List of usage examples for org.apache.shiro.subject PrincipalCollection getPrimaryPrincipal
Object getPrimaryPrincipal();
From source file:$.ShiroDbRealm.java
License:Apache License
/** * ?, ???./*from w ww .jav a2 s . co m*/ */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { ShiroUser shiroUser = (ShiroUser) principals.getPrimaryPrincipal(); User user = accountService.findUserByLoginName(shiroUser.loginName); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); info.addRoles(user.getRoleList()); return info; }
From source file:action.ShiroDbRealm.java
License:Apache License
/** * ?, ???.//from w w w .ja v a 2 s . c o m */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { ShiroUser shiroUser = (ShiroUser) principals.getPrimaryPrincipal(); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); // roles List<Role> roles = roleService.getByUserId(shiroUser.id); List<String> stringRoles = new ArrayList<String>(roles.size()); for (Role role : roles) { stringRoles.add(role.getName()); } info.addRoles(stringRoles); // permissions List<Permission> permissions = permissionService.getByUserId(shiroUser.id); Set<String> stringPermissions = new HashSet<String>(permissions.size()); for (Permission permission : permissions) { stringPermissions.add(permission.getValue()); } info.setStringPermissions(stringPermissions); return info; }
From source file:annis.security.ANNISUserRealm.java
License:Apache License
@Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { Validate.isInstanceOf(String.class, principals.getPrimaryPrincipal()); String userName = (String) principals.getPrimaryPrincipal(); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); User user = confManager.getUser(userName); if (user != null) { // only add any user role/permission if account is not expired if (user.getExpires() == null || user.getExpires().isAfterNow()) { info.addRole(userName);/* www. ja v a2s. c om*/ info.addRoles(user.getGroups()); info.addRole(defaultUserRole); // add the permission to create url short IDs from every IP info.addStringPermission("shortener:create:*"); // add any manual given permissions info.addStringPermissions(user.getPermissions()); } } else if (userName.equals(anonymousUser)) { info.addRole(anonymousUser); if (confManager.getUseShortenerWithoutLogin() != null) { // add the permission to create url short IDs from the trusted IPs for (String trustedIPs : confManager.getUseShortenerWithoutLogin()) { info.addStringPermission("shortener:create:" + trustedIPs.replaceAll("[.:]", "_")); } } } return info; }
From source file:au.org.theark.core.security.AAFRealm.java
License:Open Source License
@Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { SimpleAuthorizationInfo simpleAuthInfo = new SimpleAuthorizationInfo(); // Get the logged in user name from Shiro Session String ldapUserName = (String) principals.getPrimaryPrincipal(); Long sessionStudyId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.STUDY_CONTEXT_ID); Long sessionFunctionId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.ARK_FUNCTION_KEY); Long sessionModuleId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.ARK_MODULE_KEY); try {/* w w w . j av a 2s.c om*/ if (sessionModuleId != null && sessionFunctionId != null && sessionStudyId == null) { // Load the role for the given module and use case ArkFunction arkFunction = iArkCommonService.getArkFunctionById(sessionFunctionId); ArkModule arkModule = iArkCommonService.getArkModuleById(sessionModuleId); String role = iArkCommonService.getUserRole(ldapUserName, arkFunction, arkModule, null); simpleAuthInfo.addRole(role); /* Check if the logged in user is a Super Administrator */ if (iArkCommonService.isSuperAdministator(ldapUserName, arkFunction, arkModule)) { java.util.Collection<String> userRolePermission = iArkCommonService.getArkRolePermission(role); simpleAuthInfo.addStringPermissions(userRolePermission); } else { if (role != null) { java.util.Collection<String> userRolePermission = iArkCommonService .getArkRolePermission(arkFunction, role, arkModule); simpleAuthInfo.addStringPermissions(userRolePermission); } } } else if (sessionModuleId != null && sessionFunctionId != null && sessionStudyId != null) { // Get the roles for the study in context Study study = iArkCommonService.getStudy(sessionStudyId); ArkFunction arkFunction = iArkCommonService.getArkFunctionById(sessionFunctionId); ArkModule arkModule = iArkCommonService.getArkModuleById(sessionModuleId); String role = iArkCommonService.getUserRole(ldapUserName, arkFunction, arkModule, study); simpleAuthInfo.addRole(role); if (iArkCommonService.isSuperAdministator(ldapUserName, arkFunction, arkModule)) { java.util.Collection<String> userRolePermission = iArkCommonService.getArkRolePermission(role); simpleAuthInfo.addStringPermissions(userRolePermission); } else { if (role != null) { java.util.Collection<String> userRolePermission = iArkCommonService .getArkRolePermission(arkFunction, role, arkModule); simpleAuthInfo.addStringPermissions(userRolePermission); } } } } catch (EntityNotFoundException e) { log.error(e.getMessage()); } return simpleAuthInfo; }
From source file:au.org.theark.core.security.ArkLdapRealm.java
License:Open Source License
