List of usage examples for org.apache.shiro SecurityUtils getSecurityManager
public static SecurityManager getSecurityManager() throws UnavailableSecurityManagerException
From source file:org.apache.usergrid.security.CustomResolverTest.java
License:Apache License
@Test public void userMeSubstitution() { User fakeUser = new User(); fakeUser.setUuid(UUIDUtils.newTimeUUID()); fakeUser.setUsername("testusername"); UUID appId = UUIDUtils.newTimeUUID(); UserInfo info = new UserInfo(appId, fakeUser.getProperties()); ApplicationUserPrincipal principal = new ApplicationUserPrincipal(appId, info); Subject subject = new Subject.Builder(SecurityUtils.getSecurityManager()) .principals(new SimplePrincipalCollection(principal, "usergrid")).buildSubject(); setSubject(subject);//from w w w .jav a 2 s . co m testImplies(true, "/users/mefake@usergrid.org/**", "/users/mefake@usergrid.org/permissions"); //test substitution testImplies(true, "/users/me/**", String.format("/users/%s/permissions", fakeUser.getUsername())); testImplies(true, "/users/me/**", String.format("/users/%s/permissions", fakeUser.getUuid())); }
From source file:org.cgiar.ccafs.ap.action.home.LoginAction.java
License:Open Source License
public String logout() { User user = (User) this.getSession().get(APConstants.SESSION_USER); if (user != null) { LOG.info("User {} logout succesfully", user.getEmail()); }/*from w w w .j a va 2s .c o m*/ this.getSession().clear(); SecurityUtils.getSubject().logout(); // Hack for cleaning cached authorization. for (Realm realm : ((RealmSecurityManager) SecurityUtils.getSecurityManager()).getRealms()) { if (realm instanceof APCustomRealm) { APCustomRealm customRealm = (APCustomRealm) realm; customRealm.clearCachedAuthorizationInfo(SecurityUtils.getSubject().getPrincipals()); } } return SUCCESS; }
From source file:org.cgiar.ccafs.marlo.security.BaseSecurityContext.java
License:Open Source License
/** * this method returns the APCustomRealm instance used by the app. * // ww w . j av a 2 s . c o m * @return an APCustomRealm object. */ public Realm getRealm() { Collection<Realm> realms = ((RealmSecurityManager) SecurityUtils.getSecurityManager()).getRealms(); if (realms.size() > 0) { return realms.iterator().next(); } return null; }
From source file:org.commonjava.auth.shiro.couch.test.CouchShiroTestFixture.java
License:Apache License
public static void teardownSecurityManager() { clearSubject();// w w w . j a v a2s .c o m try { org.apache.shiro.mgt.SecurityManager securityManager = SecurityUtils.getSecurityManager(); LifecycleUtils.destroy(securityManager); } catch (UnavailableSecurityManagerException e) { // we don't care about this when cleaning up the test environment } SecurityUtils.setSecurityManager(null); }
From source file:org.graylog2.rest.resources.system.SessionsResource.java
License:Open Source License
@POST @ApiOperation(value = "Create a new session", notes = "This request creates a new session for a user or reactivates an existing session: the equivalent of logging in.") public Session newSession(@Context ContainerRequestContext requestContext, @ApiParam(name = "Login request", value = "Username and credentials", required = true) @Valid @NotNull SessionCreateRequest createRequest) { final Session result = new Session(); final SecurityContext securityContext = requestContext.getSecurityContext(); if (!(securityContext instanceof ShiroSecurityContext)) { throw new InternalServerErrorException("Unsupported SecurityContext class, this is a bug!"); }//from w ww . ja v a2s .c om final ShiroSecurityContext shiroSecurityContext = (ShiroSecurityContext) securityContext; // we treat the BASIC auth username as the sessionid final String sessionId = shiroSecurityContext.getUsername(); // pretend that we had session id before Serializable id = null; if (sessionId != null && !sessionId.isEmpty()) { id = sessionId; } final Subject subject = new Subject.Builder().sessionId(id).buildSubject(); ThreadContext.bind(subject); try { subject.login(new UsernamePasswordToken(createRequest.username, createRequest.password)); final User user = userService.load(createRequest.username); if (user != null) { long timeoutInMillis = user.getSessionTimeoutMs(); subject.getSession().setTimeout(timeoutInMillis); } else { // set a sane default. really we should be able to load the user from above. subject.getSession().setTimeout(TimeUnit.HOURS.toMillis(8)); } subject.getSession().touch(); // save