List of usage examples for org.apache.shiro.config Ini.Section put
public Section put(String key, Section value)
From source file:at.pollux.thymeleaf.shiro.dialect.ShiroDialectTest.java
License:Apache License
private static void setupShiro() { Ini ini = new Ini(); Ini.Section usersSection = ini.addSection("users"); usersSection.put(USER1, PASS1 + ",rolea,roled"); usersSection.put(USER2, PASS2 + ",roleb,rolec"); usersSection.put(USER3, PASS3 + ",rolec,rolee"); Ini.Section rolesSection = ini.addSection("roles"); rolesSection.put("rolea", "*"); rolesSection.put("roleb", "permtype1:permaction1:perminst1"); rolesSection.put("rolec", "permtype1:permaction2:*"); rolesSection.put("roled", "permtype3:*"); Factory<SecurityManager> factory = new TestIniSecurityManagerFactory(ini); SecurityManager secMgr = factory.getInstance(); setSecurityManager(secMgr);//from www . j av a2 s .c o m }
From source file:be.rubus.octopus.jsr375.demo.jsr375.JSR375ConfigurationPlugin.java
License:Apache License
@Override public void addConfiguration(Ini ini) { Ini.Section mainSection = ini.get(IniSecurityManagerFactory.MAIN_SECTION_NAME); mainSection.put("jsr375Matcher", IdentityStoreMatcher.class.getName()); mainSection.put("credentialsMatcher.matcher", "$jsr375Matcher"); }
From source file:com.meltmedia.cadmium.servlets.shiro.WebEnvironment.java
License:Apache License
@Override protected FilterChainResolver createFilterChainResolver() { Ini.Section section = this.getIni().getSection(TRUSTED_SECTION_NAME); trustedHosts = new ArrayList<String>(); if (!CollectionUtils.isEmpty(section)) { logger.debug("Found " + TRUSTED_SECTION_NAME + " ini section in shiro.ini"); for (String key : section.keySet()) { logger.debug("Adding " + section.get(key) + " to list of trusted ip addresses."); trustedHosts.add(section.get(key).trim()); }/* ww w . j a v a2 s . c om*/ } if (!CollectionUtils.isEmpty(trustedHosts)) { Ini.Section filterConfigs = getIni().getSection(IniFilterChainResolverFactory.FILTERS); if (CollectionUtils.isEmpty(filterConfigs)) { filterConfigs = getIni().addSection(IniFilterChainResolverFactory.FILTERS); } if (!filterConfigs.containsKey(DefaultFilter.authcBasic.name())) { filterConfigs.put(DefaultFilter.authcBasic.name(), "com.meltmedia.cadmium.servlets.shiro.TrustedBasicHttpAuthenticationFilter"); String trustedHostStr = ""; for (String host : trustedHosts) { if (trustedHostStr.length() > 0) { trustedHostStr += ","; } trustedHostStr += host; } filterConfigs.put(DefaultFilter.authcBasic.name() + ".trustedHosts", trustedHostStr); } } return super.createFilterChainResolver(); }
From source file:com.stormpath.shiro.servlet.env.StormpathShiroIniEnvironment.java
License:Apache License
private void addDefaultsToIni(Ini ini) { // TODO: this is not ideal, we need to make shiro a bit more flexible // and this is tightly coupled with the following method Ini.Section configSection = getConfigSection(ini); // lazy associate the client with the realm, so changes can be made if needed. if (!configSection.containsKey(DEFAULTS_STORMPATH_REALM_PROPERTY + ".client")) { configSection.put(DEFAULTS_STORMPATH_REALM_PROPERTY + ".client", "$" + DEFAULTS_STORMPATH_CLIENT_PROPERTY); }/* w w w . j a va2s . c o m*/ // global properties 'shiro.*' are not loaded from the defaults, we must set it in the ini. if (!configSection.containsKey("shiro.loginUrl")) { configSection.put("shiro.loginUrl", "/login"); } // protect the world if the URL section is missing Ini.Section urls = ini.getSection(IniFilterChainResolverFactory.URLS); Ini.Section filters = ini.getSection(IniFilterChainResolverFactory.FILTERS); // deprecated behavior if (CollectionUtils.isEmpty(urls) && CollectionUtils.isEmpty(filters)) { ini.setSectionProperty(IniFilterChainResolverFactory.URLS, "/**", DefaultFilter.authc.name()); } }
