List of usage examples for org.apache.shiro.authc.pam ModularRealmAuthenticator setAuthenticationStrategy
public void setAuthenticationStrategy(AuthenticationStrategy authenticationStrategy)
From source file:com.yea.shiro.mgt.ShiroSecurityManager.java
License:Apache License
public ShiroSecurityManager() { super();//from w ww . j a v a2 s.com // authenticator ModularRealmAuthenticator authenticator = new ModularRealmAuthenticator(); authenticator.setAuthenticationStrategy(new AtLeastOneSuccessfulStrategy()); setAuthenticator(authenticator); // authorizer ModularRealmAuthorizer authorizer = new ModularRealmAuthorizer(); authorizer.setPermissionResolver(new WildcardPermissionResolver()); setAuthorizer(authorizer); // ?Matcher credentialsMatcher = new RetryLimitHashedCredentialsMatcher(); credentialsMatcher.setHashAlgorithmName(EncrytPassword.PASSWORD_HASH); credentialsMatcher.setHashIterations(EncrytPassword.HASH_ITERATIONS); credentialsMatcher.setStoredCredentialsHexEncoded(true); }
From source file:com.yea.shiro.web.mgt.WebSecurityManager.java
License:Apache License
public WebSecurityManager() { super();/*from ww w . ja v a 2 s.c o m*/ // authenticator ModularRealmAuthenticator authenticator = new ModularRealmAuthenticator(); authenticator.setAuthenticationStrategy(new AtLeastOneSuccessfulStrategy()); setAuthenticator(authenticator); // authorizer ModularRealmAuthorizer authorizer = new ModularRealmAuthorizer(); authorizer.setPermissionResolver(new WildcardPermissionResolver()); setAuthorizer(authorizer); // ?Matcher credentialsMatcher = new RetryLimitHashedCredentialsMatcher(); credentialsMatcher.setHashAlgorithmName(EncrytPassword.PASSWORD_HASH); credentialsMatcher.setHashIterations(EncrytPassword.HASH_ITERATIONS); credentialsMatcher.setStoredCredentialsHexEncoded(true); }
From source file:lib.Global.java
License:Open Source License
@Override public void onStart(Application app) { log.info("Graylog web interface version {} starting up.", Version.VERSION); final String appSecret = app.configuration().getString("application.secret"); if (appSecret == null || appSecret.isEmpty()) { log.error("Please configure application.secret in your conf/graylog-web-interface.conf"); throw new IllegalStateException("No application.secret configured."); }// w w w.j a v a 2 s .c o m if (appSecret.length() < 16) { log.error( "Please configure application.secret in your conf/graylog-web-interface.conf to be longer than 16 characters. Suggested is using pwgen -N 1 -s 96 or similar"); throw new IllegalStateException( "application.secret is too short, use at least 16 characters! Suggested is to use pwgen -N 1 -s 96 or similar"); } final String graylog2ServerUris = app.configuration().getString("graylog2-server.uris", ""); if (graylog2ServerUris.isEmpty()) { log.error("graylog2-server.uris is not set!"); throw new IllegalStateException("graylog2-server.uris is empty"); } final String[] uris = graylog2ServerUris.split(","); if (uris.length == 0) { log.error("graylog2-server.uris is empty!"); throw new IllegalStateException("graylog2-server.uris is empty"); } final URI[] initialNodes = new URI[uris.length]; int i = 0; for (String uri : uris) { try { initialNodes[i++] = new URI(uri); } catch (URISyntaxException e) { log.error("Invalid URI in 'graylog2-server.uris': " + uri, e); } } final String timezone = app.configuration().getString("timezone", ""); if (!timezone.isEmpty()) { try { DateTools.setApplicationTimeZone(DateTimeZone.forID(timezone)); } catch (IllegalArgumentException e) { log.error("Invalid timezone {} specified!", timezone); throw new IllegalStateException(e); } } log.info("Using application default timezone {}", DateTools.getApplicationTimeZone()); // Dirty hack to disable the play2-graylog2 AccessLog if the plugin isn't there gelfAccessLog = app.configuration().getBoolean("graylog2.appender.send-access-log", false); final ObjectMapper objectMapper = buildObjectMapper(); Json.setObjectMapper(objectMapper); final List<Module> modules = Lists.newArrayList(); modules.add(new AbstractModule() { @Override protected void configure() { bind(URI[].class).annotatedWith(Names.named("Initial Nodes")).toInstance(initialNodes); bind(Long.class).annotatedWith(Names.named("Default Timeout")) .toInstance(org.graylog2.restclient.lib.Configuration.apiTimeout("DEFAULT")); bind(ObjectMapper.class).toInstance(objectMapper); } }); modules.add(new ModelFactoryModule()); injector = Guice.createInjector(modules); // start the services that need starting final ApiClient api = injector.getInstance(ApiClient.class); api.start(); injector.getInstance(ServerNodesRefreshService.class).start(); // TODO replace with custom AuthenticatedAction filter RedirectAuthenticator.userService = injector.getInstance(UserService.class); RedirectAuthenticator.sessionService = injector.getInstance(SessionService.class); // temporarily disabled for preview to prevent confusion. // LocalAdminUserRealm localAdminRealm = new LocalAdminUserRealm("local-accounts"); // localAdminRealm.setCredentialsMatcher(new HashedCredentialsMatcher("SHA2")); // setupLocalUser(api, localAdminRealm, app); Realm serverRestInterfaceRealm = injector.getInstance(ServerRestInterfaceRealm.class); final DefaultSecurityManager securityManager = new DefaultSecurityManager( Lists.newArrayList(serverRestInterfaceRealm)); // disable storing sessions (TODO we might want to write a session store bridge to play's session cookie) final DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator(); sessionStorageEvaluator.setSessionStorageEnabled(false); final DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO(); subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator); securityManager.setSubjectDAO(subjectDAO); final Authenticator authenticator = securityManager.getAuthenticator(); if (authenticator instanceof ModularRealmAuthenticator) { ModularRealmAuthenticator a = (ModularRealmAuthenticator) authenticator; a.setAuthenticationStrategy(new RethrowingFirstSuccessfulStrategy()); a.setAuthenticationListeners( Lists.<AuthenticationListener>newArrayList(new PlayAuthenticationListener())); } SecurityUtils.setSecurityManager(securityManager); }
From source file:org.owasp.dependencytrack.config.SecurityConfiguration.java
License:Open Source License
@Bean
DefaultWebSecurityManager securityManager(DataSource dataSource) {
DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
Realm realm = jdbcRealm(dataSource);
defaultWebSecurityManager.setRealm(realm);
defaultWebSecurityManager.setCacheManager(cacheManager());
ModularRealmAuthenticator authenticator = new ModularRealmAuthenticator();
authenticator.setRealms(Arrays.asList(realm));
authenticator.setAuthenticationStrategy(firstSuccessfulStrategy());
defaultWebSecurityManager.setAuthenticator(authenticator);
defaultWebSecurityManager.setAuthorizer(authorizer(dataSource, realm));
return defaultWebSecurityManager;
}