List of usage examples for org.apache.shiro.mgt DefaultSubjectDAO setSessionStorageEvaluator
public void setSessionStorageEvaluator(SessionStorageEvaluator sessionStorageEvaluator)
From source file:com.aquenos.scm.ssh.auth.SessionlessSecurityManager.java
License:Open Source License
/** * Constructs a new session-less security manager. *///from w ww .j av a 2 s . c om public SessionlessSecurityManager() { super(); DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO(); DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator(); sessionStorageEvaluator.setSessionStorageEnabled(false); subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator); setSubjectDAO(subjectDAO); }
From source file:com.github.ibole.infrastructure.web.security.spring.shiro.config.ShiroConfig.java
License:Apache License
@Bean public DefaultWebSecurityManager setWebSecurityManager(DefaultWebSubjectFactory subjectFactory, SessionManager sessionManager) { Collection<Realm> realms = Lists.newArrayList(); realms.add(getFormRealm());/*from www . j a v a 2s. c o m*/ realms.add(getStatelessRealm()); DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO(); DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator(); sessionStorageEvaluator.setSessionStorageEnabled(false); subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator); DefaultWebSecurityManager dwsm = new DefaultWebSecurityManager(); dwsm.setRealms(realms); dwsm.setSubjectFactory(subjectFactory); dwsm.setSubjectDAO(subjectDAO); //dwsm.setCacheManager(getEhCacheManager()); dwsm.setSessionManager(sessionManager); return dwsm; }
From source file:io.bootique.shiro.ShiroModule.java
License:Apache License
@Provides @Singleton/*from ww w . j a va2s. c o m*/ SubjectDAO provideSubjectDAO(SessionStorageEvaluator sessionStorageEvaluator) { DefaultSubjectDAO dao = new DefaultSubjectDAO(); dao.setSessionStorageEvaluator(sessionStorageEvaluator); return dao; }
From source file:lib.Global.java
License:Open Source License
@Override public void onStart(Application app) { log.info("Graylog web interface version {} starting up.", Version.VERSION); final String appSecret = app.configuration().getString("application.secret"); if (appSecret == null || appSecret.isEmpty()) { log.error("Please configure application.secret in your conf/graylog-web-interface.conf"); throw new IllegalStateException("No application.secret configured."); }//from w w w .ja va 2 s .c o m if (appSecret.length() < 16) { log.error( "Please configure application.secret in your conf/graylog-web-interface.conf to be longer than 16 characters. Suggested is using pwgen -N 1 -s 96 or similar"); throw new IllegalStateException( "application.secret is too short, use at least 16 characters! Suggested is to use pwgen -N 1 -s 96 or similar"); } final String graylog2ServerUris = app.configuration().getString("graylog2-server.uris", ""); if (graylog2ServerUris.isEmpty()) { log.error("graylog2-server.uris is not set!"); throw new IllegalStateException("graylog2-server.uris is empty"); } final String[] uris = graylog2ServerUris.split(","); if (uris.length == 0) { log.error("graylog2-server.uris is empty!"); throw new IllegalStateException("graylog2-server.uris is empty"); } final URI[] initialNodes = new URI[uris.length]; int i = 0; for (String uri : uris) { try { initialNodes[i++] = new URI(uri); } catch (URISyntaxException e) { log.error("Invalid URI in 'graylog2-server.uris': " + uri, e); } } final String timezone = app.configuration().getString("timezone", ""); if (!timezone.isEmpty()) { try { DateTools.setApplicationTimeZone(DateTimeZone.forID(timezone)); } catch (IllegalArgumentException e) { log.error("Invalid timezone {} specified!", timezone); throw new IllegalStateException(e); } } log.info("Using application default timezone {}", DateTools.getApplicationTimeZone()); // Dirty hack to disable the play2-graylog2 AccessLog if the plugin isn't there gelfAccessLog = app.configuration().getBoolean("graylog2.appender.send-access-log", false); final ObjectMapper objectMapper = buildObjectMapper(); Json.setObjectMapper(objectMapper); final List<Module> modules = Lists.newArrayList(); modules.add(new AbstractModule() { @Override protected void configure() { bind(URI[].class).annotatedWith(Names.named("Initial Nodes")).toInstance(initialNodes); bind(Long.class).annotatedWith(Names.named("Default Timeout")) .toInstance(org.graylog2.restclient.lib.Configuration.apiTimeout("DEFAULT")); bind(ObjectMapper.class).toInstance(objectMapper); } }); modules.add(new