List of usage examples for org.apache.shiro.subject PrincipalCollection oneByType
<T> T oneByType(Class<T> type);
From source file:com.github.mike10004.examples.shirostormpath.UserInfoFilter.java
License:Open Source License
protected @Nullable Object getAccountPrincipal(Subject subject) { PrincipalCollection principals = subject.getPrincipals(); LinkedHashMap account = principals.oneByType(LinkedHashMap.class); return account; }
From source file:com.thjug.bgile.security.JpaRealm.java
License:Creative Commons License
@Override protected AuthorizationInfo doGetAuthorizationInfo(final PrincipalCollection principals) { final Account account = principals.oneByType(Account.class); final Set<String> roleValues = new HashSet<>(); roleValues.add(account.getTypeid().toString()); return new SimpleAuthorizationInfo(roleValues); }
From source file:ddf.security.common.util.SecurityTest.java
License:Open Source License
@Test public void testTokenAboutToExpire() throws Exception { Subject subject = mock(Subject.class); SecurityAssertion assertion = mock(SecurityAssertion.class); PrincipalCollection pc = mock(PrincipalCollection.class); SecurityToken st = mock(SecurityToken.class); when(st.isAboutToExpire(anyLong())).thenReturn(true); assertThat(Security.tokenAboutToExpire(null), equalTo(true)); assertThat(Security.tokenAboutToExpire(subject), equalTo(true)); when(subject.getPrincipals()).thenReturn(pc); assertThat(Security.tokenAboutToExpire(subject), equalTo(true)); when(pc.oneByType(any(Class.class))).thenReturn(assertion); when(assertion.getSecurityToken()).thenReturn(st); assertThat(Security.tokenAboutToExpire(subject), equalTo(true)); when(st.isAboutToExpire(anyLong())).thenReturn(false); assertThat(Security.tokenAboutToExpire(subject), equalTo(false)); }
From source file:io.buji.pac4j.realm.Pac4jRealm.java
License:Apache License
@Override protected AuthorizationInfo doGetAuthorizationInfo(final PrincipalCollection principals) { final Set<String> roles = new HashSet<>(); final Set<String> permissions = new HashSet<>(); final Pac4jPrincipal principal = principals.oneByType(Pac4jPrincipal.class); if (principal != null) { final List<CommonProfile> profiles = principal.getProfiles(); for (CommonProfile profile : profiles) { if (profile != null) { roles.addAll(profile.getRoles()); permissions.addAll(profile.getPermissions()); }//from w w w . j a v a 2 s . co m } } final SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(); simpleAuthorizationInfo.addRoles(roles); simpleAuthorizationInfo.addStringPermissions(permissions); return simpleAuthorizationInfo; }
From source file:org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.java
License:Apache License
@Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { Set<String> roles = new LinkedHashSet<String>(); UnixUserPrincipal user = principals.oneByType(UnixUserPrincipal.class); if (user != null) { roles.addAll(user.getUnixUser().getGroups()); }/*from ww w . j ava 2 s . com*/ SecurityUtils.getSubject().getSession().setAttribute(SUBJECT_USER_ROLES, roles); SecurityUtils.getSubject().getSession().setAttribute(SUBJECT_USER_GROUPS, roles); /* Coverity Scan CID 1361682 */ String userName = null; if (user != null) { userName = user.getName(); } GatewayLog.lookedUpUserRoles(roles, userName); return new SimpleAuthorizationInfo(roles); }
From source file:org.apache.zeppelin.realm.PamRealm.java
License:Apache License
@Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { Set<String> roles = new LinkedHashSet<>(); UserPrincipal user = principals.oneByType(UserPrincipal.class); if (user != null) { roles.addAll(user.getUnixUser().getGroups()); }/* www . j a va 2 s.co m*/ return new SimpleAuthorizationInfo(roles); }
From source file:org.codice.ddf.security.interceptor.AnonymousInterceptor.java
License:Open Source License
