Examples of com.sun.enterprise.security.auth.realm.file.FileRealm

• com.sun.enterprise.security.auth.realm.file.FileRealm
  Realm wrapper for supporting file password authentication.

  In addition to the basic realm functionality, this class provides administration methods for the file realm.

  Format of the keyfile used by this class is one line per user containing username;password;groups where:

  • username - Name string.
  • password - A salted SHA hash (SSHA) of the user password.
  • groups - A comma separated list of group memberships.

  The file realm needs the following properties in its configuration:

  • file - Full path to the keyfile to load
  • jaas-ctx - JAAS context name used to access LoginModule for authentication.

  @author Harry Singh @author Jyri Virkki @author Shing Wai Chan

    }
    private FileRealm adminRealm() throws BadRealmException, NoSuchRealmException {
        final AuthRealm ar = as.getAssociatedAuthRealm();
        if (FileRealm.class.getName().equals(ar.getClassname())) {
            String adminKeyFilePath = ar.getPropertyValue("file");
            FileRealm fr = new FileRealm(adminKeyFilePath);
            return fr;
        }
        return null;
    }

     * @throws NoSuchRealmException
     * @throws NoSuchUserException
     */
    @Override
    public boolean isAnyAdminUserWithoutPassword() throws Exception {
        final FileRealm adminRealm = adminRealm();
        /*
         * If the user has configured the admin realm to use a realm other than
         * the default file realm bypass the check that makes sure no admin users have
         * an empty password.
         */
        if (adminRealm == null) {
            return false;
        }
        for (final Enumeration<String> e = adminRealm.getUserNames(); e.hasMoreElements(); ) {
            final String username = e.nextElement();
            /*
                * Try to authenticate this user with an empty password.  If it
                * works we can stop.
                */
            final String[] groupNames = adminRealm.authenticate(username, emptyPassword);
            if (groupNames != null) {
                for (String groupName : groupNames) {
                    if (DOMAIN_ADMIN_GROUP_NAME.equals(groupName)) {
                        return true;
                    }

    {
        if (!(_currentRealm instanceof FileRealm)) {
            String msg = sm.getString("filelm.badrealm");
            throw new LoginException(msg);
        }
        FileRealm fileRealm = (FileRealm)_currentRealm;

        String[] grpList = fileRealm.authenticate(_username, getPasswordChar());

        if (grpList == null) {  // JAAS behavior
            String msg = sm.getString("filelm.faillogin", _username);
            throw new LoginException(msg);
        }

                new Object[]{keyFile, authRealmName}));
            report.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        // We have the right impl so let's try to remove one
        FileRealm fr = null;
        try {
            realmsManager.createRealms(config);
            //account for updates to realms from outside this config sharing
            //same keyfile
            CreateFileUser.refreshRealm(config.getName(), authRealmName);
            fr = (FileRealm) realmsManager.getFromLoadedRealms(config.getName(),authRealmName);
            if (fr == null) {
                throw new NoSuchRealmException(authRealmName);
            }
        }  catch(NoSuchRealmException e) {
            report.setMessage(
                localStrings.getLocalString(
                    "list.file.user.realmnotsupported",
                    "Configured file realm {0} is not supported.", authRealmName) +
                "  " + e.getLocalizedMessage());
            report.setActionExitCode(ActionReport.ExitCode.FAILURE);
            report.setFailureCause(e);
            return;
        }

        try {
            Enumeration users = fr.getUserNames();
            List userList = new ArrayList();

            while (users.hasMoreElements()) {
                final ActionReport.MessagePart part = report.getTopMessagePart().addChild();
                String userName = (String) users.nextElement();
                part.setMessage(userName);
                Map userMap = new HashMap();
                userMap.put("name", userName);
                try {
                    userMap.put("groups", Collections.list(fr.getGroupNames(userName)));
                } catch (NoSuchUserException ex) {
                    // This should never be thrown since we just got the user name from the realm
                }
                userList.add(userMap);
            }

            throw new RuntimeException(Strings.get("errVal"), ex);
        }
    }

    private void validateUser(final String username) throws BadRealmException, NoSuchRealmException {
        final FileRealm fr = adminRealm();
        try {
            FileRealmUser fru = (FileRealmUser)fr.getUser(username);
            if (isInAdminGroup(fru)) {
                return;
            }
            /*
             * The user is valid but is not in the admin group.

    }
    private FileRealm adminRealm() throws BadRealmException, NoSuchRealmException {
        final AuthRealm ar = as.getAssociatedAuthRealm();
        if (FileRealm.class.getName().equals(ar.getClassname())) {
            String adminKeyFilePath = ar.getPropertyValue("file");
            FileRealm fr = new FileRealm(adminKeyFilePath);
            return fr;
        }
        return null;
    }

     * @throws NoSuchRealmException
     * @throws NoSuchUserException
     */
    @Override
    public boolean isAnyAdminUserWithoutPassword() throws Exception {
        final FileRealm adminRealm = adminRealm();
        /*
         * If the user has configured the admin realm to use a realm other than
         * the default file realm bypass the check that makes sure no admin users have
         * an empty password.
         */
        if (adminRealm == null) {
            return true;
        }
        for (final Enumeration<String> e = adminRealm.getUserNames(); e.hasMoreElements(); ) {
            final String username = e.nextElement();
            /*
                * Try to authenticate this user with an empty password.  If it
                * works we can stop.
                */
            final String[] groupNames = adminRealm.authenticate(username, emptyPassword);
            if (groupNames != null) {
                for (String groupName : groupNames) {
                    if (DOMAIN_ADMIN_GROUP_NAME.equals(groupName)) {
                        return true;
                    }