ModelFactoryModule()); injector = Guice.createInjector(modules); // start the services that need starting final ApiClient api = injector.getInstance(ApiClient.class); api.start(); injector.getInstance(ServerNodesRefreshService.class).start(); // TODO replace with custom AuthenticatedAction filter RedirectAuthenticator.userService = injector.getInstance(UserService.class); RedirectAuthenticator.sessionService = injector.getInstance(SessionService.class); // temporarily disabled for preview to prevent confusion. // LocalAdminUserRealm localAdminRealm = new LocalAdminUserRealm("local-accounts"); // localAdminRealm.setCredentialsMatcher(new HashedCredentialsMatcher("SHA2")); // setupLocalUser(api, localAdminRealm, app); Realm serverRestInterfaceRealm = injector.getInstance(ServerRestInterfaceRealm.class); final DefaultSecurityManager securityManager = new DefaultSecurityManager( Lists.newArrayList(serverRestInterfaceRealm)); // disable storing sessions (TODO we might want to write a session store bridge to play's session cookie) final DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator(); sessionStorageEvaluator.setSessionStorageEnabled(false); final DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO(); subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator); securityManager.setSubjectDAO(subjectDAO); final Authenticator authenticator = securityManager.getAuthenticator(); if (authenticator instanceof ModularRealmAuthenticator) { ModularRealmAuthenticator a = (ModularRealmAuthenticator) authenticator; a.setAuthenticationStrategy(new RethrowingFirstSuccessfulStrategy()); a.setAuthenticationListeners( Lists.<AuthenticationListener>newArrayList(new PlayAuthenticationListener())); } SecurityUtils.setSecurityManager(securityManager); }
From source file:org.graylog2.bindings.providers.DefaultSecurityManagerProvider.java
License:Open Source License
@Inject public DefaultSecurityManagerProvider(MongoDbSessionDAO mongoDbSessionDAO, PasswordAuthenticator passwordAuthenticator, MongoDbAuthorizationRealm mongoDbAuthorizationRealm, LdapUserAuthenticator ldapUserAuthenticator, SessionAuthenticator sessionAuthenticator, AccessTokenAuthenticator accessTokenAuthenticator, Configuration configuration) { final GraylogSimpleAccountRealm inMemoryRealm = new GraylogSimpleAccountRealm(); inMemoryRealm.setCachingEnabled(false); inMemoryRealm.addRootAccount(configuration.getRootUsername(), configuration.getRootPasswordSha2()); inMemoryRealm.setCredentialsMatcher(new HashedCredentialsMatcher("SHA-256")); passwordAuthenticator.setCachingEnabled(false); passwordAuthenticator.setCredentialsMatcher(new HashedCredentialsMatcher("SHA-1")); mongoDbAuthorizationRealm.setCachingEnabled(false); ldapUserAuthenticator.setCachingEnabled(false); sessionAuthenticator.setCachingEnabled(false); accessTokenAuthenticator.setCachingEnabled(false); sm = new DefaultSecurityManager(Lists.<Realm>newArrayList(sessionAuthenticator, accessTokenAuthenticator, ldapUserAuthenticator, passwordAuthenticator, inMemoryRealm)); final Authenticator authenticator = sm.getAuthenticator(); if (authenticator instanceof ModularRealmAuthenticator) { ((ModularRealmAuthenticator) authenticator).setAuthenticationStrategy(new FirstSuccessfulStrategy()); }//from ww w. j a v a 2 s. c o m sm.setAuthorizer( new ModularRealmAuthorizer(Lists.<Realm>newArrayList(mongoDbAuthorizationRealm, inMemoryRealm))); final DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO(); final DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator() { @Override public boolean isSessionStorageEnabled(Subject subject) { // save to session if we already have a session. do not create on just for saving the subject return (subject.getSession(false) != null); } }; sessionStorageEvaluator.setSessionStorageEnabled(false); subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator); sm.setSubjectDAO(subjectDAO); final DefaultSessionManager defaultSessionManager = (DefaultSessionManager) sm.getSessionManager(); defaultSessionManager.setSessionDAO(mongoDbSessionDAO); defaultSessionManager.setDeleteInvalidSessions(true); defaultSessionManager.setCacheManager(new MemoryConstrainedCacheManager()); // DO NOT USE global session timeout!!! It's fucky. //defaultSessionManager.setGlobalSessionTimeout(TimeUnit.SECONDS.toMillis(5)); SecurityUtils.setSecurityManager(sm); }