List of usage examples for org.apache.shiro SecurityUtils getSubject
public static Subject getSubject()
From source file:$.ProfileController.java
License:Apache License
/** * Shiro???.//from w ww . j a v a 2 s. c o m */ private void updateCurrentUserName(String userName) { ShiroUser user = (ShiroUser) SecurityUtils.getSubject().getPrincipal(); user.name = userName; }
From source file:$.SecurityInterceptor.java
License:Open Source License
@Override
public void filter(ContainerRequestContext requestContext) {
ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) requestContext
.getProperty("org.jboss.resteasy.core.ResourceMethodInvoker");
Method method = methodInvoker.getMethod();
Subject subject = SecurityUtils.getSubject();
if (!subject.isAuthenticated() && method.isAnnotationPresent(RequiresAuthentication.class)) {
//throw new UnauthenticatedException("Authentication required");
requestContext.abortWith(ACCESS_DENIED);
}/*from w w w. j a va 2 s . c o m*/
if (subject.getPrincipal() != null && method.isAnnotationPresent(RequiresGuest.class)) {
//throw new UnauthenticatedException("Guest required");
requestContext.abortWith(ACCESS_DENIED);
}
if (subject.getPrincipal() == null && method.isAnnotationPresent(RequiresUser.class)) {
// throw new UnauthenticatedException("User required");
requestContext.abortWith(ACCESS_DENIED);
}
RequiresRoles roles = method.getAnnotation(RequiresRoles.class);
if (roles != null) {
subject.checkRoles(Arrays.asList(roles.value()));
}
RequiresPermissions permissions = method.getAnnotation(RequiresPermissions.class);
if (permissions != null) {
try {
subject.checkPermissions(permissions.value());
} catch (AuthorizationException e) {
//e.printStackTrace();
//requestContext.abortWith(SERVER_ERROR);
requestContext.abortWith(ACCESS_DENIED);
return;
}
}
}
From source file:ac.enset.administration.gestionAbsence.models.Login.java
public void submit() throws IOException { try {/*from www .ja v a 2 s . c om*/ SecurityUtils.getSubject().login(new UsernamePasswordToken(username, password, remember)); SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(Faces.getRequest()); Faces.redirect(savedRequest != null ? savedRequest.getRequestUrl() : HOME_URL); } catch (AuthenticationException | IncorrectCredentialsException | UnknownAccountException e) { e.printStackTrace(); // Messages.addGlobalError("Invalid Username/Password"); } }
From source file:ac.enset.administration.gestionAbsence.models.Login.java
public void loggout() { if (SecurityUtils.getSubject().isAuthenticated()) { SecurityUtils.getSubject().logout(); try {/*from w w w . ja v a 2 s . co m*/ FacesContext.getCurrentInstance().getExternalContext().redirect("login.xhtml"); } catch (IOException e) { e.printStackTrace(); } } }
From source file:annis.service.internal.AdminService.java
License:Apache License
@GET @Path("is-authenticated") @Produces("text/plain") public String isAuthenticated() { Subject user = SecurityUtils.getSubject(); return Boolean.toString(user.isAuthenticated()); }
From source file:annis.service.internal.AdminService.java
License:Apache License
/** * Get the user configuration for the currentl logged in user. *//* w w w.ja v a 2 s .c o m*/ @GET @Path("userconfig") @Produces("application/xml") public AnnisUserConfig getUserConfig() { Subject user = SecurityUtils.getSubject(); user.checkPermission("admin:read:userconfig"); return adminDao.retrieveUserConfig((String) user.getPrincipal()); }
From source file:annis.service.internal.AdminService.java
License:Apache License
/** * Sets the user configuration for the currentl logged in user. *///from w w w. j a v a 2s.c o m @POST @Path("userconfig") @Consumes("application/xml") public Response setUserConfig(JAXBElement<AnnisUserConfig> config) { Subject user = SecurityUtils.getSubject(); user.checkPermission("admin:write:userconfig"); adminDao.storeUserConfig(config.getValue()); return Response.ok().build(); }
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
@GET @Path("is-authenticated") @Produces("text/plain") public Response isAuthenticated() { Subject user = SecurityUtils.getSubject(); Object principal = user.getPrincipal(); if (principal instanceof String) { // if a use has an expired account it won't have it's own name as role boolean hasOwnRole = user.hasRole((String) principal); if (!hasOwnRole) { return Response.status(Response.Status.FORBIDDEN).entity("Account expired").build(); }/*from w w w. j a v a2s. c om*/ } return Response.ok(Boolean.toString(user.isAuthenticated())).build(); }
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
/** * Get the user configuration for the currently logged in user. * * @return/*from w ww. ja va 2 s .c o m*/ */ @GET @Path("userconfig") @Produces("application/xml") public UserConfig getUserConfig() { Subject user = SecurityUtils.getSubject(); user.checkPermission("admin:read:userconfig"); return adminDao.retrieveUserConfig((String) user.getPrincipal()); }
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
/** * Sets the user configuration for the currently logged in user. *//*w w w .j a va2s . c o m*/ @POST @Path("userconfig") @Consumes("application/xml") public Response setUserConfig(JAXBElement<UserConfig> config) { Subject user = SecurityUtils.getSubject(); user.checkPermission("admin:write:userconfig"); String userName = (String) user.getPrincipal(); adminDao.storeUserConfig(userName, config.getValue()); return Response.ok().build(); }