Class PropertiesRealm

  extended by org.apache.shiro.realm.CachingRealm
      extended by org.apache.shiro.realm.AuthenticatingRealm
          extended by org.apache.shiro.realm.AuthorizingRealm
              extended by org.apache.shiro.realm.SimpleAccountRealm
                  extended by org.apache.shiro.realm.text.TextConfigurationRealm
                      extended by org.apache.shiro.realm.text.PropertiesRealm
All Implemented Interfaces:
Runnable, LogoutAware, Authorizer, PermissionResolverAware, RolePermissionResolverAware, CacheManagerAware, Realm, Destroyable, Initializable, Nameable

public class PropertiesRealm
extends TextConfigurationRealm
implements Destroyable, Runnable

A TextConfigurationRealm that defers all logic to the parent class, but just enables Properties based configuration in addition to the parent class's String configuration.

This class allows processing of a single .properties file for user, role, and permission configuration.

The resourcePath MUST be set before this realm can be initialized. You can specify any resource path supported by ResourceUtils.getInputStreamForPath method.

The Properties format understood by this implementation must be written as follows:

Each line's key/value pair represents either a user-to-role(s) mapping or a role-to-permission(s) mapping.

The user-to-role(s) lines have this format:

user.username = password,role1,role2,...

Note that each key is prefixed with the token user. Each value must adhere to the the setUserDefinitions(String) JavaDoc.

The role-to-permission(s) lines have this format:

role.rolename = permissionDefinition1, permissionDefinition2, ...

where each key is prefixed with the token role. and the value adheres to the format specified in the setRoleDefinitions(String) JavaDoc.

Here is an example of a very simple properties definition that conforms to the above format rules and corresponding method JavaDocs:

user.root = rootPassword,administrator
user.jsmith = jsmithPassword,manager,engineer,employee
user.abrown = abrownPassword,qa,employee
user.djones = djonesPassword,qa,contractor

role.administrator = *
role.manager = "user:read,write", file:execute:/usr/local/ = "file:read,execute:/usr/local/tomcat/bin/"
role.employee = application:use:wiki = "server:view,start,shutdown,restart:someQaServer", server:view:someProductionServer
role.contractor = application:use:timesheet


Field Summary
protected  long fileLastModified
protected  int reloadIntervalSeconds
protected  String resourcePath
protected  ExecutorService scheduler
protected  boolean useXmlFormat
Fields inherited from class org.apache.shiro.realm.SimpleAccountRealm
roles, ROLES_LOCK, users, USERS_LOCK
Constructor Summary
Method Summary
protected  void afterRoleCacheSet()
 void destroy()
          Destroy reload scheduler if one exists.
protected  String getName(String key, String prefix)
protected  String getRolename(String key)
protected  String getUsername(String key)
protected  boolean isRolename(String key)
protected  boolean isUsername(String key)
 void onInit()
          Will call 'processDefinitions' on startup.
 void run()
 void setReloadIntervalSeconds(int reloadIntervalSeconds)
          Sets the interval in seconds at which the property file will be checked for changes and reloaded.
 void setResourcePath(String resourcePath)
          Sets the path of the properties file to load user, role, and permission information from.
 void setUseXmlFormat(boolean useXmlFormat)
          Determines whether or not the properties XML format should be used.
protected  void startReloadThread()
Methods inherited from class org.apache.shiro.realm.text.TextConfigurationRealm
getRoleDefinitions, getUserDefinitions, processDefinitions, processRoleDefinitions, processRoleDefinitions, processUserDefinitions, processUserDefinitions, setRoleDefinitions, setUserDefinitions, toLines, toMap
Methods inherited from class org.apache.shiro.realm.SimpleAccountRealm
accountExists, add, add, addAccount, addAccount, addRole, doGetAuthenticationInfo, doGetAuthorizationInfo, getRole, getUser, getUsername, getUsername, roleExists, toSet
Methods inherited from class org.apache.shiro.realm.AuthorizingRealm
afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolver
Methods inherited from class org.apache.shiro.realm.AuthenticatingRealm
assertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher, supports
Methods inherited from class org.apache.shiro.realm.CachingRealm
clearCache, getAvailablePrincipal, getCacheManager, getName, isCachingEnabled, onLogout, setCacheManager, setCachingEnabled
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.apache.shiro.util.Initializable

Field Detail


protected ExecutorService scheduler


protected boolean useXmlFormat


protected String resourcePath


protected long fileLastModified


protected int reloadIntervalSeconds
Constructor Detail


public PropertiesRealm()
Method Detail


public void setUseXmlFormat(boolean useXmlFormat)
Determines whether or not the properties XML format should be used. For more information, see Properties.loadFromXML(

useXmlFormat - true to use XML or false to use the normal format. Defaults to false.


public void setResourcePath(String resourcePath)
Sets the path of the properties file to load user, role, and permission information from. The properties file will be loaded using ResourceUtils.getInputStreamForPath(String) so any convention recongized by that method is accepted here. For example, to load a file from the classpath use; to load a file from disk simply specify the full path; to load a file from a URL use

resourcePath - the path to load the properties file from. This is a required property.


public void setReloadIntervalSeconds(int reloadIntervalSeconds)
Sets the interval in seconds at which the property file will be checked for changes and reloaded. If this is set to zero or less, property file reloading will be disabled. If it is set to 1 or greater, then a separate thread will be created to monitor the propery file for changes and reload the file if it is updated.

reloadIntervalSeconds - the interval in seconds at which the property file should be examined for changes. If set to zero or less, reloading is disabled.


public void onInit()
Description copied from class: TextConfigurationRealm
Will call 'processDefinitions' on startup.

onInit in class TextConfigurationRealm
See Also:


protected void afterRoleCacheSet()


public void destroy()
Destroy reload scheduler if one exists.

Specified by:
destroy in interface Destroyable


protected void startReloadThread()


public void run()
Specified by:
run in interface Runnable


protected String getName(String key,
                         String prefix)


protected boolean isUsername(String key)


protected boolean isRolename(String key)


protected String getUsername(String key)


protected String getRolename(String key)

Copyright © 2004-2014 The Apache Software Foundation. All Rights Reserved.