/*
 * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package javax.security.auth.login;

import javax.security.auth.AuthPermission;

import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.security.PrivilegedActionException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.Security;
import java.util.Objects;

import sun.security.jca.GetInstance;

A Configuration object is responsible for specifying which LoginModules should be used for a particular application, and in what order the LoginModules should be invoked.

A login configuration contains the following information. Note that this example only represents the default syntax for the Configuration. Subclass implementations of this class may implement alternative syntaxes and may retrieve the Configuration from any source such as files, databases, or servers.

     Name {
           ModuleClass  Flag    ModuleOptions;
           ModuleClass  Flag    ModuleOptions;
           ModuleClass  Flag    ModuleOptions;
     };
     Name {
           ModuleClass  Flag    ModuleOptions;
           ModuleClass  Flag    ModuleOptions;
     };
     other {
           ModuleClass  Flag    ModuleOptions;
           ModuleClass  Flag    ModuleOptions;
     };

Each entry in the Configuration is indexed via an application name, Name, and contains a list of LoginModules configured for that application. Each LoginModule is specified via its fully qualified class name. Authentication proceeds down the module list in the exact order specified. If an application does not have a specific entry, it defaults to the specific entry for "other".

The Flag value controls the overall behavior as authentication proceeds down the stack. The following represents a description of the valid values for Flag and their respective semantics:

 1) Required - The LoginModule is required to succeed. If it succeeds or fails, authentication still continues to proceed down the LoginModule list. 2) Requisite - The LoginModule is required to succeed. If it succeeds, authentication continues down the LoginModule list. If it fails, control immediately returns to the application (authentication does not proceed down the LoginModule list). 3) Sufficient - The LoginModule is not required to succeed. If it does succeed, control immediately returns to the application (authentication does not proceed down the LoginModule list). If it fails, authentication continues down the LoginModule list. 4) Optional - The LoginModule is not required to succeed. If it succeeds or fails, authentication still continues to proceed down the LoginModule list. 

The overall authentication succeeds only if all Required and Requisite LoginModules succeed. If a Sufficient LoginModule is configured and succeeds, then only the Required and Requisite LoginModules prior to that Sufficient LoginModule need to have succeeded for the overall authentication to succeed. If no Required or Requisite LoginModules are configured for an application, then at least one Sufficient or Optional LoginModule must succeed.

ModuleOptions is a space separated list of LoginModule-specific values which are passed directly to the underlying LoginModules. Options are defined by the LoginModule itself, and control the behavior within it. For example, a LoginModule may define options to support debugging/testing capabilities. The correct way to specify options in the Configuration is by using the following key-value pairing: debug="true". The key and value should be separated by an 'equals' symbol, and the value should be surrounded by double quotes. If a String in the form, ${system.property}, occurs in the value, it will be expanded to the value of the system property. Note that there is no limit to the number of options a LoginModule may define.

The following represents an example Configuration entry based on the syntax above:

Login {
  com.sun.security.auth.module.UnixLoginModule required;
  com.sun.security.auth.module.Krb5LoginModule optional
                  useTicketCache="true"
                  ticketCache="${user.home}${/}tickets";
};

This Configuration specifies that an application named, "Login", requires users to first authenticate to the com.sun.security.auth.module.UnixLoginModule, which is required to succeed. Even if the UnixLoginModule authentication fails, the com.sun.security.auth.module.Krb5LoginModule still gets invoked. This helps hide the source of failure. Since the Krb5LoginModule is Optional, the overall authentication succeeds only if the UnixLoginModule (Required) succeeds.

Also note that the LoginModule-specific options, useTicketCache="true" and ticketCache=${user.home}${/}tickets", are passed to the Krb5LoginModule. These options instruct the Krb5LoginModule to use the ticket cache at the specified location. The system properties, user.home and / (file.separator), are expanded to their respective values.

There is only one Configuration object installed in the runtime at any given time. A Configuration object can be installed by calling the setConfiguration method. The installed Configuration object can be obtained by calling the getConfiguration method.

