public static Collection<Realm> get(final ConfigSource configSource) { final SecurityConfig securityConfig = new ConfigurationObjectFactory(configSource).build(SecurityConfig.class); Collection<Realm> realms = null; try { final Factory<SecurityManager> factory = new IniSecurityManagerFactory(securityConfig.getShiroResourcePath()); // TODO Pierre hack - lame cast here, but we need to have Shiro go through its reflection magic // to parse the [main] section of the ini file. Without duplicating code, this seems to be possible only // by going through IniSecurityManagerFactory. final DefaultSecurityManager securityManager = (DefaultSecurityManager) factory.getInstance(); realms = securityManager.getRealms(); } catch (final ConfigurationException e) { log.warn("Unable to configure RBAC", e); } return realms != null ? realms : ImmutableSet.<Realm>of(new IniRealm(securityConfig.getShiroResourcePath())); // Mainly for testing }
public SecurityManagerProvider(String shiroConfig) { this.securityManager = null; IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:" + shiroConfig); // we will need to make sure that shiro uses a case sensitive permission resolver Ini.Section main = factory.getIni().addSection("main"); main.put("geodePermissionResolver", GeodePermissionResolver.class.getName()); if (!main.containsKey("iniRealm.permissionResolver")) { main.put("iniRealm.permissionResolver", "$geodePermissionResolver"); } shiroManager = factory.getInstance(); }
@SuppressWarnings({"unchecked"}) private SecurityManager createSecurityManager(Ini ini, Ini.Section mainSection) { getReflectionBuilder().setObjects(createDefaults(ini, mainSection)); Map<String, ?> objects = buildInstances(mainSection); SecurityManager securityManager = getSecurityManagerBean(); boolean autoApplyRealms = isAutoApplyRealms(securityManager); if (autoApplyRealms) { //realms and realm factory might have been created - pull them out first so we can //initialize the securityManager: Collection<Realm> realms = getRealms(objects); //set them on the SecurityManager if (!CollectionUtils.isEmpty(realms)) { applyRealmsToSecurityManager(realms, securityManager); } } return securityManager; }
protected Map<String, ?> createDefaults(Ini ini, Ini.Section mainSection) { Map<String, Object> defaults = new LinkedHashMap<String, Object>(); SecurityManager securityManager = createDefaultInstance(); defaults.put(SECURITY_MANAGER_NAME, securityManager); if (shouldImplicitlyCreateRealm(ini)) { Realm realm = createRealm(ini); if (realm != null) { defaults.put(INI_REALM_NAME, realm); } } // The values from 'getDefaults()' will override the above. Map<String, ?> defaultBeans = getDefaults(); if (!CollectionUtils.isEmpty(defaultBeans)) { defaults.putAll(defaultBeans); } return defaults; }
users.put("user2", "user2,role2"); users.put("user3", "user3,role3"); IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini); SecurityManager sm = factory.getInstance();
@Before public void setup() { ThreadContext.remove(); Ini config = new Ini(); config.setSectionProperty("main", "myRealm", "org.apache.shiro.realm.jdbc.JdbcRealm"); config.setSectionProperty("main", "myRealmCredentialsMatcher", "org.apache.shiro.authc.credential.Sha256CredentialsMatcher"); config.setSectionProperty("main", "myRealm.credentialsMatcher", "$myRealmCredentialsMatcher"); config.setSectionProperty("main", "securityManager.sessionManager.sessionValidationSchedulerEnabled", "false"); IniSecurityManagerFactory factory = new IniSecurityManagerFactory(config); securityManager = (DefaultSecurityManager) factory.createInstance(); SecurityUtils.setSecurityManager(securityManager); // Create a database and realm for the test createRealm(name.getMethodName()); }
