protected SecurityManager createDefaultInstance() { return new DefaultSecurityManager(); }
/** * @param sessionManager * @since 1.2 */ private void setInternalSessionManager(SessionManager sessionManager) { super.setSessionManager(sessionManager); }
InMemoryRolePermissionResolver inMemoryRolePermissionResolver, OrderedAuthenticatingRealms orderedAuthenticatingRealms) { sm = new DefaultSecurityManager(orderedAuthenticatingRealms); final Authenticator authenticator = sm.getAuthenticator(); if (authenticator instanceof ModularRealmAuthenticator) { ((ModularRealmAuthenticator) authenticator).setAuthenticationStrategy(new FirstSuccessfulStrategy()); rootAccountRealm)); authorizer.setRolePermissionResolver(inMemoryRolePermissionResolver); sm.setAuthorizer(authorizer); sessionStorageEvaluator.setSessionStorageEnabled(false); subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator); sm.setSubjectDAO(subjectDAO); final DefaultSessionManager defaultSessionManager = (DefaultSessionManager) sm.getSessionManager(); defaultSessionManager.setSessionDAO(mongoDbSessionDAO); defaultSessionManager.setDeleteInvalidSessions(true);
@Override public RedisShiroManager get() { // Same Redis manager instance as the rest of the system final RedisShiroManager shiroRedisManager = new RedisShiroManager(eh107CacheManager, metricRegistry, redissonClient); if (securityManager instanceof DefaultSecurityManager) { // For RBAC only (see also KillbillJdbcTenantRealmProvider) final DefaultSecurityManager securityManager = (DefaultSecurityManager) this.securityManager; securityManager.setCacheManager(shiroRedisManager); securityManager.setSubjectDAO(subjectDAO); } return shiroRedisManager; } }
protected SessionsSecurityManager createSecurityManager() { DefaultSecurityManager securityManager = new DefaultSecurityManager(); securityManager.setSubjectDAO(subjectDAO()); securityManager.setSubjectFactory(subjectFactory()); RememberMeManager rememberMeManager = rememberMeManager(); if (rememberMeManager != null) { securityManager.setRememberMeManager(rememberMeManager); } return securityManager; }
beforeLogout(subject); log.debug("Logging out subject with primary principal {}", principals.getPrimaryPrincipal()); Authenticator authc = getAuthenticator(); if (authc instanceof LogoutAware) { ((LogoutAware) authc).onLogout(principals); delete(subject); } catch (Exception e) { if (log.isDebugEnabled()) { stopSession(subject); } catch (Exception e) { if (log.isDebugEnabled()) {
@Override protected SecurityManager createDefaultInstance() { final DefaultSecurityManager securityManager = new DefaultSecurityManager(); securityManager.setSessionManager(sessionManager); securityManager.setCacheManager(new CaffeineCacheManager(sessionCacheSpec)); return securityManager; } };
@Provides @Singleton SecurityManager provideSecurityManager( SessionManager sessionManager, RememberMeManager rememberMeManager, Realms realms, Set<AuthenticationListener> authListeners) { DefaultSecurityManager manager = new DefaultSecurityManager(realms.getRealms()); ((AbstractAuthenticator) manager.getAuthenticator()).setAuthenticationListeners(authListeners); manager.setSessionManager(sessionManager); manager.setRememberMeManager(rememberMeManager); return manager; }
MultiRealmAuthManager( EnterpriseUserManager userManager, Collection<Realm> realms, CacheManager cacheManager, SecurityLog securityLog, boolean logSuccessfulLogin, boolean propertyAuthorization, Map<String,List<String>> roleToPropertyBlacklist ) { this.userManager = userManager; this.realms = realms; this.cacheManager = cacheManager; securityManager = new DefaultSecurityManager( realms ); this.securityLog = securityLog; this.logSuccessfulLogin = logSuccessfulLogin; this.propertyAuthorization = propertyAuthorization; this.roleToPropertyBlacklist = roleToPropertyBlacklist; securityManager.setSubjectFactory( new ShiroSubjectFactory() ); ((ModularRealmAuthenticator) securityManager.getAuthenticator()) .setAuthenticationStrategy( new ShiroAuthenticationStrategy() ); securityManager.setSubjectDAO( createSubjectDAO() ); }
@Override protected SecurityManager createDefaultInstance() { final DefaultSessionManager sessionManager = new DefaultSessionManager(); // This session DAO is required to cache the session in a very short time, especially while // logging in to the Central Dogma server. After that, the general session manager provided // by Central Dogma server will be working for the session management. sessionManager.setSessionDAO(new LimitedMemorySessionDAO(sessionIdGenerator, 64, Duration.ofHours(1))); final DefaultSecurityManager securityManager = new DefaultSecurityManager(); securityManager.setSessionManager(sessionManager); return securityManager; } };
