Examples of org.apache.shiro.mgt.SecurityManager

org.apache.shiro.mgt.SecurityManager
A {@code SecurityManager} executes all security operations for all Subjects (aka users) across asingle application.
The interface itself primarily exists as a convenience - it extends the {@link org.apache.shiro.authc.Authenticator}, {@link Authorizer}, and {@link SessionManager} interfaces, thereby consolidatingthese behaviors into a single point of reference. For most Shiro usages, this simplifies configuration and tends to be a more convenient approach than referencing {@code Authenticator}, {@code Authorizer}, and {@code SessionManager} instances separately; instead one only needs to interact with a single{@code SecurityManager} instance.
In addition to the above three interfaces, this interface provides a number of methods supporting {@link Subject} behavior. A {@link org.apache.shiro.subject.Subject Subject} executesauthentication, authorization, and session operations for a single user, and as such can only be managed by {@code A SecurityManager} which is aware of all three functions. The three parent interfaces on theother hand do not 'know' about {@code Subject}s to ensure a clean separation of concerns.
Usage Note: In actuality the large majority of application programmers won't interact with a SecurityManager very often, if at all. Most application programmers only care about security operations for the currently executing user, usually attained by calling {@link org.apache.shiro.SecurityUtils#getSubject() SecurityUtils.getSubject()}.
Framework developers on the other hand might find working with an actual SecurityManager useful. @author Les Hazlewood @see org.apache.shiro.mgt.DefaultSecurityManager @since 0.2

    /**
     * The {@link SecurityManager} is shared between both the {@link Authenticator} and the {@link Authorizor}
     * (if shiro is configured for both components).
     */
    protected synchronized RealmSecurityManager getSecurityManager() {
        SecurityManager securityManager;
        try {
            securityManager = SecurityUtils.getSecurityManager();
        } catch(UnavailableSecurityManagerException ex) {
            return null;
        }

View Full Code Here


    @Test
    public void happyCase() throws Exception {


        Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        SecurityManager securityManager = factory.getInstance();
        SecurityUtils.setSecurityManager(securityManager);


        
        assertThat(authOrAuth.canAuthenticate(AuthenticationRequestPassword.class), is(true));

View Full Code Here


    @Test
    public void vetoing() throws Exception {
        // given
        Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        SecurityManager securityManager = factory.getInstance();
        SecurityUtils.setSecurityManager(securityManager);


        AuthenticationRequest ar = new AuthenticationRequestPassword("darkhelmet", "ludicrousspeed");
        authOrAuth.authenticate(ar, null);

View Full Code Here

    
    @Test
    public void vetoingOverridden() throws Exception {
        // given
        Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        SecurityManager securityManager = factory.getInstance();
        SecurityUtils.setSecurityManager(securityManager);


        AuthenticationRequest ar = new AuthenticationRequestPassword("lonestarr", "vespa");
        authOrAuth.authenticate(ar, null);

View Full Code Here

        // return a SecurityManager instance:


        // Use the shiro.ini file at the root of the classpath
        // (file: and url: prefixes load from files and urls respectively):
        Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        SecurityManager securityManager = factory.getInstance();


        // for this simple example quickstart, make the SecurityManager
        // accessible as a JVM singleton.  Most applications wouldn't do this
        // and instead rely on their container configuration or web.xml for
        // webapps.  That is outside the scope of this simple quickstart, so

View Full Code Here

        if (subject == null) {
            throw new IllegalArgumentException("Subject argument cannot be null.");
        }
        this.subject = subject;


        SecurityManager securityManager = null;
        if ( subject instanceof DelegatingSubject) {
            securityManager = ((DelegatingSubject)subject).getSecurityManager();
        }
        if ( securityManager == null) {
            securityManager = ThreadContext.getSecurityManager();

View Full Code Here

     * <p/>
     * Prior to binding, the {@code ThreadContext}'s existing {@link ThreadContext#getResources() resources} are
     * retained so they can be restored later via the {@link #restore restore} call.
     */
    public void bind() {
        SecurityManager securityManager = this.securityManager;
        if ( securityManager == null ) {
            //try just in case the constructor didn't find one at the time:
            securityManager = ThreadContext.getSecurityManager();
        }
        this.originalResources = ThreadContext.getResources();

View Full Code Here

    public void setSecurityManager(SecurityManager securityManager) {
        nullSafePut(SECURITY_MANAGER, securityManager);
    }


    public SecurityManager resolveSecurityManager() {
        SecurityManager securityManager = getSecurityManager();
        if (securityManager == null) {
            if (log.isDebugEnabled()) {
                log.debug("No SecurityManager available in subject context map.  " +
                        "Falling back to SecurityUtils.getSecurityManager() lookup.");
            }

View Full Code Here

    @Test
    public void testExecuteCallable() {


        String username = "jsmith";


        SecurityManager securityManager = createNiceMock(SecurityManager.class);
        PrincipalCollection identity = new SimplePrincipalCollection(username, "testRealm");
        final Subject sourceSubject = new DelegatingSubject(identity, true, null, null, securityManager);


        assertNull(ThreadContext.getSubject());
        assertNull(ThreadContext.getSecurityManager());

View Full Code Here

    @Test
    public void testExecuteRunnable() {


        String username = "jsmith";


        SecurityManager securityManager = createNiceMock(SecurityManager.class);
        PrincipalCollection identity = new SimplePrincipalCollection(username, "testRealm");
        final Subject sourceSubject = new DelegatingSubject(identity, true, null, null, securityManager);


        assertNull(ThreadContext.getSubject());
        assertNull(ThreadContext.getSecurityManager());

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.shiro.mgt.SecurityManager

com.google.code.lightssh.common.support.shiro.MyShiroFilterFactoryBean

com.piercey.app.framework.ApplicationFilter

com.tododev.shiro.GuiceAopTest

juzu.plugin.shiro.impl.SecurityManagerProvider

org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizor

org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizorTest

org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizorTest_authenticate

org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizorTest_isVisibleInAnyRole

org.apache.shiro.aspectj.DummyServiceTest

org.apache.shiro.config.IniSecurityManagerFactory

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.