List of usage examples for org.apache.shiro.authz SimpleAuthorizationInfo SimpleAuthorizationInfo
public SimpleAuthorizationInfo(Set<String> roles)
From source file:aaa.realms.MySQLRealm.java
License:Apache License
/** * This implementation of the interface expects the principals collection to return a String username keyed off of * this realm's {@link #getName() name}//from w ww . jav a 2s. c o m * * @see #getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection) */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { //null usernames are invalid if (principals == null) { throw new AuthorizationException("PrincipalCollection method argument cannot be null."); } String username = (String) getAvailablePrincipal(principals); Connection conn = null; Set<String> roleNames = null; Set<String> permissions = null; try { conn = dataSource.getConnection(); // Retrieve roles and permissions from database roleNames = getRoleNamesForUser(conn, username); if (permissionsLookupEnabled) { permissions = getPermissions(conn, username); } } catch (SQLException e) { final String message = "There was a SQL error while authorizing user [" + username + "]"; if (log.isErrorEnabled()) { log.error(message, e); } // Rethrow any SQL errors as an authorization exception throw new AuthorizationException(message, e); } finally { JdbcUtils.closeConnection(conn); } SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames); info.setStringPermissions(permissions); return info; }
From source file:biz.neustar.nexus.plugins.gitlab.GitlabAuthenticatingRealm.java
License:Open Source License
@Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { // only authorize users from this realm if (principals.getRealmNames().contains(this.getName())) { GitlabUser user = (GitlabUser) principals.getPrimaryPrincipal(); LOGGER.debug(GITLAB_MSG + "authorizing {}", user.getUsername()); Set<String> groups = gitlab.getGitlabPluginConfiguration().getDefaultRoles(); if (user.isActive()) { groups.addAll(gitlab.getGitlabPluginConfiguration().getAdminRoles()); }// w w w. j a va 2 s . c o m if (LOGGER.isDebugEnabled()) { LOGGER.debug(GITLAB_MSG + "User: " + user.getUsername() + " gitlab authorization to groups: " + StringUtils.join(groups.iterator(), ", ")); } return new SimpleAuthorizationInfo(groups); } return null; }
From source file:br.com.betsportclub.controller.security.SecurityRealm.java
License:Apache License
/** * This implementation of the interface expects the principals collection to return a String username keyed off of * this realm's {@link #getName() name}/* w w w. ja va 2s. c o m*/ * * @see #getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection) */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { //null usernames are invalid if (principals == null) { throw new AuthorizationException("PrincipalCollection method argument cannot be null."); } String username = (String) getAvailablePrincipal(principals); Connection conn = null; Set<String> roleNames = null; Set<String> permissions = null; try { conn = dataSource.getConnection(); // Retrieve roles and permissions from database roleNames = getRoleNamesForUser(conn, username); if (permissionsLookupEnabled) { permissions = getPermissions(conn, username, roleNames); } } catch (SQLException e) { final String message = "There was a SQL error while authorizing user [" + username + "]"; if (log.isErrorEnabled()) { log.error(message, e); } // Rethrow any SQL errors as an authorization exception throw new AuthorizationException(message, e); } finally { JdbcUtils.closeConnection(conn); } SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames); info.setStringPermissions(permissions); return info; }
From source file:br.com.criativasoft.opendevice.restapi.auth.AbstractAuthorizingRealm.java
License:Open Source License
@Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { if (principals.isEmpty()) throw new AuthorizationException("Empty principals list!"); AccountPrincipal principal = (AccountPrincipal) principals.getPrimaryPrincipal(); Set<String> roles = new HashSet(Arrays.asList(principal.getType().name())); if (principal.getType() == AccountType.CLOUD_MANAGER) roles.add(AccountType.ROLES.ACCOUNT_MANAGER); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roles); return info;/*from w w w. j a va 2 s . c o m*/ }
From source file:com.charmyin.shiro.realm.jdbc.CustomJdbcRealm.java
License:Apache License
/** * This implementation of the interface expects the principals collection to return a String username keyed off of * this realm's {@link #getName() name}/*from w ww . j ava2 s .com*/ * * @see #getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection) */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { //null usernames are invalid if (principals == null) { throw new AuthorizationException("PrincipalCollection method argument cannot be null."); } String username = (String) getAvailablePrincipal(principals); Connection conn = null; Set<String> roleNames = null; Set<String> permissions = null; try { conn = dataSource.getConnection(); // Retrieve roles and permissions from database roleNames = getRoleNamesForUser(conn, username); if (permissionsLookupEnabled) { permissions = getPermissions(conn, username, roleNames); } } catch (SQLException e) { final String message = "There was a SQL error while authorizing user [" + username + "]"; if (log.isErrorEnabled()) { log.error(message, e); } // Rethrow any SQL errors as an authorization exception throw new AuthorizationException(message, e); } finally { JdbcUtils.closeConnection(conn); } SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames); info.setStringPermissions(permissions); return info; }
From source file:com.charmyin.shiro.realm.jdbc.JMongodbRealm.java
License:Apache License