If no Configuration object has been installed in the runtime, a call to getConfiguration installs an instance of the default Configuration implementation (a default subclass implementation of this abstract class). The default Configuration implementation can be changed by setting the value of the login.configuration.provider security property to the fully qualified name of the desired Configuration subclass implementation.

Application code can directly subclass Configuration to provide a custom implementation. In addition, an instance of a Configuration object can be constructed by invoking one of the getInstance factory methods with a standard type. The default policy type is "JavaLoginConfig". See the Configuration section in the Java Cryptography Architecture Standard Algorithm Name Documentation for a list of standard Configuration types.

See Also:
/** * A Configuration object is responsible for specifying which LoginModules * should be used for a particular application, and in what order the * LoginModules should be invoked. * * <p> A login configuration contains the following information. * Note that this example only represents the default syntax for the * {@code Configuration}. Subclass implementations of this class * may implement alternative syntaxes and may retrieve the * {@code Configuration} from any source such as files, databases, * or servers. * * <pre> * Name { * ModuleClass Flag ModuleOptions; * ModuleClass Flag ModuleOptions; * ModuleClass Flag ModuleOptions; * }; * Name { * ModuleClass Flag ModuleOptions; * ModuleClass Flag ModuleOptions; * }; * other { * ModuleClass Flag ModuleOptions; * ModuleClass Flag ModuleOptions; * }; * </pre> * * <p> Each entry in the {@code Configuration} is indexed via an * application name, <i>Name</i>, and contains a list of * LoginModules configured for that application. Each {@code LoginModule} * is specified via its fully qualified class name. * Authentication proceeds down the module list in the exact order specified. * If an application does not have a specific entry, * it defaults to the specific entry for "<i>other</i>". * * <p> The <i>Flag</i> value controls the overall behavior as authentication * proceeds down the stack. The following represents a description of the * valid values for <i>Flag</i> and their respective semantics: * * <pre> * 1) Required - The {@code LoginModule} is required to succeed. * If it succeeds or fails, authentication still continues * to proceed down the {@code LoginModule} list. * * 2) Requisite - The {@code LoginModule} is required to succeed. * If it succeeds, authentication continues down the * {@code LoginModule} list. If it fails, * control immediately returns to the application * (authentication does not proceed down the * {@code LoginModule} list). * * 3) Sufficient - The {@code LoginModule} is not required to * succeed. If it does succeed, control immediately * returns to the application (authentication does not * proceed down the {@code LoginModule} list). * If it fails, authentication continues down the * {@code LoginModule} list. * * 4) Optional - The {@code LoginModule} is not required to * succeed. If it succeeds or fails, * authentication still continues to proceed down the * {@code LoginModule} list. * </pre> * * <p> The overall authentication succeeds only if all <i>Required</i> and * <i>Requisite</i> LoginModules succeed. If a <i>Sufficient</i> * {@code LoginModule} is configured and succeeds, * then only the <i>Required</i> and <i>Requisite</i> LoginModules prior to * that <i>Sufficient</i> {@code LoginModule} need to have succeeded for * the overall authentication to succeed. If no <i>Required</i> or * <i>Requisite</i> LoginModules are configured for an application, * then at least one <i>Sufficient</i> or <i>Optional</i> * {@code LoginModule} must succeed. * * <p> <i>ModuleOptions</i> is a space separated list of * {@code LoginModule}-specific values which are passed directly to * the underlying LoginModules. Options are defined by the * {@code LoginModule} itself, and control the behavior within it. * For example, a {@code LoginModule} may define options to support * debugging/testing capabilities. The correct way to specify options in the * {@code Configuration} is by using the following key-value pairing: * <i>debug="true"</i>. The key and value should be separated by an * 'equals' symbol, and the value should be surrounded by double quotes. * If a String in the form, ${system.property}, occurs in the value, * it will be expanded to the value of the system property. * Note that there is no limit to the number of * options a {@code LoginModule} may define. * * <p> The following represents an example {@code Configuration} entry * based on the syntax above: * * <pre> * Login { * com.sun.security.auth.module.UnixLoginModule required; * com.sun.security.auth.module.Krb5LoginModule optional * useTicketCache="true" * ticketCache="${user.home}${/}tickets"; * }; * </pre> * * <p> This {@code Configuration} specifies that an application named, * "Login", requires users to first authenticate to the * <i>com.sun.security.auth.module.UnixLoginModule</i>, which is * required to succeed. Even if the <i>UnixLoginModule</i> * authentication fails, the * <i>com.sun.security.auth.module.Krb5LoginModule</i> * still gets invoked. This helps hide the source of failure. * Since the <i>Krb5LoginModule</i> is <i>Optional</i>, the overall * authentication succeeds only if the <i>UnixLoginModule</i> * (<i>Required</i>) succeeds. * * <p> Also note that the LoginModule-specific options, * <i>useTicketCache="true"</i> and * <i>ticketCache=${user.home}${/}tickets"</i>, * are passed to the <i>Krb5LoginModule</i>. * These options instruct the <i>Krb5LoginModule</i> to * use the ticket cache at the specified location. * The system properties, <i>user.home</i> and <i>/</i> * (file.separator), are expanded to their respective values. * * <p> There is only one Configuration object installed in the runtime at any * given time. A Configuration object can be installed by calling the * {@code setConfiguration} method. The installed Configuration object * can be obtained by calling the {@code getConfiguration} method. * * <p> If no Configuration object has been installed in the runtime, a call to * {@code getConfiguration} installs an instance of the default * Configuration implementation (a default subclass implementation of this * abstract class). * The default Configuration implementation can be changed by setting the value * of the {@code login.configuration.provider} security property to the fully * qualified name of the desired Configuration subclass implementation. * * <p> Application code can directly subclass Configuration to provide a custom * implementation. In addition, an instance of a Configuration object can be * constructed by invoking one of the {@code getInstance} factory methods * with a standard type. The default policy type is "JavaLoginConfig". * See the Configuration section in the <a href= * "{@docRoot}/../technotes/guides/security/StandardNames.html#Configuration"> * Java Cryptography Architecture Standard Algorithm Name Documentation</a> * for a list of standard Configuration types. * * @see javax.security.auth.login.LoginContext * @see java.security.Security security properties */
public abstract class Configuration { private static Configuration configuration; private final java.security.AccessControlContext acc = java.security.AccessController.getContext(); private static void checkPermission(String type) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(new AuthPermission ("createLoginConfiguration." + type)); } }
Sole constructor. (For invocation by subclass constructors, typically implicit.)
/** * Sole constructor. (For invocation by subclass constructors, typically * implicit.) */
protected Configuration() { }
Get the installed login Configuration.

