Examples of org.apache.shiro.subject.SimplePrincipalCollection

• org.apache.shiro.subject.SimplePrincipalCollection
  A simple implementation of the {@link MutablePrincipalCollection} interface that tracks principals internallyby storing them in a {@link LinkedHashMap}. @author Les Hazlewood @since 0.9

  }

  public void testAuthorization()
      throws Exception
  {
    assertTrue(security.isPermitted(new SimplePrincipalCollection("username", FakeRealm1.class.getName()),
        "test:perm"));

    assertTrue(security.isPermitted(new SimplePrincipalCollection("username", FakeRealm1.class.getName()),
        "other:perm"));

    assertTrue(security.isPermitted(new SimplePrincipalCollection("username", FakeRealm2.class.getName()),
        "other:perm"));

    assertTrue(security.isPermitted(new SimplePrincipalCollection("username", FakeRealm2.class.getName()),
        "test:perm"));
  }

  private final PrincipalCollection principalCollection;

  private FakeAlmightySubject(final String fakeUserId) {
    this.fakeUserId = checkNotNull(fakeUserId);
    this.principalCollection = new SimplePrincipalCollection(fakeUserId, getClass().getName());
  }

    String userId = upToken.getUsername();

    // username == password
    try {
      if (userId.endsWith(password) && userManager.getUser(userId) != null) {
        return new SimpleAuthenticationInfo(new SimplePrincipalCollection(token.getPrincipal(),
            this.getName()), userId);
      }
      else {
        throw new IncorrectCredentialsException("User [" + userId + "] bad credentials.");
      }

    simpleSession = new SimpleSession();
    sessionDAO.create(simpleSession);

    List<PrincipalCollection> principalCollectionList = new ArrayList<PrincipalCollection>();
    principalCollectionList.add(new SimplePrincipalCollection("other Principal", "some-realm"));

    simpleSession.setAttribute(DelegatingSubject.class.getName() + ".RUN_AS_PRINCIPALS_SESSION_KEY",
        principalCollectionList);

    DelegatingSession delegatingSession =
        new DelegatingSession(sessionManager, new DefaultSessionKey(simpleSession.getId()));

    // set the user

    subject = new DelegatingSubject(new SimplePrincipalCollection("anonymous", "realmName"), true, null,
        delegatingSession, securityManager);
    ThreadContext.bind(subject);
  }

  }

  @Test
  public void testNoSuchUserManager() {
    try {
      helper().findUserManager(new SimplePrincipalCollection("badUser", "badRealm"));

      Assert.fail("Expected NoSuchUserManagerException");
    }
    catch (final NoSuchUserManagerException e) {
      // expected...

  }

  @Test
  public void testUnknownUser() {
    try {
      helper().getUserStatus(new SimplePrincipalCollection("badUser", "badRealm"));

      Assert.fail("Expected UserNotFoundException");
    }
    catch (final UserNotFoundException e) {
      // expected...

  {
    buildTestAuthorizationConfig();

    // Fails because the configuration requirement in SecurityXmlRealm isn't initialized
    // thus NPE
    SimplePrincipalCollection principal = new SimplePrincipalCollection("username", realm.getName());

    Assert.assertTrue(realm.hasRole(principal, "role"));

    // Verify the permission
    Assert.assertTrue(realm.isPermitted(principal, new WildcardPermission("app:config:read")));

  public void testCaseSensitiveAuthorization()
      throws Exception
  {
    buildTestAuthorizationConfig("ABcd");

    SimplePrincipalCollection principal = new SimplePrincipalCollection("ABcd", realm.getName());

    Assert.assertTrue(realm.hasRole(principal, "role"));

    // Verify the permission
    Assert.assertTrue(realm.isPermitted(principal, new WildcardPermission("app:config:read")));
    // Verify other method not allowed
    Assert.assertFalse(realm.isPermitted(principal, new WildcardPermission("app:config:create")));
    Assert.assertFalse(realm.isPermitted(principal, new WildcardPermission("app:config:update")));
    Assert.assertFalse(realm.isPermitted(principal, new WildcardPermission("app:config:delete")));

    // Verify other permission not allowed
    Assert.assertFalse(realm.isPermitted(principal, new WildcardPermission("app:ui:read")));
    Assert.assertFalse(realm.isPermitted(principal, new WildcardPermission("app:ui:create")));
    Assert.assertFalse(realm.isPermitted(principal, new WildcardPermission("app:ui:update")));
    Assert.assertFalse(realm.isPermitted(principal, new WildcardPermission("app:ui:delete")));

    principal = new SimplePrincipalCollection("abcd", realm.getName());

    Assert.assertTrue(realm.hasRole(principal, "role"));

    // Verify the permission
    Assert.assertTrue(realm.isPermitted(principal, new WildcardPermission("app:config:read")));

    securitySystem.setRealms(realms);

    // jcohen has the role mockrole1, there is also xml role with the same ID, which means jcohen automaticly has
    // this xml role

    PrincipalCollection jcohen = new SimplePrincipalCollection("jcohen", MockRealm.NAME);

    try {
      securitySystem.checkPermission(jcohen, "permissionOne:invalid");
      Assert.fail("Expected AuthorizationException");
    }

  }

  @Test
  public void testAuthorization() {
    PublicKeyAuthenticatingRealm realm = new PublicKeyAuthenticatingRealm();
    Assert.assertFalse(realm.isPermitted(new SimplePrincipalCollection("user", realm.getName()),
        "some:permission"));
  }