From source file:net.ili.base.services.authority.MyFilterChainDefinition.java
/** * * @return @throws Exception// w w w . j av a 2s . c om */ @Override public Ini.Section getObject() throws Exception { Ini defaultIni = new Ini(); Ini ini = new Ini(); //url if (StringUtils.isNotEmpty(filterChainDefinitions)) { defaultIni.load(filterChainDefinitions); } ini.addSection(Ini.DEFAULT_SECTION_NAME); Ini.Section section = ini.getSection(Ini.DEFAULT_SECTION_NAME); //?Resource List<Resource> list = dao.findAll(); for (Resource resource : list) { //?section if (StringUtils.isNotEmpty(resource.getUrl()) && StringUtils.isNotEmpty(resource.getPermission())) { section.put(resource.getUrl(), MessageFormat.format(PREMISSIONEXP, resource.getPermission())); } } return section; }
From source file:org.apache.aurora.scheduler.http.api.security.ApiSecurityIT.java
License:Apache License
@Before public void setUp() { ini = new Ini(); Ini.Section users = ini.addSection(IniRealm.USERS_SECTION_NAME); users.put(ROOT.getUserName(), COMMA_JOINER.join(ROOT.getPassword(), ADMIN_ROLE)); users.put(WFARNER.getUserName(), COMMA_JOINER.join(WFARNER.getPassword(), ENG_ROLE)); users.put(UNPRIVILEGED.getUserName(), UNPRIVILEGED.getPassword()); users.put(BACKUP_SERVICE.getUserName(), COMMA_JOINER.join(BACKUP_SERVICE.getPassword(), BACKUP_ROLE)); users.put(DEPLOY_SERVICE.getUserName(), COMMA_JOINER.join(DEPLOY_SERVICE.getPassword(), DEPLOY_ROLE)); Ini.Section roles = ini.addSection(IniRealm.ROLES_SECTION_NAME); roles.put(ADMIN_ROLE, "*"); roles.put(ENG_ROLE, "thrift.AuroraSchedulerManager:*"); roles.put(BACKUP_ROLE, "thrift.AuroraAdmin:listBackups"); roles.put(DEPLOY_ROLE, "thrift.AuroraSchedulerManager:killTasks:" + ADS_STAGING_JOB.getRole() + ":" + ADS_STAGING_JOB.getEnvironment() + ":" + ADS_STAGING_JOB.getName()); auroraAdmin = createMock(AnnotatedAuroraAdmin.class); statsProvider = createMock(StatsProvider.class); expect(statsProvider.makeCounter(anyString())).andStubReturn(new AtomicLong()); }
From source file:org.apache.aurora.scheduler.http.api.security.HttpSecurityIT.java
License:Apache License
@Before public void setUp() { ini = new Ini(); Ini.Section users = ini.addSection(IniRealm.USERS_SECTION_NAME); users.put(ROOT.getUserName(), COMMA_JOINER.join(ROOT.getPassword(), ADMIN_ROLE)); users.put(WFARNER.getUserName(), COMMA_JOINER.join(WFARNER.getPassword(), ENG_ROLE)); users.put(UNPRIVILEGED.getUserName(), UNPRIVILEGED.getPassword()); users.put(BACKUP_SERVICE.getUserName(), COMMA_JOINER.join(BACKUP_SERVICE.getPassword(), BACKUP_ROLE)); users.put(DEPLOY_SERVICE.getUserName(), COMMA_JOINER.join(DEPLOY_SERVICE.getPassword(), DEPLOY_ROLE)); users.put(H2_USER.getUserName(), COMMA_JOINER.join(H2_USER.getPassword(), H2_ROLE)); Ini.Section roles = ini.addSection(IniRealm.ROLES_SECTION_NAME); roles.put(ADMIN_ROLE, "*"); roles.put(ENG_ROLE, "thrift.AuroraSchedulerManager:*"); roles.put(BACKUP_ROLE, "thrift.AuroraAdmin:listBackups"); roles.put(DEPLOY_ROLE, "thrift.AuroraSchedulerManager:killTasks:" + ADS_STAGING_JOB.getRole() + ":" + ADS_STAGING_JOB.getEnvironment() + ":" + ADS_STAGING_JOB.getName()); roles.put(H2_ROLE, H2_PERM);//from w w w .j a va 2s .c o m auroraAdmin = createMock(AnnotatedAuroraAdmin.class); shiroAfterAuthFilter = createMock(Filter.class); }
