perDbPolicy = new Path(resourcePath.getParent(), perDbPolicy); } try { LOGGER.info("Parsing " + perDbPolicy); Ini perDbIni = PolicyFiles.loadFromPath(perDbPolicy.getFileSystem(conf), perDbPolicy); if (perDbIni.containsKey(USERS)) { configErrors.add( "Per-db policy file cannot contain " + USERS + " section in " + perDbPolicy); throw new SentryConfigurationException( "Per-db policy files cannot contain " + USERS + " section"); } if (perDbIni.containsKey(DATABASES)) { configErrors.add("Per-db policy files cannot contain " + DATABASES + " section in " + perDbPolicy); throw new SentryConfigurationException( "Per-db policy files cannot contain " + DATABASES + " section"); } parseIni(database, perDbIni, validators, perDbPolicy, groupRolePrivilegeTableTemp); } catch (Exception e) { configErrors.add( "Failed to read per-DB policy file " + perDbPolicy + " Error: " + e.getMessage()); LOGGER.error("Error processing key " + entry.getKey() + ", skipping " + entry.getValue(), e); } } } mergeResult(groupRolePrivilegeTableTemp); groupRolePrivilegeTableTemp.clear(); } catch (Exception e) { configErrors.add("Error processing file " + resourcePath + e.getMessage()); LOGGER.error("Error processing file, ignoring " + resourcePath, e); } }
From source file:org.apache.sentry.provider.file.SimpleFileProviderBackend.java
License:Apache License
private void parsePrivileges(@Nullable String database, Ini.Section rolesSection, Ini.Section groupsSection, List<? extends PrivilegeValidator> validators, Path policyPath, Table<String, String, Set<String>> groupRolePrivilegeTable) { Multimap<String, String> roleNameToPrivilegeMap = HashMultimap.create(); for (Map.Entry<String, String> entry : rolesSection.entrySet()) { String roleName = stringInterner.intern(Strings.nullToEmpty(entry.getKey()).trim()); String roleValue = Strings.nullToEmpty(entry.getValue()).trim(); boolean invalidConfiguration = false; if (roleName.isEmpty()) { String errMsg = String.format("Empty role name encountered in %s", policyPath); LOGGER.warn(errMsg);/* w w w . jav a 2 s. c o m*/ configErrors.add(errMsg); invalidConfiguration = true; } if (roleValue.isEmpty()) { String errMsg = String.format("Empty role value encountered in %s", policyPath); LOGGER.warn(errMsg); configErrors.add(errMsg); invalidConfiguration = true; } if (roleNameToPrivilegeMap.containsKey(roleName)) { String warnMsg = String.format("Role %s defined twice in %s", roleName, policyPath); LOGGER.warn(warnMsg); configWarnings.add(warnMsg); } Set<String> privileges = PrivilegeUtils.toPrivilegeStrings(roleValue); if (!invalidConfiguration && privileges != null) { Set<String> internedPrivileges = Sets.newHashSet(); for (String privilege : privileges) { for (PrivilegeValidator validator : validators) { validator.validate(new PrivilegeValidatorContext(database, privilege.trim())); } internedPrivileges.add(stringInterner.intern(privilege)); } roleNameToPrivilegeMap.putAll(roleName, internedPrivileges); } } Splitter roleSplitter = ROLE_SPLITTER.omitEmptyStrings().trimResults(); for (Map.Entry<String, String> entry : groupsSection.entrySet()) { String groupName = stringInterner.intern(Strings.nullToEmpty(entry.getKey()).trim()); String groupPrivileges = Strings.nullToEmpty(entry.getValue()).trim(); for (String roleName : roleSplitter.split(groupPrivileges)) { roleName = stringInterner.intern(roleName); if (roleNameToPrivilegeMap.containsKey(roleName)) { Set<String> privileges = groupRolePrivilegeTable.get(groupName, roleName); if (privileges == null) { privileges = new HashSet<>(); groupRolePrivilegeTable.put(groupName, roleName, privileges); } privileges.addAll(roleNameToPrivilegeMap.get(roleName)); } else { String warnMsg = String.format( "Role %s for group %s does not exist in privileges section in %s", roleName, groupName, policyPath); LOGGER.warn(warnMsg); configWarnings.add(warnMsg); } } } }
