1 /* 2 * Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package com.sun.security.auth.login; 27 28 import javax.security.auth.login.AppConfigurationEntry; 29 import javax.security.auth.login.Configuration; 30 import java.net.URI; 31 32 // NOTE: As of JDK 8, this class instantiates 33 // sun.security.provider.ConfigFile.Spi and forwards all methods to that 34 // implementation. All implementation fixes and enhancements should be made to 35 // sun.security.provider.ConfigFile.Spi and not this class. 36 // See JDK-8005117 for more information. 37 38 /** 39 * This class represents a default implementation for 40 * {@code javax.security.auth.login.Configuration}. 41 * 42 * <p> This object stores the runtime login configuration representation, 43 * and is the amalgamation of multiple static login 44 * configurations that resides in files. 45 * The algorithm for locating the login configuration file(s) and reading their 46 * information into this {@code Configuration} object is: 47 * 48 * <ol> 49 * <li> 50 * Loop through the security properties, 51 * <i>login.config.url.1</i>, <i>login.config.url.2</i>, ..., 52 * <i>login.config.url.X</i>. 53 * Each property value specifies a {@code URL} pointing to a 54 * login configuration file to be loaded. Read in and load 55 * each configuration. 56 * 57 * <li> 58 * The system property 59 * {@systemProperty java.security.auth.login.config} 60 * may also be set to a {@code URL} pointing to another 61 * login configuration file 62 * (which is the case when a user uses the -D switch at runtime). 63 * If this property is defined, and its use is allowed by the 64 * security property file (the Security property, 65 * <i>policy.allowSystemProperty</i> is set to <i>true</i>), 66 * also load that login configuration. 67 * 68 * <li> 69 * If the <i>java.security.auth.login.config</i> property is defined using 70 * "==" (rather than "="), then ignore all other specified 71 * login configurations and only load this configuration. 72 * 73 * <li> 74 * If no system or security properties were set, try to read from the file, 75 * ${user.home}/.java.login.config, where ${user.home} is the value 76 * represented by the "user.home" System property. 77 * </ol> 78 * 79 * <p> The configuration syntax supported by this implementation 80 * is exactly that syntax specified in the 81 * {@code javax.security.auth.login.Configuration} class. In addition, the 82 * security property <i>policy.expandProperties</i> can be used to control 83 * whether system properties in the configuration file are expanded. If not 84 * set, the default value is <i>true</i> which means that properties will 85 * be expanded. 86 * 87 * @see javax.security.auth.login.LoginContext 88 * @see java.security.Security security properties 89 */ 90 public class ConfigFile extends Configuration { 91 92 private final sun.security.provider.ConfigFile.Spi spi; 93 94 /** 95 * Create a new {@code Configuration} object. 96 * 97 * @throws SecurityException if the {@code Configuration} can not be 98 * initialized 99 */ ConfigFile()100 public ConfigFile() { 101 spi = new sun.security.provider.ConfigFile.Spi(); 102 } 103 104 /** 105 * Create a new {@code Configuration} object from the specified {@code URI}. 106 * 107 * @param uri the {@code URI} 108 * @throws SecurityException if the {@code Configuration} can not be 109 * initialized 110 * @throws NullPointerException if {@code uri} is null 111 */ ConfigFile(URI uri)112 public ConfigFile(URI uri) { 113 spi = new sun.security.provider.ConfigFile.Spi(uri); 114 } 115 116 /** 117 * Retrieve an entry from the {@code Configuration} using an application 118 * name as an index. 119 * 120 * @param applicationName the name used to index the {@code Configuration} 121 * @return an array of {@code AppConfigurationEntry} which correspond to 122 * the stacked configuration of {@code LoginModule}s for this 123 * application, or null if this application has no configured 124 * {@code LoginModule}s. 125 */ 126 @Override getAppConfigurationEntry(String applicationName)127 public AppConfigurationEntry[] getAppConfigurationEntry 128 (String applicationName) { 129 130 return spi.engineGetAppConfigurationEntry(applicationName); 131 } 132 133 /** 134 * Refresh and reload the {@code Configuration} by re-reading all of the 135 * login configurations. 136 * 137 * @throws SecurityException if the caller does not have permission 138 * to refresh the {@code Configuration} 139 */ 140 @Override refresh()141 public void refresh() { 142 spi.engineRefresh(); 143 } 144 } 145