List of usage examples for org.apache.shiro.session.mgt DefaultSessionManager setSessionDAO
public void setSessionDAO(SessionDAO sessionDAO)
From source file:com.caricah.iotracah.core.security.DefaultSecurityHandler.java
License:Apache License
public SecurityManager createSecurityManager(String securityFilePath) throws UnRetriableException { Ini ini = new Ini(); ini.loadFromPath(securityFilePath);// w w w. jav a2s . c o m IOTIniSecurityManagerFactory iniSecurityManagerFactory = new IOTIniSecurityManagerFactory(ini, getIotSecurityDatastore(), getDefaultPartitionName()); SecurityManager securityManager = iniSecurityManagerFactory.getInstance(); if (securityManager instanceof IOTSecurityManager) { //configure the security manager. IOTSecurityManager iotSecurityManager = (IOTSecurityManager) securityManager; DefaultSessionManager sessionManager = (DefaultSessionManager) iotSecurityManager.getSessionManager(); SecurityUtils.setSecurityManager(iotSecurityManager); //Assign session dao from the security datastore. sessionManager.setSessionDAO(getIotSecurityDatastore()); sessionManager.setSessionListeners(getSessionListenerList()); sessionManager.setSessionValidationSchedulerEnabled(true); sessionManager.setSessionValidationInterval(1000); return securityManager; } else { throw new UnRetriableException( "Security manager has to be an instance of the default security manager (DefaultSecurityManager). " + securityManager.getClass().getName() + " was used instead."); } }
From source file:net.kr9ly.thinfw.dagger.module.AppSecurityManagerModule.java
License:Apache License
@ApplicationScope @Provides//from ww w . ja v a 2 s .c o m SessionManager sessionManager() { DefaultSessionManager sessionManager = new DefaultSessionManager(); EnterpriseCacheSessionDAO sessionDAO = new EnterpriseCacheSessionDAO(); sessionDAO.setSessionIdGenerator(new JavaUuidSessionIdGenerator()); sessionManager.setSessionDAO(new EnterpriseCacheSessionDAO()); sessionManager.setCacheManager(new EhCacheManager()); return sessionManager; }
From source file:org.graylog2.bindings.providers.DefaultSecurityManagerProvider.java
License:Open Source License
@Inject public DefaultSecurityManagerProvider(MongoDbSessionDAO mongoDbSessionDAO, PasswordAuthenticator passwordAuthenticator, MongoDbAuthorizationRealm mongoDbAuthorizationRealm, LdapUserAuthenticator ldapUserAuthenticator, SessionAuthenticator sessionAuthenticator, AccessTokenAuthenticator accessTokenAuthenticator, Configuration configuration) { final GraylogSimpleAccountRealm inMemoryRealm = new GraylogSimpleAccountRealm(); inMemoryRealm.setCachingEnabled(false); inMemoryRealm.addRootAccount(configuration.getRootUsername(), configuration.getRootPasswordSha2()); inMemoryRealm.setCredentialsMatcher(new HashedCredentialsMatcher("SHA-256")); passwordAuthenticator.setCachingEnabled(false); passwordAuthenticator.setCredentialsMatcher(new HashedCredentialsMatcher("SHA-1")); mongoDbAuthorizationRealm.setCachingEnabled(false); ldapUserAuthenticator.setCachingEnabled(false); sessionAuthenticator.setCachingEnabled(false); accessTokenAuthenticator.setCachingEnabled(false); sm = new DefaultSecurityManager(Lists.<Realm>newArrayList(sessionAuthenticator, accessTokenAuthenticator, ldapUserAuthenticator, passwordAuthenticator, inMemoryRealm)); final Authenticator authenticator = sm.getAuthenticator(); if (authenticator instanceof ModularRealmAuthenticator) { ((ModularRealmAuthenticator) authenticator).setAuthenticationStrategy(new FirstSuccessfulStrategy()); }// w ww .j av a 2 s. co m sm.setAuthorizer( new ModularRealmAuthorizer(Lists.