source: tags/0.9.0/README.XmlUserManager.txt

Last change on this file was 1, checked in by root, 14 years ago

Initial import

File size: 3.4 KB
Line 
1XmlUserManager (com.bowman.cardserv.XmlUserManager)
2---------------------------------------------------
3
4XmlUserManager is a small extension of the built in example SimpleUserManager. Instead of reading user definitions
5only from proxy.xml it can fetch an external xml file from any url. This can be a simpler alternative to a full
6database usermanager, when maintaining the same set of users in a cluster of multiple proxies.
7
8- XmlUserManager uses the exact same xml format as SimpleUserManager (see proxy-reference.html).
9- It will accept user definitions included in proxy.xml, just like SimpleUserManager. These are parsed before any
10 attempts are made to get external definitions, making it possible to have some local users in addition to the main
11 user db.
12- If the same username exists both in proxy.xml and in the fetched user file, the local definition will be overwritten.
13
14------------------------------------------------------
15
16The following are settings are available for XmlUserManager:
17
18<user-manager class="com.bowman.cardserv.XmlUserManager" log-failures="true">
19
20- To load the XmlUserManager, use the following user-manager class name: com.bowman.cardserv.XmlUserManager
21Changing from one user-manager to another requires a proxy restart.
22
23<auth-config>
24 <user-file-url>http://192.168.0.5/users.xml</user-file-url>
25
26- The url of the xml file with user definitions. The file should match the auth-config for SimpleUserManager, but
27the top level element is ignored. See config/users.example.xml for an example.
28Any url can be used, including https/ftp with user:passwd@hostname type auth info. File urls are also accepted.
29
30NOTE: When using a http/https url, it doesn't have to point to an actual static xml file. A php/jsp/asp page that
31renders the xml dynamically from an underlying database is a more flexible solution.
32
33 <user-file-key>asdf22</user-file-key>
34
35- Optionally, the user file can be blowfish encrypted using the included fishenc.jar tool (found in lib). If the
36file is not encrypted, omit the user-file-key element entirely.
37
38 <update-interval>5</update-interval> <!-- minutes -->
39
40- How often to check for changes in the user file. If no changes have occured, the file will not be fetched/parsed.
41
42 <user name="local1" password="test" ip-mask="192.168.0.*" profiles="cable" admin="true"/>
43 <user name="local2" password="test" debug="true"/>
44
45</auth-config>
46</user-manager>
47
48------------------------------------------------------
49
50NOTE: Errors in the user file will not prevent the proxy from starting, it will only log warnings if unable to
51fetch/parse the file. Local users in proxy.xml will still be available.
52Should the user file become temporarily unavailable or broken, the proxy will keep using the last known working one.
53To see exactly what XmlUserManager is doing, use log-level FINE.
54
55As of 0.8.8 it is possible to specify multiple source urls, using the following format:
56
57<auth-config>
58
59 <user-source name="someusers">
60 <user-file-url>http://192.168.0.5/users.xml</user-file-url>
61 <user-file-key>asdf22</user-file-key>
62 </user-source>
63 <user-source name="otherusers">
64 <user-file-url>https://admin:secret@some.host.com/users.php</user-file-url>
65 </user-source>
66 <user-source name="localusers">
67 <user-file-url>file:///tmp/users.xml</user-file-url>
68 </user-source>
69
70 <update-interval>5</update-interval> <!-- minutes -- >
71
72</auth-config>
Note: See TracBrowser for help on using the repository browser.