/** * Creates a new {@code SubjectThreadState} that will bind and unbind the specified {@code Subject} to the * thread * * @param subject the {@code Subject} instance to bind and unbind from the {@link ThreadContext}. */ public SubjectThreadState(Subject subject) { if (subject == null) { throw new IllegalArgumentException("Subject argument cannot be null."); } this.subject = subject; SecurityManager securityManager = null; if ( subject instanceof DelegatingSubject) { securityManager = ((DelegatingSubject)subject).getSecurityManager(); } if ( securityManager == null) { securityManager = ThreadContext.getSecurityManager(); } this.securityManager = securityManager; }
/** * Returns the SecurityManager accessible to the calling code. * <p/> * This implementation favors acquiring a thread-bound {@code SecurityManager} if it can find one. If one is * not available to the executing thread, it will attempt to use the static singleton if available (see the * {@link #setSecurityManager setSecurityManager} method for more on the static singleton). * <p/> * If neither the thread-local or static singleton instances are available, this method throws an * {@code UnavailableSecurityManagerException} to indicate an error - a SecurityManager should always be accessible * to calling code in an application. If it is not, it is likely due to a Shiro configuration problem. * * @return the SecurityManager accessible to the calling code. * @throws UnavailableSecurityManagerException * if there is no {@code SecurityManager} instance available to the * calling code, which typically indicates an invalid application configuration. */ public static SecurityManager getSecurityManager() throws UnavailableSecurityManagerException { SecurityManager securityManager = ThreadContext.getSecurityManager(); if (securityManager == null) { securityManager = SecurityUtils.securityManager; } if (securityManager == null) { String msg = "No SecurityManager accessible to the calling code, either bound to the " + ThreadContext.class.getName() + " or as a vm static singleton. This is an invalid application " + "configuration."; throw new UnavailableSecurityManagerException(msg); } return securityManager; } }
protected Subject createAndBindTestSubject() { SecurityManager sm = ThreadContext.getSecurityManager(); if (sm == null) { createAndBindTestSecurityManager(); } return SecurityUtils.getSubject(); }
/** * Binds a {@link Subject} and {@link org.apache.shiro.mgt.SecurityManager SecurityManager} to the * {@link ThreadContext} so they can be retrieved later by any * {@code SecurityUtils.}{@link org.apache.shiro.SecurityUtils#getSubject() getSubject()} calls that might occur * during the thread's execution. * <p/> * Prior to binding, the {@code ThreadContext}'s existing {@link ThreadContext#getResources() resources} are * retained so they can be restored later via the {@link #restore restore} call. */ public void bind() { SecurityManager securityManager = this.securityManager; if ( securityManager == null ) { //try just in case the constructor didn't find one at the time: securityManager = ThreadContext.getSecurityManager(); } this.originalResources = ThreadContext.getResources(); ThreadContext.remove(); ThreadContext.bind(this.subject); if (securityManager != null) { ThreadContext.bind(securityManager); } }
@Test public void testExecuteRunnable() { String username = "jsmith"; SecurityManager securityManager = createNiceMock(SecurityManager.class); PrincipalCollection identity = new SimplePrincipalCollection(username, "testRealm"); final Subject sourceSubject = new DelegatingSubject(identity, true, null, null, securityManager); assertNull(ThreadContext.getSubject()); assertNull(ThreadContext.getSecurityManager()); Runnable runnable = new Runnable() { public void run() { Subject callingSubject = SecurityUtils.getSubject(); assertNotNull(callingSubject); assertNotNull(SecurityUtils.getSecurityManager()); assertEquals(callingSubject, sourceSubject); } }; sourceSubject.execute(runnable); assertNull(ThreadContext.getSubject()); assertNull(ThreadContext.getSecurityManager()); }
@Test public void testExecuteCallable() { String username = "jsmith"; SecurityManager securityManager = createNiceMock(SecurityManager.class); PrincipalCollection identity = new SimplePrincipalCollection(username, "testRealm"); final Subject sourceSubject = new DelegatingSubject(identity, true, null, null, securityManager); assertNull(ThreadContext.getSubject()); assertNull(ThreadContext.getSecurityManager()); Callable<String> callable = new Callable<String>() { public String call() throws Exception { Subject callingSubject = SecurityUtils.getSubject(); assertNotNull(callingSubject); assertNotNull(SecurityUtils.getSecurityManager()); assertEquals(callingSubject, sourceSubject); return "Hello " + callingSubject.getPrincipal(); } }; String response = sourceSubject.execute(callable); assertNotNull(response); assertEquals("Hello " + username, response); assertNull(ThreadContext.getSubject()); assertNull(ThreadContext.getSecurityManager()); }
/** * Creates a new {@code SubjectThreadState} that will bind and unbind the specified {@code Subject} to the * thread * * @param subject the {@code Subject} instance to bind and unbind from the {@link ThreadContext}. */ public SubjectThreadState(Subject subject) { if (subject == null) { throw new IllegalArgumentException("Subject argument cannot be null."); } this.subject = subject; SecurityManager securityManager = null; if ( subject instanceof DelegatingSubject) { securityManager = ((DelegatingSubject)subject).getSecurityManager(); } if ( securityManager == null) { securityManager = ThreadContext.getSecurityManager(); } this.securityManager = securityManager; }