Throws:
  • SecurityException – if the caller does not have permission to retrieve the Configuration.
See Also:
Returns:the login Configuration. If a Configuration object was set via the Configuration.setConfiguration method, then that object is returned. Otherwise, a default Configuration object is returned.
/** * Get the installed login Configuration. * * <p> * * @return the login Configuration. If a Configuration object was set * via the {@code Configuration.setConfiguration} method, * then that object is returned. Otherwise, a default * Configuration object is returned. * * @exception SecurityException if the caller does not have permission * to retrieve the Configuration. * * @see #setConfiguration */
public static Configuration getConfiguration() { SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(new AuthPermission("getLoginConfiguration")); synchronized (Configuration.class) { if (configuration == null) { String config_class = null; config_class = AccessController.doPrivileged (new PrivilegedAction<String>() { public String run() { return java.security.Security.getProperty ("login.configuration.provider"); } }); if (config_class == null) { config_class = "sun.security.provider.ConfigFile"; } try { final String finalClass = config_class; Configuration untrustedImpl = AccessController.doPrivileged( new PrivilegedExceptionAction<Configuration>() { public Configuration run() throws ClassNotFoundException, InstantiationException, IllegalAccessException { Class<? extends Configuration> implClass = Class.forName( finalClass, false, Thread.currentThread().getContextClassLoader() ).asSubclass(Configuration.class); return implClass.newInstance(); } }); AccessController.doPrivileged( new PrivilegedExceptionAction<Void>() { public Void run() { setConfiguration(untrustedImpl); return null; } }, Objects.requireNonNull(untrustedImpl.acc) ); } catch (PrivilegedActionException e) { Exception ee = e.getException(); if (ee instanceof InstantiationException) { throw (SecurityException) new SecurityException ("Configuration error:" + ee.getCause().getMessage() + "\n").initCause(ee.getCause()); } else { throw (SecurityException) new SecurityException ("Configuration error: " + ee.toString() + "\n").initCause(ee); } } } return configuration; } }
Set the login Configuration.