From source file:org.apache.sentry.provider.file.SimplePolicyEngine.java
License:Apache License
/** * Parse the resource. Should not be used in the normal course *///from w ww .j ava 2s . com protected void parse() { LOGGER.info("Parsing " + resourcePath); Roles roles = new Roles(); try { perDbResources.clear(); Ini ini = PolicyFiles.loadFromPath(fileSystem, resourcePath); if (LOGGER.isDebugEnabled()) { for (String sectionName : ini.getSectionNames()) { LOGGER.debug("Section: " + sectionName); Ini.Section section = ini.get(sectionName); for (String key : section.keySet()) { String value = section.get(key); LOGGER.debug(key + " = " + value); } } } ImmutableSetMultimap<String, String> globalRoles; Map<String, ImmutableSetMultimap<String, String>> perDatabaseRoles = Maps.newHashMap(); globalRoles = parseIni(null, ini); Ini.Section filesSection = ini.getSection(DATABASES); if (filesSection == null) { LOGGER.info("Section " + DATABASES + " needs no further processing"); } else { for (Map.Entry<String, String> entry : filesSection.entrySet()) { String database = Strings.nullToEmpty(entry.getKey()).trim().toLowerCase(); Path perDbPolicy = new Path(Strings.nullToEmpty(entry.getValue()).trim()); if (isRelative(perDbPolicy)) { perDbPolicy = new Path(resourcePath.getParent(), perDbPolicy); } try { LOGGER.info("Parsing " + perDbPolicy); Ini perDbIni = PolicyFiles.loadFromPath(fileSystem, perDbPolicy); if (perDbIni.containsKey(USERS)) { throw new ConfigurationException( "Per-db policy files cannot contain " + USERS + " section"); } if (perDbIni.containsKey(DATABASES)) { throw new ConfigurationException( "Per-db policy files cannot contain " + DATABASES + " section"); } ImmutableSetMultimap<String, String> currentDbRoles = parseIni(database, perDbIni); perDatabaseRoles.put(database, currentDbRoles); perDbResources.add(perDbPolicy); } catch (Exception e) { LOGGER.error("Error processing key " + entry.getKey() + ", skipping " + entry.getValue(), e); } } } roles = new Roles(globalRoles, ImmutableMap.copyOf(perDatabaseRoles)); } catch (Exception e) { LOGGER.error("Error processing file, ignoring " + resourcePath, e); } rolesReference.set(roles); }
From source file:org.obiba.opal.core.upgrade.v2_0_x.HashShiroIniPasswordUpgradeStep.java
License:Open Source License
private Map<String, String> getUsernamePasswords() { Ini ini = new Ini(); ini.loadFromPath(srcIniFile.getAbsolutePath()); Ini.Section section = ini.getSection(IniRealm.USERS_SECTION_NAME); if (section == null || section.isEmpty()) { return Collections.emptyMap(); }/*from w w w. j a va 2s . c o m*/ Map<String, String> map = new LinkedHashMap<>(); for (Map.Entry<String, String> entry : section.entrySet()) { String username = entry.getKey(); String[] passwordAndRolesArray = StringUtils.split(entry.getValue()); String password = passwordAndRolesArray[0]; map.put(username, password); } return map; }
From source file:zcu.xutil.misc.ShiroFilterFactory.java
License:Apache License
public AbstractShiroFilter getShiroFilter() { DefaultFilterChainManager manager = new DefaultFilterChainManager(); for (Filter filter : manager.getFilters().values()) applyGlobalPropertiesIfNecessary(filter); for (Map.Entry<String, Filter> entry : filters.entrySet()) { applyGlobalPropertiesIfNecessary(entry.getValue()); manager.addFilter(entry.getKey(), entry.getValue()); }/*from www . jav a 2 s . co m*/ Ini ini = new Ini(); ini.load(definitions); Ini.Section section = ini.getSection(IniFilterChainResolverFactory.URLS); if (CollectionUtils.isEmpty(section)) section = ini.getSection(Ini.DEFAULT_SECTION_NAME); for (Map.Entry<String, String> entry : section.entrySet()) manager.createChain(entry.getKey(), entry.getValue()); PathMatchingFilterChainResolver chainResolver = new PathMatchingFilterChainResolver(); chainResolver.setFilterChainManager(manager); return new XSFilter((WebSecurityManager) securityManager, chainResolver); }