dev@glassfish.java.net

Re: realm file names

From: V B Kumar Jayanti <Vbkumar.Jayanti_at_Sun.COM>
Date: Tue, 20 Jul 2010 12:59:16 +0500

Hi Bill,


  The code looks fine to me. The null check for file property is not necessary since this is a compulsary property for a file realm and is enforced by both CLI and GUI (but it us probably safe to leave it to cater to hand-modification of domain.xml). We are currently writing a similar method for Embedded EJB Mode where we need to copy these keyfiles to the designated Embedded Temp Directory. So if you are placing this method in some common place we can call it as well.
 

> One of the things the startup synchronization code needs to do is
> to synchronize all the files for file realms used by an instance.

So do we document that keyfiles not residing in the config are not managed by clustering infrastructure and developers have to take care of synchronizing them on their own.

regards,
kumar

>
> I wrote the following method to discover these file names. Can someone
> please review this and let me know if it looks correct? It seems to
> work for my simple test cases.
>
> Thanks.
>
>
>
> private static final String FILE_REALM_CLASS =
> "com.sun.enterprise.security.auth.realm.file.FileRealm";
>
> /**
> * Get the names of any realm files in the config directory
> * and add them to the set of file names. This will normally
> * find at least the "admin-keyfile" and "keyfile" files.
> */
> private void getRealmFileNames(Server server, Set<String> files) {
> File configDir = env.getConfigDirPath();
> URI configURI = configDir.toURI();
> Config config = domain.getConfigNamed(server.getConfigRef());
> // XXX - need to handle cluster instances specially?
> SecurityService securityService = config.getSecurityService();
> for (AuthRealm authRealm : securityService.getAuthRealm()) {
> String fileRealmClassName = authRealm.getClassname();
> // skip it if it's not a file realm
> if (fileRealmClassName == null ||
> !fileRealmClassName.equals(FILE_REALM_CLASS))
> continue;
> String file = authRealm.getPropertyValue("file");
> if (file == null) // skip if no "file" property
> continue;
> File rfile = new File(file);
> if (!rfile.exists()) // skip if file doesn't exist
> continue;
> URI rURI = rfile.toURI();
> URI f = configURI.relativize(rfile.toURI());
> if (!f.isAbsolute()) // if file is in config dir,
> add it
> files.add(f.toString());
> }
> }
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.