Params:
  • configuration – the new Configuration
Throws:
  • SecurityException – if the current thread does not have Permission to set the Configuration.
See Also:
/** * Set the login {@code Configuration}. * * <p> * * @param configuration the new {@code Configuration} * * @exception SecurityException if the current thread does not have * Permission to set the {@code Configuration}. * * @see #getConfiguration */
public static void setConfiguration(Configuration configuration) { SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(new AuthPermission("setLoginConfiguration")); Configuration.configuration = configuration; }
Returns a Configuration object of the specified type.

This method traverses the list of registered security providers, starting with the most preferred Provider. A new Configuration object encapsulating the ConfigurationSpi implementation from the first Provider that supports the specified type is returned.

Note that the list of registered providers may be retrieved via the Security.getProviders() method.

Params:
Throws:
See Also:
Returns:the new Configuration object.
Since:1.6
/** * Returns a Configuration object of the specified type. * * <p> This method traverses the list of registered security providers, * starting with the most preferred Provider. * A new Configuration object encapsulating the * ConfigurationSpi implementation from the first * Provider that supports the specified type is returned. * * <p> Note that the list of registered providers may be retrieved via * the {@link Security#getProviders() Security.getProviders()} method. * * @param type the specified Configuration type. See the Configuration * section in the <a href= * "{@docRoot}/../technotes/guides/security/StandardNames.html#Configuration"> * Java Cryptography Architecture Standard Algorithm Name * Documentation</a> for a list of standard Configuration types. * * @param params parameters for the Configuration, which may be null. * * @return the new Configuration object. * * @exception SecurityException if the caller does not have permission * to get a Configuration instance for the specified type. * * @exception NullPointerException if the specified type is null. * * @exception IllegalArgumentException if the specified parameters * are not understood by the ConfigurationSpi implementation * from the selected Provider. * * @exception NoSuchAlgorithmException if no Provider supports a * ConfigurationSpi implementation for the specified type. * * @see Provider * @since 1.6 */
public static Configuration getInstance(String type, Configuration.Parameters params) throws NoSuchAlgorithmException { checkPermission(type); try { GetInstance.Instance instance = GetInstance.getInstance ("Configuration", ConfigurationSpi.class, type, params); return new ConfigDelegate((ConfigurationSpi)instance.impl, instance.provider, type, params); } catch (NoSuchAlgorithmException nsae) { return handleException (nsae); } }
Returns a Configuration object of the specified type.

A new Configuration object encapsulating the ConfigurationSpi implementation from the specified provider is returned. The specified provider must be registered in the provider list.

Note that the list of registered providers may be retrieved via the Security.getProviders() method.

