Examples of org.apache.shiro.mgt.SecurityManager

org.apache.shiro.mgt.SecurityManager
A {@code SecurityManager} executes all security operations for all Subjects (aka users) across asingle application.
The interface itself primarily exists as a convenience - it extends the {@link org.apache.shiro.authc.Authenticator}, {@link Authorizer}, and {@link SessionManager} interfaces, thereby consolidatingthese behaviors into a single point of reference. For most Shiro usages, this simplifies configuration and tends to be a more convenient approach than referencing {@code Authenticator}, {@code Authorizer}, and {@code SessionManager} instances separately; instead one only needs to interact with a single{@code SecurityManager} instance.
In addition to the above three interfaces, this interface provides a number of methods supporting {@link Subject} behavior. A {@link org.apache.shiro.subject.Subject Subject} executesauthentication, authorization, and session operations for a single user, and as such can only be managed by {@code A SecurityManager} which is aware of all three functions. The three parent interfaces on theother hand do not 'know' about {@code Subject}s to ensure a clean separation of concerns.
Usage Note: In actuality the large majority of application programmers won't interact with a SecurityManager very often, if at all. Most application programmers only care about security operations for the currently executing user, usually attained by calling {@link org.apache.shiro.SecurityUtils#getSubject() SecurityUtils.getSubject()}.
Framework developers on the other hand might find working with an actual SecurityManager useful. @author Les Hazlewood @see org.apache.shiro.mgt.DefaultSecurityManager @since 0.2

    @Test
    public void testExecuteCallable() {


        String username = "jsmith";


        SecurityManager securityManager = createNiceMock(SecurityManager.class);
        PrincipalCollection identity = new SimplePrincipalCollection(username, "testRealm");
        final Subject sourceSubject = new DelegatingSubject(identity, true, null, null, securityManager);


        assertNull(ThreadContext.getSubject());
        assertNull(ThreadContext.getSecurityManager());

View Full Code Here

    @Test
    public void testExecuteRunnable() {


        String username = "jsmith";


        SecurityManager securityManager = createNiceMock(SecurityManager.class);
        PrincipalCollection identity = new SimplePrincipalCollection(username, "testRealm");
        final Subject sourceSubject = new DelegatingSubject(identity, true, null, null, securityManager);


        assertNull(ThreadContext.getSubject());
        assertNull(ThreadContext.getSecurityManager());

View Full Code Here

        Ini.Section users = ini.addSection("users");
        users.put("user1", "user1,role1");
        users.put("user2", "user2,role2");
        users.put("user3", "user3,role3");
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini);
        SecurityManager sm = factory.getInstance();


        //login as user1
        Subject subject = new Subject.Builder(sm).buildSubject();
        subject.login(new UsernamePasswordToken("user1", "user1"));

View Full Code Here

     * @throws UnavailableSecurityManagerException
     *          if there is no {@code SecurityManager} instance available to the
     *          calling code, which typically indicates an invalid application configuration.
     */
    public static SecurityManager getSecurityManager() throws UnavailableSecurityManagerException {
        SecurityManager securityManager = ThreadContext.getSecurityManager();
        if (securityManager == null) {
            securityManager = SecurityUtils.securityManager;
        }
        if (securityManager == null) {
            String msg = "No SecurityManager accessible to the calling code, either bound to the " +

View Full Code Here

            factory = new WebIniSecurityManagerFactory(ini);
        }


        // Create the security manager and check that it implements WebSecurityManager.
        // Otherwise, it can't be used with the filter.
        SecurityManager securityManager = factory.getInstance();
        if (!(securityManager instanceof WebSecurityManager)) {
            String msg = "The configured security manager is not an instance of WebSecurityManager, so " +
                    "it can not be used with the Shiro servlet filter.";
            throw new ConfigurationException(msg);
        }

View Full Code Here

            @Provides
            public MockRealm createRealm() {
                return mockRealm;
            }
        });
        SecurityManager securityManager = injector.getInstance(SecurityManager.class);
        assertNotNull(securityManager);
    }

View Full Code Here

            @Provides
            public MockRealm createRealm() {
                return mockRealm;
            }
        });
        SecurityManager securityManager = injector.getInstance(SecurityManager.class);
        assertNotNull(securityManager);
        SecurityUtils.setSecurityManager(securityManager);


        final Subject subject = new Subject.Builder(securityManager).buildSubject();
        securityManager.login(subject, authToken);


        verify(mockRealm);
    }

View Full Code Here

            @Override
            protected void bindSecurityManager(AnnotatedBindingBuilder<? super SecurityManager> bind) {
                bind.to(MyDefaultSecurityManager.class);
            }
        });
        SecurityManager securityManager = injector.getInstance(SecurityManager.class);
        assertNotNull(securityManager);
        assertTrue(securityManager instanceof MyDefaultSecurityManager);
    }

View Full Code Here

        assertWebSecurityManager(securityManager);
        super.setSecurityManager(securityManager);
    }


    public WebSecurityManager getWebSecurityManager() {
        SecurityManager sm = super.getSecurityManager();
        assertWebSecurityManager(sm);
        return (WebSecurityManager)sm;
    }

View Full Code Here


    @AfterClass
    public static void tearDownShiro() {
        doClearSubject();
        try {
            SecurityManager securityManager = getSecurityManager();
            LifecycleUtils.destroy(securityManager);
        } catch (UnavailableSecurityManagerException e) {
            //we don't care about this when cleaning up the test environment
            //(for example, maybe the subclass is a unit test and it didn't
            // need a SecurityManager instance because it was using only mock Subject instances)

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.shiro.mgt.SecurityManager

com.google.code.lightssh.common.support.shiro.MyShiroFilterFactoryBean

com.piercey.app.framework.ApplicationFilter

com.tododev.shiro.GuiceAopTest

juzu.plugin.shiro.impl.SecurityManagerProvider

org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizor

org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizorTest

org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizorTest_authenticate

org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizorTest_isVisibleInAnyRole

org.apache.shiro.aspectj.DummyServiceTest

org.apache.shiro.config.IniSecurityManagerFactory

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.