From source file:org.apache.geode.internal.security.shiro.SecurityManagerProvider.java
License:Apache License
public SecurityManagerProvider(String shiroConfig) { this.securityManager = null; IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:" + shiroConfig); // we will need to make sure that shiro uses a case sensitive permission resolver Ini.Section main = factory.getIni().addSection("main"); main.put("geodePermissionResolver", GeodePermissionResolver.class.getName()); if (!main.containsKey("iniRealm.permissionResolver")) { main.put("iniRealm.permissionResolver", "$geodePermissionResolver"); }/*from w w w . java 2s . c om*/ shiroManager = factory.getInstance(); }
From source file:org.apache.sentry.cli.tools.PermissionsMigrationToolCommon.java
License:Apache License
private void migratePolicyFile() throws Exception { Configuration conf = getSentryConf(); Path sourceFile = new Path(policyFile.get()); SimpleFileProviderBackend policyFileBackend = new SimpleFileProviderBackend(conf, sourceFile); ProviderBackendContext ctx = new ProviderBackendContext(); policyFileBackend.initialize(ctx);/*from w w w .j a va 2 s .c o m*/ Set<String> roles = Sets.newHashSet(); Table<String, String, Set<String>> groupRolePrivilegeTable = policyFileBackend.getGroupRolePrivilegeTable(); Ini output = PolicyFiles.loadFromPath(sourceFile.getFileSystem(conf), sourceFile); Ini.Section rolesSection = output.get(PolicyFileConstants.ROLES); for (String groupName : groupRolePrivilegeTable.rowKeySet()) { for (String roleName : policyFileBackend.getRoles(Collections.singleton(groupName), ActiveRoleSet.ALL)) { if (!roles.contains(roleName)) { // Do the actual migration Set<String> privileges = groupRolePrivilegeTable.get(groupName, roleName); Collection<String> migrated = transformPrivileges(privileges); if (!migrated.isEmpty()) { LOGGER.info("{} For role {} migrating privileges from {} to {}", getDryRunMessage(), roleName, privileges, migrated); if (!dryRun) { rolesSection.put(roleName, PrivilegeUtils.fromPrivilegeStrings(migrated)); } } roles.add(roleName); } } } if (!dryRun) { Path targetFile = new Path(outputFile.get()); PolicyFiles.writeToPath(output, targetFile.getFileSystem(conf), targetFile); LOGGER.info("Successfully saved migrated Sentry policy file at {}", outputFile.get()); } }
From source file:org.bigmouth.nvwa.authority.ChainDefinitionSectionMetaSource.java
License:Apache License
@Override public Section getObject() throws Exception { // ?Resource/*from w ww .j a va 2 s . c om*/ List<Resource> list = resourceDao.queryAll(); Ini ini = new Ini(); // url ini.load(filterChainDefinitions); Ini.Section section = ini.getSection(Ini.DEFAULT_SECTION_NAME); // Resourceurl,?sectionsectionfilterChainDefinitionMap, // ?URL,?? for (Iterator<Resource> it = list.iterator(); it.hasNext();) { Resource resource = it.next(); // ?section if (StringUtils.isNotEmpty(resource.getUrl()) && StringUtils.isNotEmpty(resource.getIdentifying())) { section.put(resource.getUrl(), MessageFormat.format(PREMISSION_STRING, resource.getIdentifying())); } } return section; }