/* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ package org.apache.shiro.web.servlet; import org.apache.shiro.config.ConfigurationException; import org.apache.shiro.config.Ini; import org.apache.shiro.config.IniFactorySupport; import org.apache.shiro.io.ResourceUtils; import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.util.CollectionUtils; import org.apache.shiro.util.StringUtils; import org.apache.shiro.web.config.IniFilterChainResolverFactory; import org.apache.shiro.web.config.WebIniSecurityManagerFactory; import org.apache.shiro.web.filter.mgt.FilterChainResolver; import org.apache.shiro.web.mgt.WebSecurityManager; import org.apache.shiro.web.util.WebUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import java.io.InputStream; import java.util.Map; /** *
* <filter> * <filter-name>ShiroFilter</filter-name> * <filter-class>org.apache.shiro.web.servlet.IniShiroFilter</filter-class> * </filter> **
* <filter> * <filter-name>ShiroFilter</filter-name> * <filter-class>org.apache.shiro.web.servlet.IniShiroFilter</filter-class> * <init-param> * <param-name>configPath</param-name> * <param-value>/WEB-INF/someFile.ini</param-value> * </init-param> * </filter> ** Unqualified (schemeless or 'non-prefixed') paths are assumed to be {@code ServletContext} resource paths, resolvable * via {@link javax.servlet.ServletContext#getResourceAsStream(String) ServletContext#getResourceAsStream}. * * Non-ServletContext resources may be loaded from qualified locations by specifying prefixes indicating the source, * e.g. {@code file:}, {@code url:}, and {@code classpath:}. See the * {@link ResourceUtils#getInputStreamForPath(String)} JavaDoc for more. *
* <filter> * <filter-name>ShiroFilter</filter-name> * <filter-class>org.apache.shiro.web.servlet.IniShiroFilter</filter-class> * <init-param> * <param-name>config</param-name> * <param-value> * #INI config goes here... * </param-value> * </init-param> * </filter> ** Although this is typically not recommended because any Shiro configuration changes would contribute to version control * 'noise' in the web.xml file. * * When creating the shiro.ini configuration itself, please see Shiro's * Configuration Documentation and * Web Documentation. * * @see Apache Shiro INI Configuration * @see Apache Shiro Web Documentation * @since 1.0 * @deprecated in 1.2 in favor of using the {@link ShiroFilter} */ @Deprecated public class IniShiroFilter extends AbstractShiroFilter { public static final String CONFIG_INIT_PARAM_NAME = "config"; public static final String CONFIG_PATH_INIT_PARAM_NAME = "configPath"; public static final String DEFAULT_WEB_INI_RESOURCE_PATH = "/WEB-INF/shiro.ini"; private static final Logger log = LoggerFactory.getLogger(IniShiroFilter.class); private String config; private String configPath; public IniShiroFilter() { } /** * Returns the actual INI configuration text to use to build the {@link SecurityManager} and * {@link FilterChainResolver} used by the web application or {@code null} if the * {@link #getConfigPath() configPath} should be used to load a fallback INI source. * * This value is {@code null} by default, but it will be automatically set to the value of the * '{@code config}' {@code init-param} if it exists in the {@code FilterConfig} provided by the servlet * container at startup. * * @return the actual INI configuration text to use to build the {@link SecurityManager} and * {@link FilterChainResolver} used by the web application or {@code null} if the * {@link #getConfigPath() configPath} should be used to load a fallback INI source. */ public String getConfig() { return this.config; } /** * Sets the actual INI configuration text to use to build the {@link SecurityManager} and * {@link FilterChainResolver} used by the web application. If this value is {@code null}, the * {@link #getConfigPath() configPath} will be checked to see if a .ini file should be loaded instead. * * This value is {@code null} by default, but it will be automatically set to the value of the * '{@code config}' {@code init-param} if it exists in the {@code FilterConfig} provided by the servlet * container at startup. * * @param config the actual INI configuration text to use to build the {@link SecurityManager} and * {@link FilterChainResolver} used by the web application. */ public void setConfig(String config) { this.config = config; } /** * Returns the config path to be used to load a .ini file for configuration if a configuration is * not specified via the {@link #getConfig() config} attribute. * * This value is {@code null} by default, but it will be automatically set to the value of the * '{@code configPath}' {@code init-param} if it exists in the {@code FilterConfig} provided by the servlet * container at startup. * * @return the config path to be used to load a .ini file for configuration if a configuration is * not specified via the {@link #getConfig() config} attribute. */ public String getConfigPath() { return configPath; } /** * Sets the config path to be used to load a .ini file for configuration if a configuration is * not specified via the {@link #getConfig() config} attribute. * * This value is {@code null} by default, but it will be automatically set to the value of the * '{@code configPath}' {@code init-param} if it exists in the {@code FilterConfig} provided by the servlet * container at startup. * * @param configPath the config path to be used to load a .ini file for configuration if a configuration is * not specified via the {@link #getConfig() config} attribute. */ public void setConfigPath(String configPath) { this.configPath = StringUtils.clean(configPath); } public void init() throws Exception { applyInitParams(); configure(); } protected void applyInitParams() throws Exception { String config = getInitParam(CONFIG_INIT_PARAM_NAME); if (config != null) { setConfig(config); } String configPath = getInitParam(CONFIG_PATH_INIT_PARAM_NAME); if (configPath != null) { setConfigPath(configPath); } } protected void configure() throws Exception { Ini ini = loadIniFromConfig(); if (CollectionUtils.isEmpty(ini)) { log.info("Null or empty configuration specified via 'config' init-param. " + "Checking path-based configuration."); ini = loadIniFromPath(); } //added for SHIRO-178: if (CollectionUtils.isEmpty(ini)) { log.info("Null or empty configuration specified via '" + CONFIG_INIT_PARAM_NAME + "' or '" + CONFIG_PATH_INIT_PARAM_NAME + "' filter parameters. Trying the default " + DEFAULT_WEB_INI_RESOURCE_PATH + " file."); ini = getServletContextIniResource(DEFAULT_WEB_INI_RESOURCE_PATH); } //although the preferred default is /WEB-INF/shiro.ini per SHIRO-178, keep this //for backwards compatibility: if (CollectionUtils.isEmpty(ini)) { log.info("Null or empty configuration specified via '" + CONFIG_INIT_PARAM_NAME + "' or '" + CONFIG_PATH_INIT_PARAM_NAME + "' filter parameters. Trying the default " + IniFactorySupport.DEFAULT_INI_RESOURCE_PATH + " file."); ini = IniFactorySupport.loadDefaultClassPathIni(); } Map