List of usage examples for org.apache.shiro.config Ini get
public Section get(Object key)
From source file:be.rubus.octopus.jsr375.demo.jsr375.JSR375ConfigurationPlugin.java
License:Apache License
@Override public void addConfiguration(Ini ini) { Ini.Section mainSection = ini.get(IniSecurityManagerFactory.MAIN_SECTION_NAME); mainSection.put("jsr375Matcher", IdentityStoreMatcher.class.getName()); mainSection.put("credentialsMatcher.matcher", "$jsr375Matcher"); }
From source file:org.apache.access.provider.file.SimplePolicyEngine.java
License:Apache License
/** * Parse the resource. Should not be used in the normal course */// w ww .ja v a2s.co m protected void parse() { LOGGER.info("Parsing " + resourcePath); Roles roles = new Roles(); try { perDbResources.clear(); Ini ini = PolicyFiles.loadFromPath(fileSystem, resourcePath); if (LOGGER.isDebugEnabled()) { for (String sectionName : ini.getSectionNames()) { LOGGER.debug("Section: " + sectionName); Ini.Section section = ini.get(sectionName); for (String key : section.keySet()) { String value = section.get(key); LOGGER.debug(key + " = " + value); } } } ImmutableSetMultimap<String, String> globalRoles; Map<String, ImmutableSetMultimap<String, String>> perDatabaseRoles = Maps.newHashMap(); globalRoles = parseIni(null, ini); Ini.Section filesSection = ini.getSection(DATABASES); if (filesSection == null) { LOGGER.info("Section " + DATABASES + " needs no further processing"); } else { for (Map.Entry<String, String> entry : filesSection.entrySet()) { String database = Strings.nullToEmpty(entry.getKey()).trim().toLowerCase(); Path perDbPolicy = new Path(Strings.nullToEmpty(entry.getValue()).trim()); if (isRelative(perDbPolicy)) { perDbPolicy = new Path(resourcePath.getParent(), perDbPolicy); } try { LOGGER.info("Parsing " + perDbPolicy); perDatabaseRoles.put(database, parseIni(database, PolicyFiles.loadFromPath(fileSystem, perDbPolicy))); perDbResources.add(perDbPolicy); } catch (Exception e) { LOGGER.error("Error processing key " + entry.getKey() + ", skipping " + entry.getValue(), e); throw e; } } } roles = new Roles(globalRoles, ImmutableMap.copyOf(perDatabaseRoles)); } catch (Exception e) { LOGGER.error("Error processing file, ignoring " + resourcePath, e); } rolesReference.set(roles); }
From source file:org.apache.activemq.shiro.ShiroPluginTest.java
License:Apache License
public void testSetIniString() throws Exception { ShiroPlugin plugin = new ShiroPlugin(); plugin.setIniConfig("[users]\n" + "system = manager, system\n" + "[roles]\n" + "system = *"); plugin.installPlugin(new MutableBrokerFilter(null)); IniRealm realm = (IniRealm) ((DefaultSecurityManager) plugin.getEnvironment().getSecurityManager()) .getRealms().iterator().next(); Ini ini = realm.getIni(); assertEquals(1, ini.getSection("users").size()); assertEquals("manager, system", ini.getSection("users").get("system")); assertEquals(1, ini.getSection("roles").size()); assertEquals("*", ini.getSection("roles").get("system")); }
From source file:org.apache.sentry.cli.tools.PermissionsMigrationToolCommon.java
License:Apache License
private void migratePolicyFile() throws Exception { Configuration conf = getSentryConf(); Path sourceFile = new Path(policyFile.get()); SimpleFileProviderBackend policyFileBackend = new SimpleFileProviderBackend(conf, sourceFile); ProviderBackendContext ctx = new ProviderBackendContext(); policyFileBackend.initialize(ctx);/*from w w w. ja v a 2 s.c om*/ Set<String> roles = Sets.newHashSet(); Table<String, String, Set<String>> groupRolePrivilegeTable = policyFileBackend.getGroupRolePrivilegeTable(); Ini output = PolicyFiles.loadFromPath(sourceFile.getFileSystem(conf), sourceFile); Ini.Section rolesSection = output.get(PolicyFileConstants.ROLES); for (String groupName : groupRolePrivilegeTable.rowKeySet()) { for (String roleName : policyFileBackend.getRoles(Collections.singleton(groupName), ActiveRoleSet.ALL)) { if (!roles.contains(roleName)) { // Do the actual migration Set<String> privileges = groupRolePrivilegeTable.get(groupName, roleName); Collection<String> migrated = transformPrivileges(privileges); if (!migrated.isEmpty()) { LOGGER.info("{} For role {} migrating privileges from {} to {}", getDryRunMessage(), roleName, privileges, migrated); if (!dryRun) { rolesSection.put(roleName, PrivilegeUtils.fromPrivilegeStrings(migrated)); } } roles.add(roleName); } } } if (!dryRun) { Path targetFile = new Path(outputFile.get()); PolicyFiles.writeToPath(output, targetFile.getFileSystem(conf), targetFile); LOGGER.info("Successfully saved migrated Sentry policy file at {}", outputFile.get()); } }
From source file:org.apache.sentry.provider.file.SimpleFileProviderBackend.java
License:Apache License