Params:
Throws:
  • SecurityException – if the caller does not have permission to get a Configuration instance for the specified type.
  • NullPointerException – if the specified type is null.
  • IllegalArgumentException – if the specified provider is null or empty, or if the specified parameters are not understood by the ConfigurationSpi implementation from the specified provider.
  • NoSuchProviderException – if the specified provider is not registered in the security provider list.
  • NoSuchAlgorithmException – if the specified provider does not support a ConfigurationSpi implementation for the specified type.
See Also:
Returns:the new Configuration object.
Since:1.6
/** * Returns a Configuration object of the specified type. * * <p> A new Configuration object encapsulating the * ConfigurationSpi implementation from the specified provider * is returned. The specified provider must be registered * in the provider list. * * <p> Note that the list of registered providers may be retrieved via * the {@link Security#getProviders() Security.getProviders()} method. * * @param type the specified Configuration type. See the Configuration * section in the <a href= * "{@docRoot}/../technotes/guides/security/StandardNames.html#Configuration"> * Java Cryptography Architecture Standard Algorithm Name * Documentation</a> for a list of standard Configuration types. * * @param params parameters for the Configuration, which may be null. * * @param provider the provider. * * @return the new Configuration object. * * @exception SecurityException if the caller does not have permission * to get a Configuration instance for the specified type. * * @exception NullPointerException if the specified type is null. * * @exception IllegalArgumentException if the specified provider * is null or empty, * or if the specified parameters are not understood by * the ConfigurationSpi implementation from the specified provider. * * @exception NoSuchProviderException if the specified provider is not * registered in the security provider list. * * @exception NoSuchAlgorithmException if the specified provider does not * support a ConfigurationSpi implementation for the specified * type. * * @see Provider * @since 1.6 */
public static Configuration getInstance(String type, Configuration.Parameters params, String provider) throws NoSuchProviderException, NoSuchAlgorithmException { if (provider == null || provider.length() == 0) { throw new IllegalArgumentException("missing provider"); } checkPermission(type); try { GetInstance.Instance instance = GetInstance.getInstance ("Configuration", ConfigurationSpi.class, type, params, provider); return new ConfigDelegate((ConfigurationSpi)instance.impl, instance.provider, type, params); } catch (NoSuchAlgorithmException nsae) { return handleException (nsae); } }
Returns a Configuration object of the specified type.

A new Configuration object encapsulating the ConfigurationSpi implementation from the specified Provider object is returned. Note that the specified Provider object does not have to be registered in the provider list.

Params:
Throws:
  • SecurityException – if the caller does not have permission to get a Configuration instance for the specified type.
  • NullPointerException – if the specified type is null.
  • IllegalArgumentException – if the specified Provider is null, or if the specified parameters are not understood by the ConfigurationSpi implementation from the specified Provider.
  • NoSuchAlgorithmException – if the specified Provider does not support a ConfigurationSpi implementation for the specified type.
See Also:
Returns:the new Configuration object.
Since:1.6
/** * Returns a Configuration object of the specified type. * * <p> A new Configuration object encapsulating the * ConfigurationSpi implementation from the specified Provider * object is returned. Note that the specified Provider object * does not have to be registered in the provider list. * * @param type the specified Configuration type. See the Configuration * section in the <a href= * "{@docRoot}/../technotes/guides/security/StandardNames.html#Configuration"> * Java Cryptography Architecture Standard Algorithm Name * Documentation</a> for a list of standard Configuration types. * * @param params parameters for the Configuration, which may be null. * * @param provider the Provider. * * @return the new Configuration object. * * @exception SecurityException if the caller does not have permission * to get a Configuration instance for the specified type. * * @exception NullPointerException if the specified type is null. * * @exception IllegalArgumentException if the specified Provider is null, * or if the specified parameters are not understood by * the ConfigurationSpi implementation from the specified Provider. * * @exception NoSuchAlgorithmException if the specified Provider does not * support a ConfigurationSpi implementation for the specified * type. * * @see Provider * @since 1.6 */
public static Configuration getInstance(String type, Configuration.Parameters params, Provider provider) throws NoSuchAlgorithmException { if (provider == null) { throw new IllegalArgumentException("missing provider"); } checkPermission(type); try { GetInstance.Instance instance = GetInstance.getInstance ("Configuration", ConfigurationSpi.class, type, params, provider); return new ConfigDelegate((ConfigurationSpi)instance.impl, instance.provider, type, params); } catch (NoSuchAlgorithmException nsae) { return handleException (nsae); } } private static Configuration handleException(NoSuchAlgorithmException nsae) throws NoSuchAlgorithmException { Throwable cause = nsae.getCause(); if (cause instanceof IllegalArgumentException) { throw (IllegalArgumentException)cause; } throw nsae; }
Return the Provider of this Configuration.