/** * Returns the SecurityManager accessible to the calling code. * <p/> * This implementation favors acquiring a thread-bound {@code SecurityManager} if it can find one. If one is * not available to the executing thread, it will attempt to use the static singleton if available (see the * {@link #setSecurityManager setSecurityManager} method for more on the static singleton). * <p/> * If neither the thread-local or static singleton instances are available, this method throws an * {@code UnavailableSecurityManagerException} to indicate an error - a SecurityManager should always be accessible * to calling code in an application. If it is not, it is likely due to a Shiro configuration problem. * * @return the SecurityManager accessible to the calling code. * @throws UnavailableSecurityManagerException * if there is no {@code SecurityManager} instance available to the * calling code, which typically indicates an invalid application configuration. */ public static SecurityManager getSecurityManager() throws UnavailableSecurityManagerException { SecurityManager securityManager = ThreadContext.getSecurityManager(); if (securityManager == null) { securityManager = SecurityUtils.securityManager; } if (securityManager == null) { String msg = "No SecurityManager accessible to the calling code, either bound to the " + ThreadContext.class.getName() + " or as a vm static singleton. This is an invalid application " + "configuration."; throw new UnavailableSecurityManagerException(msg); } return securityManager; } }
/** * Binds a {@link Subject} and {@link org.apache.shiro.mgt.SecurityManager SecurityManager} to the * {@link ThreadContext} so they can be retrieved later by any * {@code SecurityUtils.}{@link org.apache.shiro.SecurityUtils#getSubject() getSubject()} calls that might occur * during the thread's execution. * <p/> * Prior to binding, the {@code ThreadContext}'s existing {@link ThreadContext#getResources() resources} are * retained so they can be restored later via the {@link #restore restore} call. */ public void bind() { SecurityManager securityManager = this.securityManager; if ( securityManager == null ) { //try just in case the constructor didn't find one at the time: securityManager = ThreadContext.getSecurityManager(); } this.originalResources = ThreadContext.getResources(); ThreadContext.remove(); ThreadContext.bind(this.subject); if (securityManager != null) { ThreadContext.bind(securityManager); } }
/** * Creates a new {@code SubjectThreadState} that will bind and unbind the specified {@code Subject} to the * thread * * @param subject the {@code Subject} instance to bind and unbind from the {@link ThreadContext}. */ public SubjectThreadState(Subject subject) { if (subject == null) { throw new IllegalArgumentException("Subject argument cannot be null."); } this.subject = subject; SecurityManager securityManager = null; if ( subject instanceof DelegatingSubject) { securityManager = ((DelegatingSubject)subject).getSecurityManager(); } if ( securityManager == null) { securityManager = ThreadContext.getSecurityManager(); } this.securityManager = securityManager; }
/** * Returns the SecurityManager accessible to the calling code. * <p/> * This implementation favors acquiring a thread-bound {@code SecurityManager} if it can find one. If one is * not available to the executing thread, it will attempt to use the static singleton if available (see the * {@link #setSecurityManager setSecurityManager} method for more on the static singleton). * <p/> * If neither the thread-local or static singleton instances are available, this method throws an * {@code UnavailableSecurityManagerException} to indicate an error - a SecurityManager should always be accessible * to calling code in an application. If it is not, it is likely due to a Shiro configuration problem. * * @return the SecurityManager accessible to the calling code. * @throws UnavailableSecurityManagerException * if there is no {@code SecurityManager} instance available to the * calling code, which typically indicates an invalid application configuration. */ public static SecurityManager getSecurityManager() throws UnavailableSecurityManagerException { SecurityManager securityManager = ThreadContext.getSecurityManager(); if (securityManager == null) { securityManager = SecurityUtils.securityManager; } if (securityManager == null) { String msg = "No SecurityManager accessible to the calling code, either bound to the " + ThreadContext.class.getName() + " or as a vm static singleton. This is an invalid application " + "configuration."; throw new UnavailableSecurityManagerException(msg); } return securityManager; } }
/** * Binds a {@link Subject} and {@link org.apache.shiro.mgt.SecurityManager SecurityManager} to the * {@link ThreadContext} so they can be retrieved later by any * {@code SecurityUtils.}{@link org.apache.shiro.SecurityUtils#getSubject() getSubject()} calls that might occur * during the thread's execution. * <p/> * Prior to binding, the {@code ThreadContext}'s existing {@link ThreadContext#getResources() resources} are * retained so they can be restored later via the {@link #restore restore} call. */ public void bind() { SecurityManager securityManager = this.securityManager; if ( securityManager == null ) { //try just in case the constructor didn't find one at the time: securityManager = ThreadContext.getSecurityManager(); } this.originalResources = ThreadContext.getResources(); ThreadContext.remove(); ThreadContext.bind(this.subject); if (securityManager != null) { ThreadContext.bind(securityManager); } }
if (action == constraint.action()) final SecurityManager sm = ThreadContext.getSecurityManager(); final Subject subject = SecurityUtils.getSubject(); switch (constraint.constraint())