List of usage examples for org.apache.shiro SecurityUtils setSecurityManager
public static void setSecurityManager(SecurityManager securityManager)
From source file:org.lazulite.boot.autoconfigure.osaam.shiro.spring.ShiroAuditorAware.java
License:Apache License
@Override public String getCurrentAuditor() { try {/* ww w. ja v a 2s . co m*/ SecurityUtils.setSecurityManager(securityManager); if (SecurityUtils.getSubject() != null && SecurityUtils.getSubject().getPrincipal() != null) { Object principal = SecurityUtils.getSubject().getPrincipal(); logger.trace("?subject " + principal); return (String) principal; } else { return ANONYMOUS_USER; } } catch (Exception e) { logger.error("?? shiro subject ", e); } return null; }
From source file:org.lucidj.shiro.Shiro.java
License:Apache License
public Shiro() { String shiro_ini = "file:" + System.getProperty("system.conf") + "/shiro.ini"; log.info("shiro_ini = " + shiro_ini); Factory<SecurityManager> factory = new IniSecurityManagerFactory(shiro_ini); ini_security_manager = factory.getInstance(); SecurityUtils.setSecurityManager(ini_security_manager); }
From source file:org.lx.shiro_hello.Quickstart.java
License:Apache License
public static void main(String[] args) { // The easiest way to create a Shiro SecurityManager with configured // realms, users, roles and permissions is to use the simple INI config. // We'll do that by using a factory that can ingest a .ini file and // return a SecurityManager instance: // Use the shiro.ini file at the root of the classpath // (file: and url: prefixes load from files and urls respectively): Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini"); SecurityManager securityManager = factory.getInstance(); // for this simple example quickstart, make the SecurityManager // accessible as a JVM singleton. Most applications wouldn't do this // and instead rely on their container configuration or web.xml for // webapps. That is outside the scope of this simple quickstart, so // we'll just do the bare minimum so you can continue to get a feel // for things. SecurityUtils.setSecurityManager(securityManager); // Now that a simple Shiro environment is set up, let's see what you can do: // get the currently executing user: Subject currentUser = SecurityUtils.getSubject(); // Do some stuff with a Session (no need for a web or EJB container!!!) Session session = currentUser.getSession(); session.setAttribute("someKey", "aValue"); String value = (String) session.getAttribute("someKey"); if (value.equals("aValue")) { log.info("Retrieved the correct value! [" + value + "]"); }/* w ww . j av a 2s .co m*/ // let's login the current user so we can check against roles and permissions: if (!currentUser.isAuthenticated()) { UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa"); token.setRememberMe(true); try { currentUser.login(token); } catch (UnknownAccountException uae) { log.info(">>>There is no user with username of " + token.getPrincipal()); } catch (IncorrectCredentialsException ice) { log.info(">>>Password for account " + token.getPrincipal() + " was incorrect!"); } catch (LockedAccountException lae) { log.info("The account for username " + token.getPrincipal() + " is locked. " + "Please contact your administrator to unlock it."); } // ... catch more exceptions here (maybe custom ones specific to your application? catch (AuthenticationException ae) { //unexpected condition? error? } } priviligedMethod(); //say who they are: //print their identifying principal (in this case, a username): log.info(">>>User [" + currentUser.getPrincipal() + "] logged in successfully."); //test a role: if (currentUser.hasRole("schwartz")) { log.info(">>>May the Schwartz be with you!"); } else { log.info("<<<Hello, mere mortal."); } //test a typed permission (not instance-level) if (currentUser.isPermitted("lightsaber:weild")) { log.info(">>>You may use a lightsaber ring. Use it wisely."); } else { log.info("<<<Sorry, lightsaber rings are for schwartz masters only."); } //a (very powerful) Instance Level permission: if (currentUser.isPermitted("winnebago:drive:eagle5")) { log.info(">>>You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'. " + "Here are the keys - have fun!"); } else { log.info("<<<Sorry, you aren't allowed to drive the 'eagle5' winnebago!"); } //all done - log out! currentUser.logout(); // SimpleAccount s = null; // s.setLocked(true); System.exit(0); }
From source file:org.mpavel.app.web.ApplicationFilter.java
License:Apache License
@Override public void init(FilterConfig filterConfig) throws ServletException { logger.executionTrace();//w w w. j a va 2s . co m if (applicationInjector != null) throw new ServletException("application injector already created"); if (securityInjector != null) throw new ServletException("security injector already created"); final Realm realm = new ApplicationSecurityRealm(); final SecurityManager securityManager = new DefaultSecurityManager(realm); SecurityUtils.setSecurityManager(securityManager); applicationInjector = Guice.createInjector(new ApplicationModule()); securityInjector = Guice.createInjector(new ApplicationSecurityModule()); super.init(filterConfig); }
From source file:org.obiba.agate.security.SecurityManagerFactory.java
License:Open Source License
@Override public SecurityManager getObject() throws Exception { if (securityManager == null) { securityManager = doCreateSecurityManager(); SecurityUtils.setSecurityManager(securityManager); }// w w w . ja va 2 s . c o m return securityManager; }
From source file:org.obiba.agate.security.SecurityManagerFactory.java
License:Open Source License
@PreDestroy public void destroySecurityManager() { log.debug("Shutdown SecurityManager"); // Destroy the security manager. SecurityUtils.setSecurityManager(null); LifecycleUtils.destroy(securityManager); securityManager = null;/* w ww . j ava 2 s . co m*/ }
From source file:org.obiba.mica.security.SecurityManagerFactory.java
License:Open Source License
@Override public SessionsSecurityManager getObject() throws Exception { if (securityManager == null) { securityManager = doCreateSecurityManager(); SecurityUtils.setSecurityManager(securityManager); }/* w w w. j a v a 2 s . c o m*/ return securityManager; }
From source file:org.obiba.mica.study.IndividualStudyServiceTest.java
License:Open Source License
@BeforeClass public static void init() { SecurityUtils.setSecurityManager(new DefaultWebSecurityManager()); }
From source file:org.obiba.opal.core.runtime.security.OpalSecurityManagerFactory.java
License:Open Source License
@PreDestroy public void destroySecurityManager() { // Destroy the security manager. SecurityUtils.setSecurityManager(null); LifecycleUtils.destroy(securityManager); securityManager = null;//from ww w . ja va 2s. c o m }
From source file:org.obiba.opal.web.security.SecurityResourceTest.java
License:Open Source License
@Before public void setUp() throws URISyntaxException { mockSecurityManager = new DefaultSecurityManager(); mockRealm = new SimpleAccountRealm(); mockSecurityManager.setRealm(mockRealm); SecurityUtils.setSecurityManager(mockSecurityManager); securityResource = new AuthenticationResource(mockSecurityManager); }