@SuppressWarnings({"unchecked"}) private SecurityManager createSecurityManager(Ini ini, Ini.Section mainSection) { Map<String, ?> defaults = createDefaults(ini, mainSection); Map<String, ?> objects = buildInstances(mainSection, defaults); SecurityManager securityManager = getSecurityManagerBean(); boolean autoApplyRealms = isAutoApplyRealms(securityManager); if (autoApplyRealms) { //realms and realm factory might have been created - pull them out first so we can //initialize the securityManager: Collection<Realm> realms = getRealms(objects); //set them on the SecurityManager if (!CollectionUtils.isEmpty(realms)) { applyRealmsToSecurityManager(realms, securityManager); } } initRealms(securityManager); return securityManager; }
private Map<String, ?> createObjects(Ini ini) { IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini) { @Override protected SecurityManager createDefaultInstance() { return new DefaultActiveMqSecurityManager(); } @Override protected Realm createRealm(Ini ini) { IniRealm realm = (IniRealm)super.createRealm(ini); realm.setPermissionResolver(new ActiveMQPermissionResolver()); return realm; } }; factory.getInstance(); //trigger beans creation return factory.getBeans(); } }
protected Map<String, ?> createDefaults(Ini ini, Ini.Section mainSection) { Map<String, Object> defaults = new LinkedHashMap<String, Object>(); SecurityManager securityManager = createDefaultInstance(); defaults.put(SECURITY_MANAGER_NAME, securityManager); if (shouldImplicitlyCreateRealm(ini)) { Realm realm = createRealm(ini); if (realm != null) { defaults.put(INI_REALM_NAME, realm); } } return defaults; }
@SuppressWarnings({"unchecked"}) @Override protected Map<String, ?> createDefaults(Ini ini, Ini.Section mainSection) { Map defaults = super.createDefaults(ini, mainSection); //add the default filters: Map<String, Filter> defaultFilters = DefaultFilter.createInstanceMap(null); defaults.putAll(defaultFilters); return defaults; } }
private Collection<Realm> getRealms(Map<String, ?> instances) { //realms and realm factory might have been created - pull them out first so we can //initialize the securityManager: List<Realm> realms = new ArrayList<Realm>(); //iterate over the map entries to pull out the realm factory(s): for (Map.Entry<String, ?> entry : instances.entrySet()) { String name = entry.getKey(); Object value = entry.getValue(); if (value instanceof RealmFactory) { addToRealms(realms, (RealmFactory) value); } else if (value instanceof Realm) { Realm realm = (Realm) value; //set the name if null: String existingName = realm.getName(); if (existingName == null || existingName.startsWith(realm.getClass().getName())) { if (realm instanceof Nameable) { ((Nameable) realm).setName(name); log.debug("Applied name '{}' to Nameable realm instance {}", name, realm); } else { log.info("Realm does not implement the {} interface. Configured name will not be applied.", Nameable.class.getName()); } } realms.add(realm); } } return realms; }
@Override protected Realm createRealm(Ini ini) { IniRealm realm = (IniRealm)super.createRealm(ini); realm.setPermissionResolver(new ActiveMQPermissionResolver()); return realm; } };
@PostConstruct public void postConstruct() throws ConfigurationException, IOException { URL iniURL = getShiroIniURL(); if (iniURL != null) { Ini ini = new Ini(); ini.load(iniURL.openStream()); IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini); manager = factory.getInstance(); } }
protected Map<String, ?> createDefaults(Ini ini, Ini.Section mainSection) { Map<String, Object> defaults = new LinkedHashMap<String, Object>(); SecurityManager securityManager = createDefaultInstance(); defaults.put(SECURITY_MANAGER_NAME, securityManager); if (shouldImplicitlyCreateRealm(ini)) { Realm realm = createRealm(ini); if (realm != null) { defaults.put(INI_REALM_NAME, realm); } } // The values from 'getDefaults()' will override the above. Map<String, ?> defaultBeans = getDefaults(); if (!CollectionUtils.isEmpty(defaultBeans)) { defaults.putAll(defaultBeans); } return defaults; }
