@Override protected SubjectContext copy(SubjectContext subjectContext) { if (subjectContext instanceof WebSubjectContext) { return new DefaultWebSubjectContext((WebSubjectContext) subjectContext); } return super.copy(subjectContext); }
SubjectContext context = copy(subjectContext);
SubjectContext context = copy(subjectContext);
/** * This implementation attempts to resolve any session ID that may exist in the context by * passing it to the {@link #resolveSession(SubjectContext)} method. The * return value from that call is then used to attempt to resolve the subject identity via the * {@link #resolvePrincipals(SubjectContext)} method. The return value from that call is then used to create * the {@code Subject} instance by calling * <code>{@link #getSubjectFactory() getSubjectFactory()}.{@link SubjectFactory#createSubject createSubject}(resolvedContext);</code> * * @param subjectContext any data needed to direct how the Subject should be constructed. * @return the {@code Subject} instance reflecting the specified initialization data. * @see SubjectFactory#createSubject * @since 1.0 */ public Subject createSubject(SubjectContext subjectContext) { //create a copy so we don't modify the argument's backing map: SubjectContext context = copy(subjectContext); //ensure that the context has a SecurityManager instance, and if not, add one: context = ensureSecurityManager(context); //Resolve an associated Session (usually based on a referenced session ID), and place it in the context before //sending to the SubjectFactory. The SubjectFactory should not need to know how to acquire sessions as the //process is often environment specific - better to shield the SF from these details: context = resolveSession(context); //Similarly, the SubjectFactory should not require any concept of RememberMe - translate that here first //if possible before handing off to the SubjectFactory: context = resolvePrincipals(context); return getSubjectFactory().createSubject(context); }