org.apache.shiro.realm
Class SimpleAccountRealm
java.lang.Object
org.apache.shiro.realm.CachingRealm
org.apache.shiro.realm.AuthenticatingRealm
org.apache.shiro.realm.AuthorizingRealm
org.apache.shiro.realm.SimpleAccountRealm
- All Implemented Interfaces:
- LogoutAware, Authorizer, PermissionResolverAware, RolePermissionResolverAware, CacheManagerAware, Realm, Initializable, Nameable
- Direct Known Subclasses:
- TextConfigurationRealm
public class SimpleAccountRealm
- extends AuthorizingRealm
A simple implementation of the Realm
interface that
uses a set of configured user accounts and roles to support authentication and authorization. Each account entry
specifies the username, password, and roles for a user. Roles can also be mapped
to permissions and associated with users.
User accounts and roles are stored in two Map
s in memory, so it is expected that the total number of either
is not sufficiently large.
- Since:
- 0.1
Methods inherited from class org.apache.shiro.realm.AuthorizingRealm |
afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, onInit, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolver |
Methods inherited from class org.apache.shiro.realm.AuthenticatingRealm |
assertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher, supports |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
users
protected final Map<String,SimpleAccount> users
roles
protected final Map<String,SimpleRole> roles
SimpleAccountRealm
public SimpleAccountRealm()
SimpleAccountRealm
public SimpleAccountRealm(String name)
getUser
protected SimpleAccount getUser(String username)
accountExists
public boolean accountExists(String username)
addAccount
public void addAccount(String username,
String password)
addAccount
public void addAccount(String username,
String password,
String... roles)
getUsername
protected String getUsername(SimpleAccount account)
getUsername
protected String getUsername(PrincipalCollection principals)
add
protected void add(SimpleAccount account)
getRole
protected SimpleRole getRole(String rolename)
roleExists
public boolean roleExists(String name)
addRole
public void addRole(String name)
add
protected void add(SimpleRole role)
toSet
protected static Set<String> toSet(String delimited,
String delimiter)
doGetAuthenticationInfo
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException
- Description copied from class:
AuthenticatingRealm
- Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given
authentication token.
For most datasources, this means just 'pulling' authentication data for an associated subject/user and nothing
more and letting Shiro do the rest. But in some systems, this method could actually perform EIS specific
log-in logic in addition to just retrieving data - it is up to the Realm implementation.
A
null
return value means that no account could be associated with the specified token.
- Specified by:
doGetAuthenticationInfo
in class AuthenticatingRealm
- Parameters:
token
- the authentication token containing the user's principal and credentials.
- Returns:
- an
AuthenticationInfo
object containing account data resulting from the
authentication ONLY if the lookup is successful (i.e. account exists and is valid, etc.)
- Throws:
AuthenticationException
- if there is an error acquiring data or performing
realm-specific authentication logic for the specified token
doGetAuthorizationInfo
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals)
- Description copied from class:
AuthorizingRealm
- Retrieves the AuthorizationInfo for the given principals from the underlying data store. When returning
an instance from this method, you might want to consider using an instance of
SimpleAuthorizationInfo
, as it is suitable in most cases.
- Specified by:
doGetAuthorizationInfo
in class AuthorizingRealm
- Parameters:
principals
- the primary identifying principals of the AuthorizationInfo that should be retrieved.
- Returns:
- the AuthorizationInfo associated with this principals.
- See Also:
SimpleAuthorizationInfo
Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.