/** * Reacts to a failed login by immediately {@link #forgetIdentity(org.apache.shiro.subject.Subject) forgetting} any * previously remembered identity. This is an additional security feature to prevent any remenant identity data * from being retained in case the authentication attempt is not being executed by the expected user. * * @param subject the subject which executed the failed login attempt * @param token the authentication token resulting in a failed login attempt - ignored by this implementation * @param ae the exception thrown as a result of the failed login attempt - ignored by this implementation */ public void onFailedLogin(Subject subject, AuthenticationToken token, AuthenticationException ae) { forgetIdentity(subject); }
/** * Reacts to a subject logging out of the application and immediately * {@link #forgetIdentity(org.apache.shiro.subject.Subject) forgets} any previously stored identity and returns. * * @param subject the subject logging out. */ public void onLogout(Subject subject) { forgetIdentity(subject); } }
/** * Called when an exception is thrown while trying to retrieve principals. The default implementation logs a * warning message and forgets ('unremembers') the problem identity by calling * {@link #forgetIdentity(SubjectContext) forgetIdentity(context)} and then immediately re-throws the * exception to allow the calling component to react accordingly. * <p/> * This method implementation never returns an * object - it always rethrows, but can be overridden by subclasses for custom handling behavior. * <p/> * This most commonly would be called when an encryption key is updated and old principals are retrieved that have * been encrypted with the previous key. * * @param e the exception that was thrown. * @param context the contextual data, usually provided by a {@link Subject.Builder} implementation, that * is being used to construct a {@link Subject} instance. * @return nothing - the original {@code RuntimeException} is propagated in all cases. */ protected PrincipalCollection onRememberedPrincipalFailure(RuntimeException e, SubjectContext context) { if (log.isWarnEnabled()) { String message = "There was a failure while trying to retrieve remembered principals. This could be due to a " + "configuration problem or corrupted principals. This could also be due to a recently " + "changed encryption key, if you are using a shiro.ini file, this property would be " + "'securityManager.rememberMeManager.cipherKey' see: http://shiro.apache.org/web.html#Web-RememberMeServices. " + "The remembered identity will be forgotten and not used for this request."; log.warn(message); } forgetIdentity(context); //propagate - security manager implementation will handle and warn appropriately throw e; }
/** * Reacts to the successful login attempt by first always {@link #forgetIdentity(Subject) forgetting} any previously * stored identity. Then if the {@code token} * {@link #isRememberMe(org.apache.shiro.authc.AuthenticationToken) is a RememberMe} token, the associated identity * will be {@link #rememberIdentity(org.apache.shiro.subject.Subject, org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo) remembered} * for later retrieval during a new user session. * * @param subject the subject for which the principals are being remembered. * @param token the token that resulted in a successful authentication attempt. * @param info the authentication info resulting from the successful authentication attempt. */ public void onSuccessfulLogin(Subject subject, AuthenticationToken token, AuthenticationInfo info) { //always clear any previous identity: forgetIdentity(subject); //now save the new identity: if (isRememberMe(token)) { rememberIdentity(subject, token, info); } else { if (log.isDebugEnabled()) { log.debug("AuthenticationToken did not indicate RememberMe is requested. " + "RememberMe functionality will not be executed for corresponding account."); } } }
/** * Reacts to a failed login by immediately {@link #forgetIdentity(org.apache.shiro.subject.Subject) forgetting} any * previously remembered identity. This is an additional security feature to prevent any remenant identity data * from being retained in case the authentication attempt is not being executed by the expected user. * * @param subject the subject which executed the failed login attempt * @param token the authentication token resulting in a failed login attempt - ignored by this implementation * @param ae the exception thrown as a result of the failed login attempt - ignored by this implementation */ public void onFailedLogin(Subject subject, AuthenticationToken token, AuthenticationException ae) { forgetIdentity(subject); }
/** * Reacts to a subject logging out of the application and immediately * {@link #forgetIdentity(org.apache.shiro.subject.Subject) forgets} any previously stored identity and returns. * * @param subject the subject logging out. */ public void onLogout(Subject subject) { forgetIdentity(subject); } }
