/** * Creates and returns a new {@code Subject} instance reflecting the cumulative state acquired by the * other methods in this class. * <p/> * This {@code Builder} instance will still retain the underlying state after this method is called - it * will not clear it; repeated calls to this method will return multiple {@link Subject} instances, all * reflecting the exact same state. If a new (different) {@code Subject} is to be constructed, a new * {@code Builder} instance must be created. * <p/> * <b>Note</b> that the returned {@code Subject} instance is <b>not</b> automatically bound to the application * (thread) for further use. That is, * {@link org.apache.shiro.SecurityUtils SecurityUtils}.{@link org.apache.shiro.SecurityUtils#getSubject() getSubject()} * will not automatically return the same instance as what is returned by the builder. It is up to the * framework developer to bind the returned {@code Subject} for continued use if desired. * * @return a new {@code Subject} instance reflecting the cumulative state acquired by the * other methods in this class. */ public Subject buildSubject() { return this.securityManager.createSubject(this.subjectContext); } }
@Before public void before() throws Exception { this.mockSecurityManager = mock(SecurityManager.class); this.shiroManager = mock(org.apache.shiro.mgt.SecurityManager.class); this.provider = mock(SecurityManagerProvider.class); this.mockSubject = mock(Subject.class); when(provider.getShiroSecurityManager()).thenReturn(shiroManager); when(provider.getSecurityManager()).thenReturn(mockSecurityManager); when(shiroManager.createSubject(any(SubjectContext.class))).thenReturn(mockSubject); when(mockSubject.getPrincipal()).thenReturn("principal"); when(mockSubject.getSession()).thenReturn(mock(Session.class)); this.securityService = new IntegratedSecurityService(provider, null); }
/** * Creates and returns a new {@code Subject} instance reflecting the cumulative state acquired by the * other methods in this class. * <p/> * This {@code Builder} instance will still retain the underlying state after this method is called - it * will not clear it; repeated calls to this method will return multiple {@link Subject} instances, all * reflecting the exact same state. If a new (different) {@code Subject} is to be constructed, a new * {@code Builder} instance must be created. * <p/> * <b>Note</b> that the returned {@code Subject} instance is <b>not</b> automatically bound to the application * (thread) for further use. That is, * {@link org.apache.shiro.SecurityUtils SecurityUtils}.{@link org.apache.shiro.SecurityUtils#getSubject() getSubject()} * will not automatically return the same instance as what is returned by the builder. It is up to the * framework developer to bind the returned {@code Subject} for continued use if desired. * * @return a new {@code Subject} instance reflecting the cumulative state acquired by the * other methods in this class. */ public Subject buildSubject() { return this.securityManager.createSubject(this.subjectContext); } }
@Override public Subject createSubject(SubjectContext context) { return delegate.createSubject(context); }
/** * Creates and returns a new {@code Subject} instance reflecting the cumulative state acquired by the * other methods in this class. * <p/> * This {@code Builder} instance will still retain the underlying state after this method is called - it * will not clear it; repeated calls to this method will return multiple {@link Subject} instances, all * reflecting the exact same state. If a new (different) {@code Subject} is to be constructed, a new * {@code Builder} instance must be created. * <p/> * <b>Note</b> that the returned {@code Subject} instance is <b>not</b> automatically bound to the application * (thread) for further use. That is, * {@link org.apache.shiro.SecurityUtils SecurityUtils}.{@link org.apache.shiro.SecurityUtils#getSubject() getSubject()} * will not automatically return the same instance as what is returned by the builder. It is up to the * framework developer to bind the returned {@code Subject} for continued use if desired. * * @return a new {@code Subject} instance reflecting the cumulative state acquired by the * other methods in this class. */ public Subject buildSubject() { return this.securityManager.createSubject(this.subjectContext); } }
private <T> T runAs(PrincipalCollection principals, Callable<T> c) throws Exception { SecurityManager securityManager = injector.getInstance(SecurityManager.class); ThreadContext.bind(securityManager); SubjectContext ctx = new DefaultSubjectContext(); ctx.setAuthenticated(true); ctx.setPrincipals(principals); try { Subject subject = securityManager.createSubject(ctx); ThreadContext.bind(subject); return c.call(); } finally { ThreadContext.unbindSubject(); } } }
subject = config.getSecurityManager().createSubject(subjectCtx);