private Collection<Realm> getRealms(Map<String, ?> instances) { //realms and realm factory might have been created - pull them out first so we can //initialize the securityManager: List<Realm> realms = new ArrayList<Realm>(); //iterate over the map entries to pull out the realm factory(s): for (Map.Entry<String, ?> entry : instances.entrySet()) { String name = entry.getKey(); Object value = entry.getValue(); if (value instanceof RealmFactory) { addToRealms(realms, (RealmFactory) value); } else if (value instanceof Realm) { Realm realm = (Realm) value; //set the name if null: String existingName = realm.getName(); if (existingName == null || existingName.startsWith(realm.getClass().getName())) { if (realm instanceof Nameable) { ((Nameable) realm).setName(name); log.debug("Applied name '{}' to Nameable realm instance {}", name, realm); } else { log.info("Realm does not implement the {} interface. Configured name will not be applied.", Nameable.class.getName()); } } realms.add(realm); } } return realms; }
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini"); SecurityManager securityManager = factory.getInstance();
@Override public void initialize(HiggsServer server) { this.server = server; String path = ((HttpConfig) server.getConfig()).security_config_path; IniSecurityManagerFactory factory = new IniSecurityManagerFactory(path); securityManager = factory.getInstance(); if (securityManager instanceof DefaultSecurityManager) { HiggsSecurityManager.configure(server, (DefaultSecurityManager) securityManager); } Iterator<ResponseTransformer> providers = ServiceLoader.load(ResponseTransformer.class).iterator(); while (providers.hasNext()) { try { ResponseTransformer transformer = providers.next(); transformers.add(transformer); } catch (ServiceConfigurationError sce) { log.warn("Unable to register a transformer. Please ensure it implements the interface correctly" + " and has a public, no-arg constructor", sce); } } if (transformers.size() == 0) { log.warn("No response transformers registered, this means requests will not receive response entities"); } }
@SuppressWarnings({"unchecked"}) private SecurityManager createSecurityManager(Ini ini, Ini.Section mainSection) { getReflectionBuilder().setObjects(createDefaults(ini, mainSection)); Map<String, ?> objects = buildInstances(mainSection); SecurityManager securityManager = getSecurityManagerBean(); boolean autoApplyRealms = isAutoApplyRealms(securityManager); if (autoApplyRealms) { //realms and realm factory might have been created - pull them out first so we can //initialize the securityManager: Collection<Realm> realms = getRealms(objects); //set them on the SecurityManager if (!CollectionUtils.isEmpty(realms)) { applyRealmsToSecurityManager(realms, securityManager); } } return securityManager; }
private Collection<Realm> getRealms(Map<String, ?> instances) { //realms and realm factory might have been created - pull them out first so we can //initialize the securityManager: List<Realm> realms = new ArrayList<Realm>(); //iterate over the map entries to pull out the realm factory(s): for (Map.Entry<String, ?> entry : instances.entrySet()) { String name = entry.getKey(); Object value = entry.getValue(); if (value instanceof RealmFactory) { addToRealms(realms, (RealmFactory) value); } else if (value instanceof Realm) { Realm realm = (Realm) value; //set the name if null: String existingName = realm.getName(); if (existingName == null || existingName.startsWith(realm.getClass().getName())) { if (realm instanceof Nameable) { ((Nameable) realm).setName(name); log.debug("Applied name '{}' to Nameable realm instance {}", name, realm); } else { log.info("Realm does not implement the {} interface. Configured name will not be applied.", Nameable.class.getName()); } } realms.add(realm); } } return realms; }
@BeforeClass public static void beforeClass() { //0. Build and set the SecurityManager used to build Subject instances used in your tests // This typically only needs to be done once per class if your shiro.ini doesn't change, // otherwise, you'll need to do this logic in each test that is different Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:test.shiro.ini"); setSecurityManager(factory.getInstance()); }