/** * This implementation of the interface expects the principals collection to return a String username keyed off of * this realm's {@link #getName() name}// w ww .j a v a2 s. com * * @see #getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection) */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { //null usernames are invalid if (principals == null) { throw new AuthorizationException("PrincipalCollection method argument cannot be null."); } String username = (String) getAvailablePrincipal(principals); Connection conn = null; Set<String> roleNames = null; Set<String> permissions = null; /* try { conn = dataSource.getConnection(); // Retrieve roles and permissions from database roleNames = getRoleNamesForUser(conn, username); if (permissionsLookupEnabled) { permissions = getPermissions(conn, username, roleNames); } } catch (SQLException e) { final String message = "There was a SQL error while authorizing user [" + username + "]"; if (log.isErrorEnabled()) { log.error(message, e); } // Rethrow any SQL errors as an authorization exception throw new AuthorizationException(message, e); } finally { JdbcUtils.closeConnection(conn); }*/ SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames); info.setStringPermissions(permissions); return info; }
From source file:com.cssnb.commons.shiro.MyJdbcRealm.java
License:Apache License
/** * This implementation of the interface expects the principals collection to return a String username keyed off of * this realm's {@link #getName() name}/* w ww.ja va 2 s. c om*/ * * @see #getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection) */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { //null usernames are invalid if (principals == null) { throw new AuthorizationException("PrincipalCollection method argument cannot be null."); } //String username = (String) getAvailablePrincipal(principals); ShiroUser shiroUser = (ShiroUser) getAvailablePrincipal(principals); String username = shiroUser.getLoginName(); Connection conn = null; Set<String> roleNames = null; Set<String> permissions = null; try { conn = dataSource.getConnection(); // Retrieve roles and permissions from database roleNames = getRoleNamesForUser(conn, username); if (permissionsLookupEnabled) { permissions = getPermissions(conn, username, roleNames); } } catch (SQLException e) { final String message = "There was a SQL error while authorizing user [" + username + "]"; if (log.isErrorEnabled()) { log.error(message, e); } // Rethrow any SQL errors as an authorization exception throw new AuthorizationException(message, e); } finally { JdbcUtils.closeConnection(conn); } SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames); info.setStringPermissions(permissions); return info; }
From source file:com.doadway.glodmine.core.security.UserRealm.java
License:Apache License
/** * ?, ???.//from ww w . j ava 2s. com */ protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { /* ?? */ Set<String> roleNames = new HashSet<String>(); Set<String> permissions = new HashSet<String>(); roleNames.add("member"); permissions.add("login.do?main"); permissions.add("login.do?logout"); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames); info.setStringPermissions(permissions); return info; }
From source file:com.github.pires.example.shiro.OrientDbRealm.java
License:Apache License
@Override protected AuthorizationInfo doGetAuthorizationInfo(final PrincipalCollection principals) { // retrieve role names and permission names final String email = (String) principals.getPrimaryPrincipal(); final User user = userRepository.findByEmailAndActive(email, true); if (user == null) { throw new UnknownAccountException("Account does not exist"); }/* ww w . j a va 2 s . co m*/ final int totalRoles = user.getRoles().size(); final Set<String> roleNames = new LinkedHashSet<>(totalRoles); final Set<String> permissionNames = new LinkedHashSet<>(); if (totalRoles > 0) { for (Role role : user.getRoles()) { roleNames.add(role.getName()); for (Permission permission : role.getPermissions()) { permissionNames.add(permission.getName()); } } } final SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames); info.setStringPermissions(permissionNames); return info; }
From source file:com.glaf.shiro.SystemRealm.java
License:Apache License
@Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { logger.debug("----------------doGetAuthorizationInfo-----------------"); if (principals == null) { throw new AuthorizationException("PrincipalCollection method argument cannot be null."); }//from w w w. java 2 s .c o m String actorId = (String) getAvailablePrincipal(principals); Set<String> roles = new HashSet<String>(); Set<String> perms = new HashSet<String>(); if (actorId != null) { LoginContext loginContext = IdentityFactory.getLoginContext(actorId); if (loginContext.isSystemAdministrator()) { perms.add("SystemAdministrator"); roles.add("SystemAdministrator"); } Collection<String> roleIds = loginContext.getRoles(); if (roleIds != null && !roleIds.isEmpty()) { for (String roleId : roleIds) { if (StringUtils.isNotEmpty(roleId)) { if (!StringUtils.contains(roleId, ":")) { roles.add(roleId); } perms.add(roleId); } } } Collection<String> permissions = loginContext.getPermissions(); if (permissions != null && !permissions.isEmpty()) { for (String p : permissions) { if (StringUtils.isNotEmpty(p)) { if (!StringUtils.contains(p, ":")) { roles.add(p); } perms.add(p); } } } permissions = loginContext.getFunctions(); if (permissions != null && !permissions.isEmpty()) { for (String p : permissions) { if (StringUtils.isNotEmpty(p)) { perms.add(p); } } } } logger.info("-----------------------@shiro@--------------------"); logger.info("shiro roles:{" + roles + "}"); logger.info("shiro perms:{" + perms + "}"); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roles); info.setStringPermissions(perms); return info; }