Examples of org.apache.shiro.subject.Subject

• org.apache.shiro.subject.Subject
  A {@code Subject} represents state and security operations for a single application user.These operations include authentication (login/logout), authorization (access control), and session access. It is Shiro's primary mechanism for single-user security functionality.

  Acquiring a Subject

  To acquire the currently-executing {@code Subject}, application developers will almost always use {@code SecurityUtils}:

   {@link SecurityUtils SecurityUtils}. {@link org.apache.shiro.SecurityUtils#getSubject() getSubject()}

  Almost all security operations should be performed with the {@code Subject} returned from this method.

  Permission methods

  Note that there are many *Permission methods in this interface overloaded to accept String arguments instead of {@link Permission Permission} instances. They are a convenience allowing the caller to use a String representation ofa {@link Permission Permission} if desired. The underlying Authorization subsystem implementations will usuallysimply convert these String values to {@link Permission Permission} instances and then just call the correspondingtype-safe method. (Shiro's default implementations do String-to-Permission conversion for these methods using {@link org.apache.shiro.authz.permission.PermissionResolver PermissionResolver}s.)

  These overloaded *Permission methods forgo type-saftey for the benefit of convenience and simplicity, so you should choose which ones to use based on your preferences and needs. @since 0.1

        //Similarly, the SubjectFactory should not require any concept of RememberMe - translate that here first
        //if possible before handing off to the SubjectFactory:
        context = resolvePrincipals(context);

        Subject subject = doCreateSubject(context);

        //save this subject for future reference if necessary:
        //(this is needed here in case rememberMe principals were resolved and they need to be stored in the
        //session, so we don't constantly rehydrate the rememberMe PrincipalCollection on every operation).
        //Added in 1.2:

    @Override
    protected boolean showTagBody(String commaDelimitedRoleNames) {
        boolean hasAnyRole = false;

        Subject subject = getSubject();

        if (subject != null) {
            // Iterate through roles and check to see if the user has one of the roles
            String[] roleNames = StringUtils.split(commaDelimitedRoleNames);
            for (String roleName : roleNames) {
                if (subject.hasRole(roleName)) {
                    hasAnyRole = true;
                    break;
                }
            }
        }

   @Override
   protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
   {

      Subject subject = SecurityUtils.getSubject();
      subject.logout();

      if (!subject.isAuthenticated()) {
         response.getOutputStream().print("SUCCESS");
      }
      else {
         response.getOutputStream().print("FAILED");
      }

      String user = request.getParameter("user");
      if (user == null || user.trim().length() == 0) {
         throw new IllegalArgumentException("Missing 'user' parameter!");
      }

      Subject subject = SecurityUtils.getSubject();
      subject.login(new UsernamePasswordToken(user, "secret"));

      if (subject.isAuthenticated()) {
         response.getOutputStream().print("SUCCESS");
      }
      else {
         response.getOutputStream().print("FAILED");
      }

        if(securityManager == null) {
            return null;
        }
        final AuthenticationToken token = asAuthenticationToken(request);

        Subject currentUser = SecurityUtils.getSubject();
        if(currentUser.isAuthenticated()) {
            // TODO: verify the code passed in that this session is still alive?

            // TODO: perhaps we should cache Isis' AuthenticationSession inside the Shiro Session, and
            // just retrieve it?

            // for now, just log them out.
            currentUser.logout();
        }
        try {
            currentUser.login(token);
        } catch ( UnknownAccountException uae ) {
            LOG.debug("Unable to authenticate", uae);
            return null;
        } catch ( IncorrectCredentialsException ice ) {
            LOG.debug("Unable to authenticate", ice);

            return false;
        }

        String permission = asPermissionsString(identifier) + ":" + qualifier;

        Subject subject = SecurityUtils.getSubject();

        try {
            return subject.isPermitted(permission);
        } finally {
            IsisPermission.resetVetoedPermissions();
        }
    }

                ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
                ShiroSecurityToken securityToken = (ShiroSecurityToken)objectInputStream.readObject();
                objectInputStream.close();
                byteArrayInputStream.close();

                Subject currentUser = SecurityUtils.getSubject();

                // Authenticate user if not authenticated
                try {
                    authenticateUser(currentUser, securityToken);

                    // Test whether user's role is authorized to perform functions in the permissions list
                    authorizeUser(currentUser, exchange);
                } finally {
                    if (alwaysReauthenticate) {
                        currentUser.logout();
                        currentUser = null;
                    }
                }

            }

        // init auth* framework
        auth.initBaseRealm();
        if (auth.isInited()) {
            PrincipalCollection principals = new SimplePrincipalCollection("system", "it.freedomotic.security");
            Subject SysSubject = new Subject.Builder().principals(principals).buildSubject();
            SysSubject.getSession().setTimeout(-1);
            ThreadState threadState = new SubjectThreadState(SysSubject);
            threadState.bind();
            LOG.info("Booting as user:" + auth.getSubject().getPrincipal() +". Session will last:"+auth.getSubject().getSession().getTimeout());
        }

        expect(mockRequest.getCookies()).andReturn(null);
        expect(mockRequest.getContextPath()).andReturn("/");

        replay(mockRequest);

        Subject subject = newSubject(mockRequest, mockResponse);

        assertFalse(subject.isAuthenticated());

        subject.login(new UsernamePasswordToken("lonestarr", "vespa"));

        assertTrue(subject.isAuthenticated());
        assertNotNull(subject.getPrincipal());
        assertTrue(subject.getPrincipal().equals("lonestarr"));
    }

        expect(mockRequest.getCookies()).andReturn(null);
        expect(mockRequest.getContextPath()).andReturn("/");

        replay(mockRequest);

        Subject subject = newSubject(mockRequest, mockResponse);

        Session session = subject.getSession();
        assertEquals(session.getTimeout(), globalTimeout);
        session.setTimeout(125);
        assertEquals(session.getTimeout(), 125);
        sleep(200);
        try {