<Realm>newArrayList(mongoDbAuthorizationRealm, inMemoryRealm))); final DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO(); final DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator() { @Override public boolean isSessionStorageEnabled(Subject subject) { // save to session if we already have a session. do not create on just for saving the subject return (subject.getSession(false) != null); } }; sessionStorageEvaluator.setSessionStorageEnabled(false); subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator); sm.setSubjectDAO(subjectDAO); final DefaultSessionManager defaultSessionManager = (DefaultSessionManager) sm.getSessionManager(); defaultSessionManager.setSessionDAO(mongoDbSessionDAO); defaultSessionManager.setDeleteInvalidSessions(true); defaultSessionManager.setCacheManager(new MemoryConstrainedCacheManager()); // DO NOT USE global session timeout!!! It's fucky. //defaultSessionManager.setGlobalSessionTimeout(TimeUnit.SECONDS.toMillis(5)); SecurityUtils.setSecurityManager(sm); }
From source file:org.killbill.billing.util.glue.JDBCSessionDaoProvider.java
License:Apache License
@Override public JDBCSessionDao get() { final JDBCSessionDao jdbcSessionDao = new JDBCSessionDao(dbi); if (sessionManager instanceof DefaultSessionManager) { final DefaultSessionManager defaultSessionManager = (DefaultSessionManager) sessionManager; defaultSessionManager.setSessionDAO(jdbcSessionDao); defaultSessionManager.setGlobalSessionTimeout(rbacConfig.getGlobalSessionTimeout().getMillis()); }/* w w w . j av a2 s. c om*/ return jdbcSessionDao; }
From source file:org.obiba.opal.core.service.security.OpalSecurityManagerFactory.java
License:Open Source License
private void setDefaultSessionManager(DefaultSecurityManager dsm) { DefaultSessionManager sessionManager = (DefaultSessionManager) dsm.getSessionManager(); sessionManager.setSessionListeners(sessionListeners); sessionManager.setSessionDAO(new EnterpriseCacheSessionDAO()); SessionValidationScheduler sessionValidationScheduler = new ExecutorServiceSessionValidationScheduler(); sessionValidationScheduler.enableSessionValidation(); sessionManager.setSessionValidationScheduler(sessionValidationScheduler); sessionManager.setSessionValidationInterval(SESSION_VALIDATION_INTERVAL); }
From source file:org.sonatype.nexus.security.NexusHttpAuthenticationFilterTest.java
License:Open Source License
@Before public void bindSubjectToThread() { // setup a simple realm for authc SimpleAccountRealm simpleAccountRealm = new SimpleAccountRealm(); simpleAccountRealm.addAccount("anonymous", "anonymous"); DefaultSecurityManager securityManager = new DefaultSecurityManager(); securityManager.setRealm(simpleAccountRealm); SecurityUtils.setSecurityManager(securityManager); DefaultSessionManager sessionManager = (DefaultSessionManager) securityManager.getSessionManager(); sessionDAO = new EnterpriseCacheSessionDAO(); sessionManager.setSessionDAO(sessionDAO); simpleSession = new SimpleSession(); sessionDAO.create(simpleSession);/*www . j ava 2 s . c o m*/ List<PrincipalCollection> principalCollectionList = new ArrayList<PrincipalCollection>(); principalCollectionList.add(new SimplePrincipalCollection("other Principal", "some-realm")); simpleSession.setAttribute(DelegatingSubject.class.getName() + ".RUN_AS_PRINCIPALS_SESSION_KEY", principalCollectionList); DelegatingSession delegatingSession = new DelegatingSession(sessionManager, new DefaultSessionKey(simpleSession.getId())); // set the user subject = new DelegatingSubject(new SimplePrincipalCollection("anonymous", "realmName"), true, null, delegatingSession, securityManager); ThreadContext.bind(subject); }