List of usage examples for org.apache.shiro.mgt DefaultSessionStorageEvaluator setSessionStorageEnabled
public void setSessionStorageEnabled(boolean sessionStorageEnabled)
From source file:Global.java
License:Open Source License
public static void initialize() { SampleRealm sampleRealm = new SampleRealm(); sampleRealm.ini();//from w w w.j a va 2 s . c o m Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini"); DefaultSecurityManager securityManager = (DefaultSecurityManager) factory.getInstance(); //DefaultSecurityManager securityManager = new DefaultSecurityManager(); //securityManager.setRealm(sampleRealm); /*try { PropertyUtils.getNestedProperty(securityManager, "-1"); } catch (IllegalAccessException e) { e.printStackTrace(); } catch (InvocationTargetException e) { e.printStackTrace(); } catch (NoSuchMethodException e) { e.printStackTrace(); }*/ // Turn off session storage for better "stateless" management. // https://shiro.apache.org/session-management.html#SessionManagement-StatelessApplications%2528Sessionless%2529 DefaultSubjectDAO subjectDAO = (DefaultSubjectDAO) securityManager.getSubjectDAO(); DefaultSessionStorageEvaluator sessionStorageEvaluator = (DefaultSessionStorageEvaluator) subjectDAO .getSessionStorageEvaluator(); sessionStorageEvaluator.setSessionStorageEnabled(false); //securityManager.setCacheManager(new PlayShiroCache()); //securityManager.setCacheManager(org.apache.shir/o org.apache.shiro.SecurityUtils.setSecurityManager(securityManager); }
From source file:com.aquenos.scm.ssh.auth.SessionlessSecurityManager.java
License:Open Source License
/** * Constructs a new session-less security manager. *//*from w ww . j a va 2s . com*/ public SessionlessSecurityManager() { super(); DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO(); DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator(); sessionStorageEvaluator.setSessionStorageEnabled(false); subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator); setSubjectDAO(subjectDAO); }
From source file:com.github.ibole.infrastructure.web.security.spring.shiro.config.ShiroConfig.java
License:Apache License
@Bean public DefaultWebSecurityManager setWebSecurityManager(DefaultWebSubjectFactory subjectFactory, SessionManager sessionManager) { Collection<Realm> realms = Lists.newArrayList(); realms.add(getFormRealm());//from w w w. ja va 2 s . co m realms.add(getStatelessRealm()); DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO(); DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator(); sessionStorageEvaluator.setSessionStorageEnabled(false); subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator); DefaultWebSecurityManager dwsm = new DefaultWebSecurityManager(); dwsm.setRealms(realms); dwsm.setSubjectFactory(subjectFactory); dwsm.setSubjectDAO(subjectDAO); //dwsm.setCacheManager(getEhCacheManager()); dwsm.setSessionManager(sessionManager); return dwsm; }
From source file:lib.Global.java
License:Open Source License
@Override public void onStart(Application app) { log.info("Graylog web interface version {} starting up.", Version.VERSION); final String appSecret = app.configuration().getString("application.secret"); if (appSecret == null || appSecret.isEmpty()) { log.error("Please configure application.secret in your conf/graylog-web-interface.conf"); throw new IllegalStateException("No application.secret configured."); }//from ww w.ja v a 2 s . c om if (appSecret.length() < 16) { log.error( "Please configure application.secret in your conf/graylog-web-interface.conf to be longer than 16 characters. Suggested is using pwgen -N 1 -s 96 or similar"); throw new IllegalStateException( "application.secret is too short, use at least 16 characters! Suggested is to use pwgen -N 1 -s 96 or similar"); } final String graylog2ServerUris = app.configuration().getString("graylog2-server.uris", ""); if (graylog2ServerUris.isEmpty()) { log.error("graylog2-server.uris is not set!"); throw new IllegalStateException("graylog2-server.uris is empty"); } final String[] uris = graylog2ServerUris.split(","); if (uris.length == 0) { log.error("graylog2-server.uris is empty!"); throw new IllegalStateException("graylog2-server.uris is empty"); } final URI[] initialNodes = new URI[uris.length]; int i = 0; for (String uri : uris) { try { initialNodes[i++] = new URI(uri); } catch (URISyntaxException e) { log.error("Invalid URI in 'graylog2-server.uris': " + uri, e); } } final String timezone = app.configuration().getString("timezone", ""); if (!timezone.isEmpty()) { try { DateTools.setApplicationTimeZone(DateTimeZone.forID(timezone)); } catch (IllegalArgumentException e) { log.error("Invalid timezone {} specified!", timezone); throw new IllegalStateException(e); } } log.info("Using application default timezone {}", DateTools.getApplicationTimeZone()); // Dirty hack to disable the play2-graylog2 AccessLog if the plugin isn't there gelfAccessLog = app.configuration().getBoolean("graylog2.appender.send-access-log", false); final ObjectMapper objectMapper = buildObjectMapper(); Json.setObjectMapper(objectMapper); final List<Module> modules = Lists.newArrayList(); modules.add(new AbstractModule() { @Override protected void configure() { bind(URI[].class).annotatedWith(Names.named("Initial Nodes")).toInstance(initialNodes); bind(Long.class).annotatedWith(Names.named("Default Timeout")) .toInstance(org.graylog2.restclient.lib.Configuration.apiTimeout("DEFAULT")); bind(ObjectMapper.class).toInstance(objectMapper); } }); modules.add(new