1 files changed, 110 insertions, 13 deletions

diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/HashLoginService.java b/jetty-security/src/main/java/org/eclipse/jetty/security/HashLoginService.java
index beb051b621..d49f158946 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/HashLoginService.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/HashLoginService.java
@@ -19,7 +19,11 @@
 package org.eclipse.jetty.security;
 
 import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Set;
 
+import org.eclipse.jetty.security.MappedLoginService.KnownUser;
 import org.eclipse.jetty.security.PropertyUserStore.UserListener;
 import org.eclipse.jetty.server.UserIdentity;
 import org.eclipse.jetty.util.Scanner;
@@ -31,18 +35,18 @@ import org.eclipse.jetty.util.security.Credential;
 /* ------------------------------------------------------------ */
 /**
  * Properties User Realm.
- * 
+ * <p>
  * An implementation of UserRealm that stores users and roles in-memory in HashMaps.
- * <P>
+ * <p>
  * Typically these maps are populated by calling the load() method or passing a properties resource to the constructor. The format of the properties file is:
  * 
- * <PRE>
+ * <pre>
  *  username: password [,rolename ...]
- * </PRE>
+ * </pre>
  * 
  * Passwords may be clear text, obfuscated or checksummed. The class com.eclipse.Util.Password should be used to generate obfuscated passwords or password
  * checksums.
- * 
+ * <p>
  * If DIGEST Authentication is used, the password must be in a recoverable format, either plain text or OBF:.
  */
 public class HashLoginService extends MappedLoginService implements UserListener
@@ -52,7 +56,29 @@ public class HashLoginService extends MappedLoginService implements UserListener
     private PropertyUserStore _propertyUserStore;
     private String _config;
     private Resource _configResource;
-    private int _refreshInterval = 0;// default is not to reload
+    private boolean hotReload = false; // default is not to reload
+    
+    
+    
+    public class HashKnownUser extends KnownUser
+    {
+        String[] _roles;
+        
+        public HashKnownUser(String name, Credential credential)
+        {
+            super(name, credential);
+        }
+        
+        public void setRoles (String[] roles)
+        {
+            _roles = roles;
+        }
+        
+        public String[] getRoles()
+        {
+            return _roles;
+        }
+    }
 
     /* ------------------------------------------------------------ */
     public HashLoginService()
@@ -101,17 +127,51 @@ public class HashLoginService extends MappedLoginService implements UserListener
     {
         _config = config;
     }
+    
+    /**
+     * Is hot reload enabled on this user store
+     * 
+     * @return true if hot reload was enabled before startup
+     */
+    public boolean isHotReload()
+    {
+        return hotReload;
+    }
+
+    /**
+     * Enable Hot Reload of the Property File
+     * 
+     * @param enable true to enable, false to disable
+     */
+    public void setHotReload(boolean enable)
+    {
+        if (isRunning())
+        {
+            throw new IllegalStateException("Cannot set hot reload while user store is running");
+        }
+        this.hotReload = enable;
+    }
 
     /* ------------------------------------------------------------ */
-    public void setRefreshInterval(int msec)
+    /**
+     * sets the refresh interval (in seconds)
+     * @param sec the refresh interval
+     * @deprecated use {@link #setHotReload(boolean)} instead
+     */
+    @Deprecated
+    public void setRefreshInterval(int sec)
     {
-        _refreshInterval = msec;
     }
 
     /* ------------------------------------------------------------ */
+    /**
+     * @return refresh interval in seconds for how often the properties file should be checked for changes
+     * @deprecated use {@link #isHotReload()} instead
+     */
+    @Deprecated
     public int getRefreshInterval()
     {
-        return _refreshInterval;
+        return (hotReload)?1:0;
     }
 
     /* ------------------------------------------------------------ */
@@ -128,6 +188,41 @@ public class HashLoginService extends MappedLoginService implements UserListener
         // TODO: Consider refactoring MappedLoginService to not have to override with unused methods
     }
 
+
+
+    @Override
+    protected String[] loadRoleInfo(KnownUser user)
+    {
+        UserIdentity id = _propertyUserStore.getUserIdentity(user.getName());
+        if (id == null)
+            return null;
+
+
+        Set<RolePrincipal> roles = id.getSubject().getPrincipals(RolePrincipal.class);
+        if (roles == null)
+            return null;
+
+        List<String> list = new ArrayList<>();
+        for (RolePrincipal r:roles)
+            list.add(r.getName());
+
+        return list.toArray(new String[roles.size()]);
+    }
+
+    @Override
+    protected KnownUser loadUserInfo(String userName)
+    {
+        UserIdentity id = _propertyUserStore.getUserIdentity(userName);
+        if (id != null)
+        {
+            return (KnownUser)id.getUserPrincipal();
+        }
+        
+        return null;
+    }
+    
+    
+
     /* ------------------------------------------------------------ */
     /**
      * @see org.eclipse.jetty.util.component.AbstractLifeCycle#doStart()
@@ -140,11 +235,11 @@ public class HashLoginService extends MappedLoginService implements UserListener
         if (_propertyUserStore == null)
         {
             if(LOG.isDebugEnabled())
-                LOG.debug("doStart: Starting new PropertyUserStore. PropertiesFile: " + _config + " refreshInterval: " + _refreshInterval);
+                LOG.debug("doStart: Starting new PropertyUserStore. PropertiesFile: " + _config + " hotReload: " + hotReload);
             
             _propertyUserStore = new PropertyUserStore();
-            _propertyUserStore.setRefreshInterval(_refreshInterval);
-            _propertyUserStore.setConfig(_config);
+            _propertyUserStore.setHotReload(hotReload);
+            _propertyUserStore.setConfigPath(_config);
             _propertyUserStore.registerUserListener(this);
             _propertyUserStore.start();
         }
@@ -169,9 +264,11 @@ public class HashLoginService extends MappedLoginService implements UserListener
     {
         if (LOG.isDebugEnabled())
             LOG.debug("update: " + userName + " Roles: " + roleArray.length);
-        putUser(userName,credential,roleArray);
+       //TODO need to remove and replace the authenticated user?
     }
 
+    
+    
     /* ------------------------------------------------------------ */
     @Override
     public void remove(String userName)