private void parse() { configErrors.clear();/*w w w. ja v a 2s . com*/ configWarnings.clear(); Table<String, String, Set<String>> groupRolePrivilegeTableTemp = HashBasedTable.create(); Ini ini; LOGGER.info("Parsing " + resourcePath); try { try { ini = PolicyFiles.loadFromPath(fileSystem, resourcePath); } catch (IOException e) { configErrors.add("Failed to read policy file " + resourcePath + " Error: " + e.getMessage()); throw new SentryConfigurationException("Error loading policy file " + resourcePath, e); } catch (IllegalArgumentException e) { configErrors.add("Failed to read policy file " + resourcePath + " Error: " + e.getMessage()); throw new SentryConfigurationException("Error loading policy file " + resourcePath, e); } if (LOGGER.isDebugEnabled()) { for (String sectionName : ini.getSectionNames()) { LOGGER.debug("Section: " + sectionName); Ini.Section section = ini.get(sectionName); for (String key : section.keySet()) { String value = section.get(key); LOGGER.debug(key + " = " + value); } } } parseIni(null, ini, validators, resourcePath, groupRolePrivilegeTableTemp); mergeResult(groupRolePrivilegeTableTemp); groupRolePrivilegeTableTemp.clear(); Ini.Section filesSection = ini.getSection(DATABASES); if (filesSection == null) { LOGGER.info("Section " + DATABASES + " needs no further processing"); } else if (!allowPerDatabaseSection) { String msg = "Per-db policy file is not expected in this configuration."; throw new SentryConfigurationException(msg); } else { for (Map.Entry<String, String> entry : filesSection.entrySet()) { String database = Strings.nullToEmpty(entry.getKey()).trim().toLowerCase(); Path perDbPolicy = new Path(Strings.nullToEmpty(entry.getValue()).trim()); if (isRelative(perDbPolicy)) { perDbPolicy = new Path(resourcePath.getParent(), perDbPolicy); } try { LOGGER.info("Parsing " + perDbPolicy); Ini perDbIni = PolicyFiles.loadFromPath(perDbPolicy.getFileSystem(conf), perDbPolicy); if (perDbIni.containsKey(USERS)) { configErrors.add( "Per-db policy file cannot contain " + USERS + " section in " + perDbPolicy); throw new SentryConfigurationException( "Per-db policy files cannot contain " + USERS + " section"); } if (perDbIni.containsKey(DATABASES)) { configErrors.add("Per-db policy files cannot contain " + DATABASES + " section in " + perDbPolicy); throw new SentryConfigurationException( "Per-db policy files cannot contain " + DATABASES + " section"); } parseIni(database, perDbIni, validators, perDbPolicy, groupRolePrivilegeTableTemp); } catch (Exception e) { configErrors.add( "Failed to read per-DB policy file " + perDbPolicy + " Error: " + e.getMessage()); LOGGER.error("Error processing key " + entry.getKey() + ", skipping " + entry.getValue(), e); } } } mergeResult(groupRolePrivilegeTableTemp); groupRolePrivilegeTableTemp.clear(); } catch (Exception e) { configErrors.add("Error processing file " + resourcePath + e.getMessage()); LOGGER.error("Error processing file, ignoring " + resourcePath, e); } }
From source file:org.apache.sentry.provider.file.SimplePolicyEngine.java
License:Apache License
/** * Parse the resource. Should not be used in the normal course *///from ww w. j a v a 2 s . c om protected void parse() { LOGGER.info("Parsing " + resourcePath); Roles roles = new Roles(); try { perDbResources.clear(); Ini ini = PolicyFiles.loadFromPath(fileSystem, resourcePath); if (LOGGER.isDebugEnabled()) { for (String sectionName : ini.getSectionNames()) { LOGGER.debug("Section: " + sectionName); Ini.Section section = ini.get(sectionName); for (String key : section.keySet()) { String value = section.get(key); LOGGER.debug(key + " = " + value); } } } ImmutableSetMultimap<String, String> globalRoles; Map<String, ImmutableSetMultimap<String, String>> perDatabaseRoles = Maps.newHashMap(); globalRoles = parseIni(null, ini); Ini.Section filesSection = ini.getSection(DATABASES); if (filesSection == null) { LOGGER.info("Section " + DATABASES + " needs no further processing"); } else { for (Map.Entry<String, String> entry : filesSection.entrySet()) { String database = Strings.nullToEmpty(entry.getKey()).trim().toLowerCase(); Path perDbPolicy = new Path(Strings.nullToEmpty(entry.getValue()).trim()); if (isRelative(perDbPolicy)) { perDbPolicy = new Path(resourcePath.getParent(), perDbPolicy); } try { LOGGER.info("Parsing " + perDbPolicy); Ini perDbIni = PolicyFiles.loadFromPath(fileSystem, perDbPolicy); if (perDbIni.containsKey(USERS)) { throw new ConfigurationException( "Per-db policy files cannot contain " + USERS + " section"); } if (perDbIni.containsKey(DATABASES)) { throw new ConfigurationException( "Per-db policy files cannot contain " + DATABASES + " section"); } ImmutableSetMultimap<String, String> currentDbRoles = parseIni(database, perDbIni); perDatabaseRoles.put(database, currentDbRoles); perDbResources.add(perDbPolicy); } catch (Exception e) { LOGGER.error("Error processing key " + entry.getKey() + ", skipping " + entry.getValue(), e); } } } roles = new Roles(globalRoles, ImmutableMap.copyOf(perDatabaseRoles)); } catch (Exception e) { LOGGER.error("Error processing file, ignoring " + resourcePath, e); } rolesReference.set(roles); }