ModelFactoryModule()); injector = Guice.createInjector(modules); // start the services that need starting final ApiClient api = injector.getInstance(ApiClient.class); api.start(); injector.getInstance(ServerNodesRefreshService.class).start(); // TODO replace with custom AuthenticatedAction filter RedirectAuthenticator.userService = injector.getInstance(UserService.class); RedirectAuthenticator.sessionService = injector.getInstance(SessionService.class); // temporarily disabled for preview to prevent confusion. // LocalAdminUserRealm localAdminRealm = new LocalAdminUserRealm("local-accounts"); // localAdminRealm.setCredentialsMatcher(new HashedCredentialsMatcher("SHA2")); // setupLocalUser(api, localAdminRealm, app); Realm serverRestInterfaceRealm = injector.getInstance(ServerRestInterfaceRealm.class); final DefaultSecurityManager securityManager = new DefaultSecurityManager( Lists.newArrayList(serverRestInterfaceRealm)); // disable storing sessions (TODO we might want to write a session store bridge to play's session cookie) final DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator(); sessionStorageEvaluator.setSessionStorageEnabled(false); final DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO(); subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator); securityManager.setSubjectDAO(subjectDAO); final Authenticator authenticator = securityManager.getAuthenticator(); if (authenticator instanceof ModularRealmAuthenticator) { ModularRealmAuthenticator a = (ModularRealmAuthenticator) authenticator; a.setAuthenticationStrategy(new RethrowingFirstSuccessfulStrategy()); a.setAuthenticationListeners( Lists.<AuthenticationListener>newArrayList(new PlayAuthenticationListener())); } SecurityUtils.setSecurityManager(securityManager); }
From source file:org.apache.activemq.shiro.mgt.DefaultActiveMqSecurityManager.java
License:Apache License
public DefaultActiveMqSecurityManager() { super();/*from ww w . j ava2 s. c o m*/ //disable sessions entirely: setSessionManager(new DisabledSessionManager()); //also prevent the SecurityManager impl from using the Session as a storage medium (i.e. after authc): DefaultSubjectDAO subjectDao = (DefaultSubjectDAO) getSubjectDAO(); DefaultSessionStorageEvaluator sessionStorageEvaluator = (DefaultSessionStorageEvaluator) subjectDao .getSessionStorageEvaluator(); sessionStorageEvaluator.setSessionStorageEnabled(false); }
From source file:org.graylog2.bindings.providers.DefaultSecurityManagerProvider.java
License:Open Source License
@Inject public DefaultSecurityManagerProvider(MongoDbSessionDAO mongoDbSessionDAO, PasswordAuthenticator passwordAuthenticator, MongoDbAuthorizationRealm mongoDbAuthorizationRealm, LdapUserAuthenticator ldapUserAuthenticator, SessionAuthenticator sessionAuthenticator, AccessTokenAuthenticator accessTokenAuthenticator, Configuration configuration) { final GraylogSimpleAccountRealm inMemoryRealm = new GraylogSimpleAccountRealm(); inMemoryRealm.setCachingEnabled(false); inMemoryRealm.addRootAccount(configuration.getRootUsername(), configuration.getRootPasswordSha2()); inMemoryRealm.setCredentialsMatcher(new HashedCredentialsMatcher("SHA-256")); passwordAuthenticator.setCachingEnabled(false); passwordAuthenticator.setCredentialsMatcher(new HashedCredentialsMatcher("SHA-1")); mongoDbAuthorizationRealm.setCachingEnabled(false); ldapUserAuthenticator.setCachingEnabled(false); sessionAuthenticator.setCachingEnabled(false); accessTokenAuthenticator.setCachingEnabled(false); sm = new DefaultSecurityManager(Lists.<Realm>newArrayList(sessionAuthenticator, accessTokenAuthenticator, ldapUserAuthenticator, passwordAuthenticator, inMemoryRealm)); final Authenticator authenticator = sm.getAuthenticator(); if (authenticator instanceof ModularRealmAuthenticator) { ((ModularRealmAuthenticator) authenticator).setAuthenticationStrategy(new FirstSuccessfulStrategy()); }// w w w .ja v a 2 s .c o m sm.setAuthorizer( new ModularRealmAuthorizer(Lists.<Realm>newArrayList(mongoDbAuthorizationRealm, inMemoryRealm))); final DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO(); final DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator() { @Override public boolean isSessionStorageEnabled(Subject subject) { // save to session if we already have a session. do not create on just for saving the subject return (subject.getSession(false) != null); } }; sessionStorageEvaluator.setSessionStorageEnabled(false); subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator); sm.setSubjectDAO(subjectDAO); final DefaultSessionManager defaultSessionManager = (DefaultSessionManager) sm.getSessionManager(); defaultSessionManager.setSessionDAO(mongoDbSessionDAO); defaultSessionManager.setDeleteInvalidSessions(true); defaultSessionManager.setCacheManager(new MemoryConstrainedCacheManager()); // DO NOT USE global session timeout!!! It's fucky. //defaultSessionManager.setGlobalSessionTimeout(TimeUnit.SECONDS.toMillis(5)); SecurityUtils.setSecurityManager(sm); }
From source file:org.ms123.common.permission.PermissionServiceImpl.java
License:Open Source License
private DefaultSecurityManager createSecurityManager(Realm realm) { DefaultSecurityManager sm = new DefaultSecurityManager(realm); DefaultSubjectDAO dao = (DefaultSubjectDAO) sm.getSubjectDAO(); DefaultSessionStorageEvaluator ev = (DefaultSessionStorageEvaluator) dao.getSessionStorageEvaluator(); ev.setSessionStorageEnabled(false); return sm;/*w w w. ja v a2 s .co m*/ }