Package org.apache.shiro.realm
Class SimpleAccountRealm
-
- org.apache.shiro.realm.CachingRealm
-
- org.apache.shiro.realm.AuthenticatingRealm
-
- org.apache.shiro.realm.AuthorizingRealm
-
- org.apache.shiro.realm.SimpleAccountRealm
-
- All Implemented Interfaces:
LogoutAware
,Authorizer
,PermissionResolverAware
,RolePermissionResolverAware
,org.apache.shiro.cache.CacheManagerAware
,Realm
,org.apache.shiro.util.Initializable
,org.apache.shiro.util.Nameable
- Direct Known Subclasses:
TextConfigurationRealm
public class SimpleAccountRealm extends AuthorizingRealm
A simple implementation of theRealm
interface that uses a set of configured user accounts and roles to support authentication and authorization. Each account entry specifies the username, password, and roles for a user. Roles can also be mapped to permissions and associated with users. User accounts and roles are stored in twoMap
s in memory, so it is expected that the total number of either is not sufficiently large.- Since:
- 0.1
-
-
Field Summary
Fields Modifier and Type Field Description protected <,SimpleRole>
roles
protected
ROLES_LOCK
protected <,SimpleAccount>
users
protected
USERS_LOCK
-
Constructor Summary
Constructors Constructor Description SimpleAccountRealm()
name)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
username)
protected void
add(SimpleAccount account)
protected void
add(SimpleRole role)
void
username, password)
void
username, password, ... roles)
void
name)
protected AuthenticationInfo
doGetAuthenticationInfo(AuthenticationToken token)
Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given authentication token.protected AuthorizationInfo
doGetAuthorizationInfo(PrincipalCollection principals)
Retrieves the AuthorizationInfo for the given principals from the underlying data store.protected SimpleRole
rolename)
protected SimpleAccount
username)
protected
getUsername(SimpleAccount account)
protected
getUsername(PrincipalCollection principals)
boolean
name)
protected static <>
delimited, delimiter)
-
Methods inherited from class org.apache.shiro.realm.AuthorizingRealm
afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getPermissions, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, onInit, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolver
-
Methods inherited from class org.apache.shiro.realm.AuthenticatingRealm
assertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher, supports
-
Methods inherited from class org.apache.shiro.realm.CachingRealm
clearCache, getAvailablePrincipal, getCacheManager, getName, isCachingEnabled, onLogout, setCacheManager, setCachingEnabled
-
-
-
-
Field Detail
-
users
protected final <,SimpleAccount> users
-
roles
protected final <,SimpleRole> roles
-
USERS_LOCK
protected final USERS_LOCK
-
ROLES_LOCK
protected final ROLES_LOCK
-
-
Method Detail
-
getUser
protected username)
-
accountExists
public boolean accountExists( username)
-
addAccount
public void addAccount( username, password)
-
addAccount
public void addAccount( username, password, ... roles)
-
getUsername
protected getUsername(SimpleAccount account)
-
getUsername
protected getUsername(PrincipalCollection principals)
-
add
protected void add(SimpleAccount account)
-
getRole
protected rolename)
-
roleExists
public boolean roleExists( name)
-
addRole
public void addRole( name)
-
add
protected void add(SimpleRole role)
-
toSet
protected static <> toSet( delimited, delimiter)
-
doGetAuthenticationInfo
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException
Description copied from class:AuthenticatingRealm
Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given authentication token. For most datasources, this means just 'pulling' authentication data for an associated subject/user and nothing more and letting Shiro do the rest. But in some systems, this method could actually perform EIS specific log-in logic in addition to just retrieving data - it is up to the Realm implementation. Anull
return value means that no account could be associated with the specified token.- Specified by:
doGetAuthenticationInfo
in classAuthenticatingRealm
- Parameters:
token
- the authentication token containing the user's principal and credentials.- Returns:
- an
AuthenticationInfo
object containing account data resulting from the authentication ONLY if the lookup is successful (i.e. account exists and is valid, etc.) - Throws:
AuthenticationException
- if there is an error acquiring data or performing realm-specific authentication logic for the specified token
-
doGetAuthorizationInfo
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals)
Description copied from class:AuthorizingRealm
Retrieves the AuthorizationInfo for the given principals from the underlying data store. When returning an instance from this method, you might want to consider using an instance ofSimpleAuthorizationInfo
, as it is suitable in most cases.- Specified by:
doGetAuthorizationInfo
in classAuthorizingRealm
- Parameters:
principals
- the primary identifying principals of the AuthorizationInfo that should be retrieved.- Returns:
- the AuthorizationInfo associated with this principals.
- See Also:
SimpleAuthorizationInfo
-
-