subject in session, otherwise we can't get the username back in subsequent requests. ((DefaultSecurityManager) SecurityUtils.getSecurityManager()).getSubjectDAO().save(subject); } catch (AuthenticationException e) { LOG.warn("Unable to log in user " + createRequest.username, e); } catch (UnknownSessionException e) { subject.logout(); } if (subject.isAuthenticated()) { final org.apache.shiro.session.Session session = subject.getSession(); id = session.getId(); result.sessionId = id.toString(); // TODO is this even used by anyone yet? result.validUntil = new DateTime(session.getLastAccessTime(), DateTimeZone.UTC) .plus(session.getTimeout()).toDate(); return result; } throw new NotAuthorizedException("Invalid username or password", "Basic realm=\"Graylog Server session\""); }
From source file:org.graylog2.restclient.models.User.java
License:Open Source License
public Subject getSubject() { if (subject == null) { // TODO we should do this cleanly via shiro, but time is too short. clean up post-RC return new Subject.Builder(SecurityUtils.getSecurityManager()) .principals(new SimplePrincipalCollection(getName(), "REST realm")).authenticated(true) .buildSubject();/*from www .j av a 2 s. c o m*/ } return subject; }
From source file:org.isisaddons.module.security.shiro.ShiroUtils.java
License:Apache License
public static synchronized RealmSecurityManager getSecurityManager() { org.apache.shiro.mgt.SecurityManager securityManager; try {//from w w w. j a va 2 s .co m securityManager = SecurityUtils.getSecurityManager(); } catch (UnavailableSecurityManagerException ex) { throw new AuthenticationException(ex); } if (!(securityManager instanceof RealmSecurityManager)) { throw new AuthenticationException(); } return (RealmSecurityManager) securityManager; }
From source file:org.killbill.billing.util.security.api.DefaultSecurityApi.java
License:Apache License
private void invalidateJDBCAuthorizationCache(final String username) { final Collection<Realm> realms = ((DefaultSecurityManager) SecurityUtils.getSecurityManager()).getRealms(); final KillBillJdbcRealm killBillJdbcRealm = (KillBillJdbcRealm) Iterables .tryFind(realms, new Predicate<Realm>() { @Override/*from w w w. ja v a 2 s. c o m*/ public boolean apply(@Nullable final Realm input) { return (input instanceof KillBillJdbcRealm); } }).orNull(); if (killBillJdbcRealm != null) { final SimplePrincipalCollection principals = new SimplePrincipalCollection(); principals.add(username, killBillJdbcRealm.getName()); killBillJdbcRealm.clearCachedAuthorizationInfo(principals); } }
From source file:org.lucidj.shiro.Shiro.java
License:Apache License
@Override // SecurityEngine public SecuritySubject getStoredSubject(boolean create_as_system) { SecuritySubject current_subject = VaadinSession.getCurrent().getAttribute(SecuritySubject.class); if (current_subject == null || create_as_system) { Subject shiro_subject;/*from www.j a v a2s . c o m*/ // The subject is always rebuilt when configured as system if (create_as_system) { shiro_subject = new Subject.Builder(ini_security_manager).authenticated(true) .principals(new SimplePrincipalCollection("system", "")).buildSubject(); log.info("Create system subject: {}", shiro_subject); log.info("{}: authenticated={}", shiro_subject, shiro_subject.isAuthenticated()); } else { shiro_subject = SecurityUtils.getSecurityManager().createSubject(null); } // TODO: CONFIGURABLE shiro_subject.getSession().setTimeout(24L * 60 * 60 * 1000); // 24h current_subject = new ShiroSubject(shiro_subject); // TODO: MAKE SECURITY IDENPENDENT FROM VAADIN/SESSIONS FROM WEB try { // Store current user into VaadinSession VaadinSession.getCurrent().getLockInstance().lock(); VaadinSession.getCurrent().setAttribute(SecuritySubject.class, current_subject); } finally { VaadinSession.getCurrent().getLockInstance().unlock(); } } // Reset doomsday counter.... current_subject.touchSession(); return (current_subject); }
From source file:org.obiba.agate.web.rest.security.SessionResource.java
License:Open Source License
@Nullable
Session getSession(String sessionId) {
if (sessionId != null) {
SessionKey key = new DefaultSessionKey(sessionId);
try {/*from w w w . ja v a 2s .c o m*/
return SecurityUtils.getSecurityManager().getSession(key);
} catch (SessionException e) {
// Means that the session does not exist or has expired.
}
}
return null;
}