/** * Called when an exception is thrown while trying to retrieve principals. The default implementation logs a * warning message and forgets ('unremembers') the problem identity by calling * {@link #forgetIdentity(SubjectContext) forgetIdentity(context)} and then immediately re-throws the * exception to allow the calling component to react accordingly. * <p/> * This method implementation never returns an * object - it always rethrows, but can be overridden by subclasses for custom handling behavior. * <p/> * This most commonly would be called when an encryption key is updated and old principals are retrieved that have * been encrypted with the previous key. * * @param e the exception that was thrown. * @param context the contextual data, usually provided by a {@link Subject.Builder} implementation, that * is being used to construct a {@link Subject} instance. * @return nothing - the original {@code RuntimeException} is propagated in all cases. */ protected PrincipalCollection onRememberedPrincipalFailure(RuntimeException e, SubjectContext context) { if (log.isWarnEnabled()) { String message = "There was a failure while trying to retrieve remembered principals. This could be due to a " + "configuration problem or corrupted principals. This could also be due to a recently " + "changed encryption key, if you are using a shiro.ini file, this property would be " + "'securityManager.rememberMeManager.cipherKey' see: http://shiro.apache.org/web.html#Web-RememberMeServices. " + "The remembered identity will be forgotten and not used for this request."; log.warn(message); } forgetIdentity(context); //propagate - security manager implementation will handle and warn appropriately throw e; }
/** * Reacts to the successful login attempt by first always {@link #forgetIdentity(Subject) forgetting} any previously * stored identity. Then if the {@code token} * {@link #isRememberMe(org.apache.shiro.authc.AuthenticationToken) is a RememberMe} token, the associated identity * will be {@link #rememberIdentity(org.apache.shiro.subject.Subject, org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo) remembered} * for later retrieval during a new user session. * * @param subject the subject for which the principals are being remembered. * @param token the token that resulted in a successful authentication attempt. * @param info the authentication info resulting from the successful authentication attempt. */ public void onSuccessfulLogin(Subject subject, AuthenticationToken token, AuthenticationInfo info) { //always clear any previous identity: forgetIdentity(subject); //now save the new identity: if (isRememberMe(token)) { rememberIdentity(subject, token, info); } else { if (log.isDebugEnabled()) { log.debug("AuthenticationToken did not indicate RememberMe is requested. " + "RememberMe functionality will not be executed for corresponding account."); } } }
/** * Reacts to a subject logging out of the application and immediately * {@link #forgetIdentity(org.apache.shiro.subject.Subject) forgets} any previously stored identity and returns. * * @param subject the subject logging out. */ public void onLogout(Subject subject) { forgetIdentity(subject); } }
/** * Reacts to a failed login by immediately {@link #forgetIdentity(org.apache.shiro.subject.Subject) forgetting} any * previously remembered identity. This is an additional security feature to prevent any remenant identity data * from being retained in case the authentication attempt is not being executed by the expected user. * * @param subject the subject which executed the failed login attempt * @param token the authentication token resulting in a failed login attempt - ignored by this implementation * @param ae the exception thrown as a result of the failed login attempt - ignored by this implementation */ public void onFailedLogin(Subject subject, AuthenticationToken token, AuthenticationException ae) { forgetIdentity(subject); }
/** * Called when an exception is thrown while trying to retrieve principals. The default implementation logs a * debug message and forgets ('unremembers') the problem identity by calling * {@link #forgetIdentity(SubjectContext) forgetIdentity(context)} and then immediately re-throws the * exception to allow the calling component to react accordingly. * <p/> * This method implementation never returns an * object - it always rethrows, but can be overridden by subclasses for custom handling behavior. * <p/> * This most commonly would be called when an encryption key is updated and old principals are retrieved that have * been encrypted with the previous key. * * @param e the exception that was thrown. * @param context the contextual data, usually provided by a {@link Subject.Builder} implementation, that * is being used to construct a {@link Subject} instance. * @return nothing - the original {@code RuntimeException} is propagated in all cases. */ protected PrincipalCollection onRememberedPrincipalFailure(RuntimeException e, SubjectContext context) { if (log.isDebugEnabled()) { log.debug("There was a failure while trying to retrieve remembered principals. This could be due to a " + "configuration problem or corrupted principals. This could also be due to a recently " + "changed encryption key. The remembered identity will be forgotten and not used for this " + "request.", e); } forgetIdentity(context); //propagate - security manager implementation will handle and warn appropriately throw e; }
/** * Reacts to the successful login attempt by first always {@link #forgetIdentity(Subject) forgetting} any previously * stored identity. Then if the {@code token} * {@link #isRememberMe(org.apache.shiro.authc.AuthenticationToken) is a RememberMe} token, the associated identity * will be {@link #rememberIdentity(org.apache.shiro.subject.Subject, org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo) remembered} * for later retrieval during a new user session. * * @param subject the subject for which the principals are being remembered. * @param token the token that resulted in a successful authentication attempt. * @param info the authentication info resulting from the successful authentication attempt. */ public void onSuccessfulLogin(Subject subject, AuthenticationToken token, AuthenticationInfo info) { //always clear any previous identity: forgetIdentity(subject); //now save the new identity: if (isRememberMe(token)) { rememberIdentity(subject, token, info); } else { if (log.isDebugEnabled()) { log.debug("AuthenticationToken did not indicate RememberMe is requested. " + "RememberMe functionality will not be executed for corresponding account."); } } }