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { SimpleAuthorizationInfo simpleAuthInfo = new SimpleAuthorizationInfo(); // Get the logged in user name from Shiro Session String ldapUserName = (String) principals.getPrimaryPrincipal(); Long sessionStudyId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.STUDY_CONTEXT_ID); Long sessionFunctionId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.ARK_FUNCTION_KEY); Long sessionModuleId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.ARK_MODULE_KEY); try {//from ww w . ja v a 2 s . com if (sessionModuleId != null && sessionFunctionId != null && sessionStudyId == null) { // Load the role for the given module and use case ArkFunction arkFunction = iArkCommonService.getArkFunctionById(sessionFunctionId); ArkModule arkModule = iArkCommonService.getArkModuleById(sessionModuleId); String role = iArkCommonService.getUserRole(ldapUserName, arkFunction, arkModule, null); simpleAuthInfo.addRole(role); /*//Add multiple roles iArkCommonService.getArkRoleListByUserAndStudy(arkUserVo, study); simpleAuthInfo.addRoles(roles);*/ /* Check if the logged in user is a Super Administrator */ if (iArkCommonService.isSuperAdministator(ldapUserName, arkFunction, arkModule)) { java.util.Collection<String> userRolePermission = iArkCommonService.getArkRolePermission(role); simpleAuthInfo.addStringPermissions(userRolePermission); } else { if (role != null) { java.util.Collection<String> userRolePermission = iArkCommonService .getArkRolePermission(arkFunction, role, arkModule); simpleAuthInfo.addStringPermissions(userRolePermission); } } } else if (sessionModuleId != null && sessionFunctionId != null && sessionStudyId != null) { // Get the roles for the study in context Study study = iArkCommonService.getStudy(sessionStudyId); ArkFunction arkFunction = iArkCommonService.getArkFunctionById(sessionFunctionId); ArkModule arkModule = iArkCommonService.getArkModuleById(sessionModuleId); String role = iArkCommonService.getUserRole(ldapUserName, arkFunction, arkModule, study); simpleAuthInfo.addRole(role); if (iArkCommonService.isSuperAdministator(ldapUserName, arkFunction, arkModule)) { java.util.Collection<String> userRolePermission = iArkCommonService.getArkRolePermission(role); simpleAuthInfo.addStringPermissions(userRolePermission); } else { if (role != null) { java.util.Collection<String> userRolePermission = iArkCommonService .getArkRolePermission(arkFunction, role, arkModule); simpleAuthInfo.addStringPermissions(userRolePermission); } } } } catch (EntityNotFoundException e) { log.error(e.getMessage()); } return simpleAuthInfo; }
From source file:be.atbash.ee.security.octopus.book.ex2.ApplicationSecurityData.java
License:Apache License
@Override public AuthorizationInfo getAuthorizationInfo(PrincipalCollection principalCollection) { AuthorizationInfoBuilder builder = new AuthorizationInfoBuilder(); UserPrincipal principal = (UserPrincipal) principalCollection.getPrimaryPrincipal(); if ("admin".equalsIgnoreCase(principal.getUserName())) { builder.addPermission(AppPermission.ACCESS.name()); }//from w w w . j a v a 2 s.c o m return builder.build(); }
From source file:be.atbash.ee.security.octopus.book.ex4.ApplicationSecurityData.java
License:Apache License
@Override public AuthorizationInfo getAuthorizationInfo(PrincipalCollection principalCollection) { AuthorizationInfoBuilder builder = new AuthorizationInfoBuilder(); UserPrincipal principal = (UserPrincipal) principalCollection.getPrimaryPrincipal(); if ("admin".equalsIgnoreCase(principal.getUserName())) { builder.addPermission("demo:*:*"); }// w w w . j a va 2 s .c o m return builder.build(); }
From source file:be.atbash.ee.security.octopus.demo.scs.security.ApplicationSecurityData.java
License:Apache License
@Override public AuthorizationInfo getAuthorizationInfo(PrincipalCollection principalCollection) { AuthorizationInfoBuilder builder = new AuthorizationInfoBuilder(); UserPrincipal principal = (UserPrincipal) principalCollection.getPrimaryPrincipal(); if ("admin".equalsIgnoreCase(principal.getUserName())) { builder.addPermission("demo:*:*"); }//from w ww . j av a 2 s .co m builder.addPermission(new NamedDomainPermission("DEMO_ACCESS", "DEMO", "ACCESS", "*")); return builder.build(); }
From source file:be.c4j.demo.security.AppAuthentication.java
License:Apache License
@Override public AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals) { AuthorizationInfoBuilder builder = new AuthorizationInfoBuilder(); builder.addPermissions(/*from ww w .j a v a2 s . co m*/ permissionService.getPermissionsForPrincipal((UserPrincipal) principals.getPrimaryPrincipal())); return builder.build(); }
From source file:be.rubus.octopus.jsr375.demo.AppAuthentication.java
License:Apache License
@Override public AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals) { AuthorizationInfoBuilder builder = new AuthorizationInfoBuilder(); UserPrincipal principal = (UserPrincipal) principals.getPrimaryPrincipal(); // We assume a 1-to-1 mapping between groups and roles. String[] groups = principal.getUserInfo(IdentityStoreMatcher.CALLER_GROUPS); for (String group : groups) { builder.addRole(new StarterNamedRole(group.toUpperCase())); }/* w w w .j av a 2 s .c o m*/ //builder.addRole() return builder.build(); }