Package org.apache.shiro.realm

Class SimpleAccountRealm

  • All Implemented Interfaces:
    LogoutAware, Authorizer, PermissionResolverAware, RolePermissionResolverAware, org.apache.shiro.cache.CacheManagerAware, Realm, org.apache.shiro.util.Initializable, org.apache.shiro.util.Nameable
    Direct Known Subclasses:
    TextConfigurationRealm
    public class SimpleAccountRealm
extends AuthorizingRealm
    A simple implementation of the Realm interface that uses a set of configured user accounts and roles to support authentication and authorization. Each account entry specifies the username, password, and roles for a user. Roles can also be mapped to permissions and associated with users.

    User accounts and roles are stored in two Maps in memory, so it is expected that the total number of either is not sufficiently large.

    Since:
    0.1

    • Field Detail

      • USERS_LOCK

        protected final  USERS_LOCK

      • ROLES_LOCK

        protected final  ROLES_LOCK

    • Constructor Detail

      • SimpleAccountRealm

        public SimpleAccountRealm()

      • SimpleAccountRealm

        public SimpleAccountRealm​( name)

    • Method Detail

      • getUser

        protected  username)

      • accountExists

        public boolean accountExists​( username)

      • addAccount

        public void addAccount​( username,
                        password)

      • addAccount

        public void addAccount​( username,
                        password,
                       ... roles)

      • getUsername

        protected  getUsername​(SimpleAccount account)

      • getRole

        protected  rolename)

      • roleExists

        public boolean roleExists​( name)

      • addRole

        public void addRole​( name)

      • toSet

        protected static <> toSet​( delimited,
                                    delimiter)

      • doGetAuthenticationInfo

        protected AuthenticationInfo doGetAuthenticationInfo​(AuthenticationToken token)
                                              throws AuthenticationException
        Description copied from class: AuthenticatingRealm
        Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given authentication token.

        For most datasources, this means just 'pulling' authentication data for an associated subject/user and nothing more and letting Shiro do the rest. But in some systems, this method could actually perform EIS specific log-in logic in addition to just retrieving data - it is up to the Realm implementation.

        A null return value means that no account could be associated with the specified token.

        Specified by:
        doGetAuthenticationInfo in class AuthenticatingRealm
        Parameters:
        token - the authentication token containing the user's principal and credentials.
        Returns:
        an AuthenticationInfo object containing account data resulting from the authentication ONLY if the lookup is successful (i.e. account exists and is valid, etc.)
        Throws:
        AuthenticationException - if there is an error acquiring data or performing realm-specific authentication logic for the specified token