Examples of org.apache.shiro.subject.PrincipalCollection

• org.apache.shiro.subject.PrincipalCollection
  A collection of all principals associated with a corresponding {@link Subject Subject}. A principal is just a security term for an identifying attribute, such as a username or user id or social security number or anything else that can be considered an 'identifying' attribute for a {@code Subject}.

  A PrincipalCollection organizes its internal principals based on the {@code Realm} where they came from when theSubject was first created. To obtain the principal(s) for a specific Realm, see the {@link #fromRealm} method. Youcan also see which realms contributed to this collection via the {@link #getRealmNames() getRealmNames()} method. @author Les Hazlewood @see #getPrimaryPrincipal() @see #fromRealm(String realmName) @see #getRealmNames() @since 0.9

    @RequiresPermissions("auth:fakeUser")
    @Override
    public boolean bindFakeUser(String userName) {
        if (baseRealm.accountExists(userName)) {
            PrincipalCollection principals = new SimplePrincipalCollection(userName, BASE_REALM_NAME);
            Subject subj = new Subject.Builder().principals(principals).buildSubject();
            ThreadState threadState = new SubjectThreadState(subj);
            threadState.bind();
            return true;
        }

     * @param subject   the subject for which the principals are being remembered.
     * @param token     the token that resulted in a successful authentication attempt.
     * @param authcInfo the authentication info resulting from the successful authentication attempt.
     */
    public void rememberIdentity(Subject subject, AuthenticationToken token, AuthenticationInfo authcInfo) {
        PrincipalCollection principals = getIdentityToRemember(subject, authcInfo);
        rememberIdentity(subject, principals);
    }

     * @param subjectContext the contextual data, usually provided by a {@link Subject.Builder} implementation, that
     *                       is being used to construct a {@link Subject} instance.
     * @return the remembered principals or {@code null} if none could be acquired.
     */
    public PrincipalCollection getRememberedPrincipals(SubjectContext subjectContext) {
        PrincipalCollection principals = null;
        try {
            byte[] bytes = getRememberedSerializedIdentity(subjectContext);
            //SHIRO-138 - only call convertBytesToPrincipals if bytes exist:
            if (bytes != null && bytes.length > 0) {
                principals = convertBytesToPrincipals(bytes, subjectContext);

            put(PRINCIPALS, principals);
        }
    }

    public PrincipalCollection resolvePrincipals() {
        PrincipalCollection principals = getPrincipals();

        if (CollectionUtils.isEmpty(principals)) {
            //check to see if they were just authenticated:
            AuthenticationInfo info = getAuthenticationInfo();
            if (info != null) {

    public void login(AuthenticationToken token) throws AuthenticationException {
        clearRunAsIdentities();
        Subject subject = securityManager.login(this, token);

        PrincipalCollection principals;

        String host = null;

        if (subject instanceof DelegatingSubject) {
            DelegatingSubject delegating = (DelegatingSubject) subject;
            //we have to do this in case there are assumed identities - we don't want to lose the 'real' principals:
            principals = delegating.principals;
            host = delegating.host;
        } else {
            principals = subject.getPrincipals();
        }

        if (principals == null || principals.isEmpty()) {
            String msg = "Principals returned from securityManager.login( token ) returned a null or " +
                    "empty value.  This value must be non null and populated with one or more elements.";
            throw new IllegalStateException(msg);
        }
        this.principals = principals;

    public boolean isAuthenticated() {
        return authenticated;
    }

    public boolean isRemembered() {
        PrincipalCollection principals = getPrincipals();
        return principals != null && !principals.isEmpty() && !isAuthenticated();
    }

        Session session = getSession();
        session.setAttribute(RUN_AS_PRINCIPALS_SESSION_KEY, this.runAsPrincipals);
    }

    private PrincipalCollection popIdentity() {
        PrincipalCollection popped = null;
        if (!CollectionUtils.isEmpty(this.runAsPrincipals)) {
            popped = this.runAsPrincipals.remove(0);
            Session session;
            if (!CollectionUtils.isEmpty(this.runAsPrincipals)) {
                //persist the changed deque to the session

     *                for later use.
     */
    protected void bind(Subject subject) {
        // TODO consider refactoring to use Subject.Binder.
        // This implementation was copied from SessionSubjectBinder that was removed
        PrincipalCollection principals = subject.getPrincipals();
        if (principals != null && !principals.isEmpty()) {
            Session session = subject.getSession();
            bindPrincipalsToSession(principals, session);
        } else {
            Session session = subject.getSession(false);
            if (session != null) {

     * @since 1.0
     */
    @SuppressWarnings({"unchecked"})
    protected SubjectContext resolvePrincipals(SubjectContext context) {

        PrincipalCollection principals = context.resolvePrincipals();

        if (CollectionUtils.isEmpty(principals)) {
            log.trace("No identity (PrincipalCollection) found in the context.  Looking for a remembered identity.");

            principals = getRememberedIdentity(context);

            throw new IllegalArgumentException("Subject method argument cannot be null.");
        }

        beforeLogout(subject);

        PrincipalCollection principals = subject.getPrincipals();
        if (principals != null && !principals.isEmpty()) {
            if (log.isDebugEnabled()) {
                log.debug("Logging out subject with primary principal {}" + principals.getPrimaryPrincipal());
            }
            Authenticator authc = getAuthenticator();
            if (authc instanceof LogoutAware) {
                ((LogoutAware) authc).onLogout(principals);
            }