Examples of org.apache.shiro.mgt.SecurityManager

• org.apache.shiro.mgt.SecurityManager
  A {@code SecurityManager} executes all security operations for all Subjects (aka users) across asingle application.

  The interface itself primarily exists as a convenience - it extends the {@link org.apache.shiro.authc.Authenticator}, {@link Authorizer}, and {@link SessionManager} interfaces, thereby consolidatingthese behaviors into a single point of reference. For most Shiro usages, this simplifies configuration and tends to be a more convenient approach than referencing {@code Authenticator}, {@code Authorizer}, and {@code SessionManager} instances separately; instead one only needs to interact with a single{@code SecurityManager} instance.

  In addition to the above three interfaces, this interface provides a number of methods supporting {@link Subject} behavior. A {@link org.apache.shiro.subject.Subject Subject} executesauthentication, authorization, and session operations for a single user, and as such can only be managed by {@code A SecurityManager} which is aware of all three functions. The three parent interfaces on theother hand do not 'know' about {@code Subject}s to ensure a clean separation of concerns.

  Usage Note: In actuality the large majority of application programmers won't interact with a SecurityManager very often, if at all. Most application programmers only care about security operations for the currently executing user, usually attained by calling {@link org.apache.shiro.SecurityUtils#getSubject() SecurityUtils.getSubject()}.

  Framework developers on the other hand might find working with an actual SecurityManager useful. @author Les Hazlewood @see org.apache.shiro.mgt.DefaultSecurityManager @since 0.2

        Ini ini = new Ini();
        Ini.Section users = ini.addSection("users");
        users.put("user1", "user1,role1");
        users.put("user2", "user2,role2");
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini);
        SecurityManager sm = factory.getInstance();

        Subject subject = new Subject.Builder(sm).buildSubject();
        subject.login(new UsernamePasswordToken("user1", "user1"));

        assertTrue(subject.getPrincipal().equals("user1"));

public class IniSecurityManagerFactoryTest {

    @Test
    public void testGetInstanceWithoutIni() {
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory();
        SecurityManager sm = factory.getInstance();
        assertNotNull(sm);
        assertTrue(sm instanceof DefaultSecurityManager);
    }

    @Test
    public void testGetInstanceWithResourcePath() {
        String path = "classpath:org/apache/shiro/config/IniSecurityManagerFactoryTest.ini";
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory(path);
        SecurityManager sm = factory.getInstance();
        assertNotNull(sm);
        assertTrue(sm instanceof DefaultSecurityManager);
    }

    @Test
    public void testGetInstanceWithEmptyIni() {
        Ini ini = new Ini();
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini);
        SecurityManager sm = factory.getInstance();
        assertNotNull(sm);
        assertTrue(sm instanceof DefaultSecurityManager);
    }

    public void testGetInstanceWithSimpleIni() {
        Ini ini = new Ini();
        ini.setSectionProperty(IniSecurityManagerFactory.MAIN_SECTION_NAME,
                "securityManager.sessionManager.globalSessionTimeout", "5000");
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini);
        SecurityManager sm = factory.getInstance();
        assertNotNull(sm);
        assertTrue(sm instanceof DefaultSecurityManager);
        assertEquals(5000, ((AbstractSessionManager) ((DefaultSecurityManager) sm).getSessionManager()).getGlobalSessionTimeout());
    }

        section.put("propsRealm", PropertiesRealm.class.getName());
        section.put("propsRealm.resourcePath",
                "classpath:org/apache/shiro/config/IniSecurityManagerFactoryTest.propsRealm.properties");

        IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini);
        SecurityManager sm = factory.getInstance();
        assertNotNull(sm);
        assertTrue(sm instanceof DefaultSecurityManager);
        Collection<Realm> realms = ((DefaultSecurityManager) sm).getRealms();
        assertEquals(1, realms.size());
        Realm realm = realms.iterator().next();

        Ini ini = new Ini();
        Ini.Section section = ini.addSection(IniRealm.USERS_SECTION_NAME);
        section.put("admin", "admin");

        IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini);
        SecurityManager sm = factory.getInstance();
        assertNotNull(sm);
        assertTrue(sm instanceof DefaultSecurityManager);
        Collection<Realm> realms = ((DefaultSecurityManager) sm).getRealms();
        assertEquals(1, realms.size());
        Realm realm = realms.iterator().next();

            factory = new WebIniSecurityManagerFactory(ini);
        }

        // Create the security manager and check that it implements WebSecurityManager.
        // Otherwise, it can't be used with the filter.
        SecurityManager securityManager = factory.getInstance();
        if (!(securityManager instanceof WebSecurityManager)) {
            String msg = "The configured security manager is not an instance of WebSecurityManager, so " +
                    "it can not be used with the Shiro servlet filter.";
            throw new ConfigurationException(msg);
        }

        //create a users section - user 'admin', with a Sha256-hashed 'admin' password (hex encoded):
        Ini.Section users = ini.addSection(IniRealm.USERS_SECTION_NAME);
        users.put("admin", new Sha256Hash("secret").toString());

        IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini);
        SecurityManager sm = factory.getInstance();

        //go ahead and try to log in with the admin user, ensuring the
        //iniRealm has a Sha256CredentialsMatcher enabled:

        //try to log-in:

        //add a test user:
        ini.setSectionProperty(IniRealm.USERS_SECTION_NAME, "admin", "admin");

        IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini);
        SecurityManager sm = factory.getInstance();

        //try to log-in:
        Subject subject = new Subject.Builder(sm).buildSubject();
        subject.login(new UsernamePasswordToken("admin", "admin"));
        Session session = subject.getSession();