private void createSecurityToken(SoapVersion version, SOAPFactory soapFactory, SOAPElement securityHeader) { AnonymousAuthenticationToken token = new AnonymousAuthenticationToken( BaseAuthenticationToken.DEFAULT_REALM); //synchronize the step of requesting the assertion, it is not thread safe Subject subject = null;//from w w w . j av a2s .c om synchronized (lock) { try { subject = securityManager.getSubject(token); } catch (SecurityServiceException sse) { LOGGER.warn("Unable to request subject for anonymous user.", sse); } } if (subject != null) { PrincipalCollection principals = subject.getPrincipals(); if (principals != null) { SecurityAssertion securityAssertion = principals.oneByType(SecurityAssertion.class); if (securityAssertion != null) { SecurityToken securityToken = securityAssertion.getSecurityToken(); Element samlElement = securityToken.getToken(); SOAPElement samlAssertion = null; try { samlAssertion = soapFactory.createElement(samlElement); securityHeader.addChildElement(samlAssertion); } catch (SOAPException e) { LOGGER.error("Unable to convert SecurityToken to SOAPElement.", e); } } else { LOGGER.warn("Subject did not contain a security assertion, could not assertion" + "to security header."); } } else { LOGGER.warn("Subject did not contain any principals, could not create element."); } } }
From source file:org.codice.ddf.security.interceptor.GuestInterceptor.java
License:Open Source License
@Override public void handleMessage(SoapMessage message) throws Fault { if (message != null) { HttpServletRequest request = (HttpServletRequest) message.get(AbstractHTTPDestination.HTTP_REQUEST); LOGGER.debug("Getting new Guest user token"); // synchronize the step of requesting the assertion, it is not thread safe Principal principal = null; Subject subject = getSubject(request.getRemoteAddr()); PrincipalCollection principals = subject.getPrincipals(); SecurityAssertion securityAssertion = principals.oneByType(SecurityAssertion.class); if (securityAssertion != null) { principal = new SecurityAssertionPrincipalDefault(securityAssertion); } else {/* w w w . ja v a 2 s . c om*/ LOGGER.debug("Subject did not contain a security assertion"); } message.put(SecurityContext.class, new DefaultSecurityContext(principal, null)); message.put(WSS4J_CHECK_STRING, Boolean.TRUE); } else { LOGGER.debug("Incoming SOAP message is null - guest interceptor makes no sense."); } }
From source file:org.codice.ddf.security.SecurityTest.java
License:Open Source License
@Test public void testTokenAboutToExpire() throws Exception { Subject subject = mock(Subject.class); SecurityAssertion assertion = mock(SecurityAssertion.class); PrincipalCollection pc = mock(PrincipalCollection.class); SecurityToken st = mock(SecurityToken.class); when(st.isAboutToExpire(anyLong())).thenReturn(true); assertThat(security.tokenAboutToExpire(null), equalTo(true)); assertThat(security.tokenAboutToExpire(subject), equalTo(true)); when(subject.getPrincipals()).thenReturn(pc); assertThat(security.tokenAboutToExpire(subject), equalTo(true)); when(pc.oneByType(any(Class.class))).thenReturn(assertion); when(assertion.getSecurityToken()).thenReturn(st); assertThat(security.tokenAboutToExpire(subject), equalTo(true)); when(st.isAboutToExpire(anyLong())).thenReturn(false); assertThat(security.tokenAboutToExpire(subject), equalTo(false)); }
From source file:org.fcrepo.auth.common.ShiroSecurityContext.java
License:Apache License
/** * Create a new security context using the given Shiro subject. That subject will typically be the value returned * by a call to {@code SecurityUtils.getSubject()}. * * @param user subject to create the security context for *//*ww w .j ava 2s . c o m*/ public ShiroSecurityContext(final Subject user) { if (user != null) { this.user = user; final PrincipalCollection principals = user.getPrincipals(); if (principals != null) { final BasicUserPrincipal userPrincipal = principals.oneByType(BasicUserPrincipal.class); if (userPrincipal != null) { this.userName = userPrincipal.getName(); } else { this.userName = null; } } } }