@Test public void testVMSingleton() { DefaultSecurityManager sm = new DefaultSecurityManager(); Ini ini = new Ini(); Ini.Section section = ini.addSection(IniRealm.USERS_SECTION_NAME); section.put("guest", "guest"); sm.setRealm(new IniRealm(ini)); SecurityUtils.setSecurityManager(sm); try { Subject subject = SecurityUtils.getSubject(); AuthenticationToken token = new UsernamePasswordToken("guest", "guest"); subject.login(token); subject.getSession().setAttribute("key", "value"); assertTrue(subject.getSession().getAttribute("key").equals("value")); subject = SecurityUtils.getSubject(); assertTrue(subject.isAuthenticated()); assertTrue(subject.getSession().getAttribute("key").equals("value")); } finally { sm.destroy(); //SHIRO-270: SecurityUtils.setSecurityManager(null); } } }
@Before public void setup() { sm = new DefaultSecurityManager(); Ini ini = new Ini(); Ini.Section section = ini.addSection(IniRealm.USERS_SECTION_NAME); section.put("guest", "guest, guest"); section.put("lonestarr", "vespa, goodguy"); sm.setRealm(new IniRealm(ini)); SecurityUtils.setSecurityManager(sm); }
@Bean(name = "securityManager") @DependsOn(value = {"cacheManager", "rememberMeManager", "mainRealm"}) public DefaultSecurityManager securityManager(Realm realm, RememberMeManager rememberMeManager, CacheManager cacheManager, SessionManager sessionManager) { DefaultSecurityManager sm = new DefaultWebSecurityManager(); sm.setRealm(realm); sm.setCacheManager(cacheManager); sm.setSessionManager(sessionManager); sm.setRememberMeManager(rememberMeManager); return sm; }
public SecurityManager get() { SecurityManager manager = null; try { manager = SecurityUtils.getSecurityManager(); } catch (UnavailableSecurityManagerException e1) { manager = new DefaultSecurityManager(); } boolean rememberMeSupported = config.get("rememberMe") != null ? true : false; if (rememberMeSupported && manager instanceof DefaultSecurityManager) { ((DefaultSecurityManager)manager).setRememberMeManager(new JuzuRememberMe()); } if (config.get("realms") != null) { try { injectRealms(config, manager, Request.getCurrent().getApplication().getInjectionContext()); } catch (InvocationTargetException e) { throw new RuntimeException(e); } } return manager; }
@Test public void testSessionStopThenStart() { String key = "testKey"; String value = "testValue"; DefaultSecurityManager sm = new DefaultSecurityManager(); DelegatingSubject subject = new DelegatingSubject(sm); Session session = subject.getSession(); session.setAttribute(key, value); assertTrue(session.getAttribute(key).equals(value)); Serializable firstSessionId = session.getId(); assertNotNull(firstSessionId); session.stop(); session = subject.getSession(); assertNotNull(session); assertNull(session.getAttribute(key)); Serializable secondSessionId = session.getId(); assertNotNull(secondSessionId); assertFalse(firstSessionId.equals(secondSessionId)); subject.logout(); sm.destroy(); }
beforeLogout(subject); log.debug("Logging out subject with primary principal {}" + principals.getPrimaryPrincipal()); Authenticator authc = getAuthenticator(); if (authc instanceof LogoutAware) { ((LogoutAware) authc).onLogout(principals); unbind(subject); } catch (Exception e) { if (log.isDebugEnabled()) { stopSession(subject); } catch (Exception e) { if (log.isDebugEnabled()) {
/** * Supporting constructor for a single-realm application. * * @param singleRealm the single realm used by this SecurityManager. */ public DefaultSecurityManager(Realm singleRealm) { this(); setRealm(singleRealm); }
@Test @RunAsClient public void test() throws Exception { driver.get(deploymentURL.toString()); assertTrue(manager instanceof MySecurityManager); assertTrue(manager.getRememberMeManager() instanceof MyRememberMe); assertEquals(1, manager.getRealms().size()); assertTrue(manager.getRealms().iterator().next() instanceof MyRealm); } }
/** * Creates a realm for a test method and puts it in the realMap. */ protected void createRealm(String testMethodName) { JdbcRealm realm = (JdbcRealm) securityManager.getRealms().iterator().next(); realmMap.put(testMethodName, realm); }
@Bean(name = "securityManager") @ConditionalOnMissingBean public DefaultSecurityManager securityManager(CacheManager shiroCacheManager) { DefaultSecurityManager sm = new DefaultWebSecurityManager(); sm.setCacheManager(shiroCacheManager); return sm; }