This Configuration instance will only have a Provider if it was obtained via a call to Configuration.getInstance. Otherwise this method returns null.

Returns:the Provider of this Configuration, or null.
Since:1.6
/** * Return the Provider of this Configuration. * * <p> This Configuration instance will only have a Provider if it * was obtained via a call to {@code Configuration.getInstance}. * Otherwise this method returns null. * * @return the Provider of this Configuration, or null. * * @since 1.6 */
public Provider getProvider() { return null; }
Return the type of this Configuration.

This Configuration instance will only have a type if it was obtained via a call to Configuration.getInstance. Otherwise this method returns null.

Returns:the type of this Configuration, or null.
Since:1.6
/** * Return the type of this Configuration. * * <p> This Configuration instance will only have a type if it * was obtained via a call to {@code Configuration.getInstance}. * Otherwise this method returns null. * * @return the type of this Configuration, or null. * * @since 1.6 */
public String getType() { return null; }
Return Configuration parameters.

This Configuration instance will only have parameters if it was obtained via a call to Configuration.getInstance. Otherwise this method returns null.

Returns:Configuration parameters, or null.
Since:1.6
/** * Return Configuration parameters. * * <p> This Configuration instance will only have parameters if it * was obtained via a call to {@code Configuration.getInstance}. * Otherwise this method returns null. * * @return Configuration parameters, or null. * * @since 1.6 */
public Configuration.Parameters getParameters() { return null; }
Retrieve the AppConfigurationEntries for the specified name from this Configuration.

Params:
  • name – the name used to index the Configuration.
Returns:an array of AppConfigurationEntries for the specified name from this Configuration, or null if there are no entries for the specified name
/** * Retrieve the AppConfigurationEntries for the specified <i>name</i> * from this Configuration. * * <p> * * @param name the name used to index the Configuration. * * @return an array of AppConfigurationEntries for the specified <i>name</i> * from this Configuration, or null if there are no entries * for the specified <i>name</i> */
public abstract AppConfigurationEntry[] getAppConfigurationEntry (String name);
Refresh and reload the Configuration.

This method causes this Configuration object to refresh/reload its contents in an implementation-dependent manner. For example, if this Configuration object stores its entries in a file, calling refresh may cause the file to be re-read.

The default implementation of this method does nothing. This method should be overridden if a refresh operation is supported by the implementation.

Throws:
  • SecurityException – if the caller does not have permission to refresh its Configuration.
/** * Refresh and reload the Configuration. * * <p> This method causes this Configuration object to refresh/reload its * contents in an implementation-dependent manner. * For example, if this Configuration object stores its entries in a file, * calling {@code refresh} may cause the file to be re-read. * * <p> The default implementation of this method does nothing. * This method should be overridden if a refresh operation is supported * by the implementation. * * @exception SecurityException if the caller does not have permission * to refresh its Configuration. */
public void refresh() { }
This subclass is returned by the getInstance calls. All Configuration calls are delegated to the underlying ConfigurationSpi.
/** * This subclass is returned by the getInstance calls. All Configuration * calls are delegated to the underlying ConfigurationSpi. */
private static class ConfigDelegate extends Configuration { private ConfigurationSpi spi; private Provider p; private String type; private Configuration.Parameters params; private ConfigDelegate(ConfigurationSpi spi, Provider p, String type, Configuration.Parameters params) { this.spi = spi; this.p = p; this.type = type; this.params = params; } public String getType() { return type; } public Configuration.Parameters getParameters() { return params; } public Provider getProvider() { return p; } public AppConfigurationEntry[] getAppConfigurationEntry(String name) { return spi.engineGetAppConfigurationEntry(name); } public void refresh() { spi.engineRefresh(); } }
This represents a marker interface for Configuration parameters.
Since:1.6
/** * This represents a marker interface for Configuration parameters. * * @since 1.6 */
public static interface Parameters { } }