Builder design pattern implementation for creating {@link Subject} instances in a simplified way withoutrequiring knowledge of Shiro's construction techniques.
NOTE: This is provided for framework development support only and should typically never be used by application developers. {@code Subject} instances should generally be acquired by using
SecurityUtils. {@link SecurityUtils#getSubject() getSubject()}
Usage
The simplest usage of this builder is to construct an anonymous, session-less {@code Subject} instance:
Subject subject = new Subject. {@link #Builder() Builder}(). {@link #buildSubject() buildSubject()};
The default, no-arg {@code Subject.Builder()} constructor shown above will use the application'scurrently accessible {@code SecurityManager} via
SecurityUtils. {@link SecurityUtils#getSecurityManager() getSecurityManager()}
. You may also specify the exact {@code SecurityManager} instance to be used by the additional
Subject. {@link #Builder(org.apache.shiro.mgt.SecurityManager) Builder(securityManager)}
constructor if desired.
All other methods may be called before the {@link #buildSubject() buildSubject()} method toprovide context on how to construct the {@code Subject} instance. For example, if you have a session id andwant to acquire the {@code Subject} that 'owns' that session (assuming the session exists and is not expired):
Subject subject = new Subject.Builder().sessionId(sessionId).buildSubject();
Similarly, if you want a {@code Subject} instance reflecting a certain identity:
PrincipalCollection principals = new SimplePrincipalCollection("username", yourRealmName); Subject subject = new Subject.Builder().principals(principals).build();
Note* that the returned {@code Subject} instance is
not automatically bound to the application (thread)for further use. That is, {@link org.apache.shiro.SecurityUtils SecurityUtils}. {@link org.apache.shiro.SecurityUtils#getSubject() getSubject()}will not automatically return the same instance as what is returned by the builder. It is up to the framework developer to bind the built {@code Subject} for continued use if desired.
@since 1.0