org.apache.shiro.realm
Class SimpleAccountRealm

java.lang.Object
  extended by org.apache.shiro.realm.CachingRealm
      extended by org.apache.shiro.realm.AuthenticatingRealm
          extended by org.apache.shiro.realm.AuthorizingRealm
              extended by org.apache.shiro.realm.SimpleAccountRealm
All Implemented Interfaces:
LogoutAware, Authorizer, PermissionResolverAware, RolePermissionResolverAware, CacheManagerAware, Realm, Initializable, Nameable
Direct Known Subclasses:
TextConfigurationRealm

public class SimpleAccountRealm
extends AuthorizingRealm

A simple implementation of the Realm interface that uses a set of configured user accounts and roles to support authentication and authorization. Each account entry specifies the username, password, and roles for a user. Roles can also be mapped to permissions and associated with users.

User accounts and roles are stored in two Maps in memory, so it is expected that the total number of either is not sufficiently large.

Since:
0.1

Field Summary
protected  Map<String,SimpleRole> roles
           
protected  ReadWriteLock ROLES_LOCK
           
protected  Map<String,SimpleAccount> users
           
protected  ReadWriteLock USERS_LOCK
           
 
Constructor Summary
SimpleAccountRealm()
           
SimpleAccountRealm(String name)
           
 
Method Summary
 boolean accountExists(String username)
           
protected  void add(SimpleAccount account)
           
protected  void add(SimpleRole role)
           
 void addAccount(String username, String password)
           
 void addAccount(String username, String password, String... roles)
           
 void addRole(String name)
           
protected  AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
          Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given authentication token.
protected  AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals)
          Retrieves the AuthorizationInfo for the given principals from the underlying data store.
protected  SimpleRole getRole(String rolename)
           
protected  SimpleAccount getUser(String username)
           
protected  String getUsername(PrincipalCollection principals)
           
protected  String getUsername(SimpleAccount account)
           
 boolean roleExists(String name)
           
protected static Set<String> toSet(String delimited, String delimiter)
           
 
Methods inherited from class org.apache.shiro.realm.AuthorizingRealm
afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, onInit, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolver
 
Methods inherited from class org.apache.shiro.realm.AuthenticatingRealm
assertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher, supports
 
Methods inherited from class org.apache.shiro.realm.CachingRealm
clearCache, getAvailablePrincipal, getCacheManager, getName, isCachingEnabled, onLogout, setCacheManager, setCachingEnabled
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.shiro.util.Initializable
init
 

Field Detail

users

protected final Map<String,SimpleAccount> users

roles

protected final Map<String,SimpleRole> roles

USERS_LOCK

protected final ReadWriteLock USERS_LOCK

ROLES_LOCK

protected final ReadWriteLock ROLES_LOCK
Constructor Detail

SimpleAccountRealm

public SimpleAccountRealm()

SimpleAccountRealm

public SimpleAccountRealm(String name)
Method Detail

getUser

protected SimpleAccount getUser(String username)

accountExists

public boolean accountExists(String username)

addAccount

public void addAccount(String username,
                       String password)

addAccount

public void addAccount(String username,
                       String password,
                       String... roles)

getUsername

protected String getUsername(SimpleAccount account)

getUsername

protected String getUsername(PrincipalCollection principals)

add

protected void add(SimpleAccount account)

getRole

protected SimpleRole getRole(String rolename)

roleExists

public boolean roleExists(String name)

addRole

public void addRole(String name)

add

protected void add(SimpleRole role)

toSet

protected static Set<String> toSet(String delimited,
                                   String delimiter)

doGetAuthenticationInfo

protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
                                              throws AuthenticationException
Description copied from class: AuthenticatingRealm
Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given authentication token.

For most datasources, this means just 'pulling' authentication data for an associated subject/user and nothing more and letting Shiro do the rest. But in some systems, this method could actually perform EIS specific log-in logic in addition to just retrieving data - it is up to the Realm implementation.

A null return value means that no account could be associated with the specified token.

Specified by:
doGetAuthenticationInfo in class AuthenticatingRealm
Parameters:
token - the authentication token containing the user's principal and credentials.
Returns:
an AuthenticationInfo object containing account data resulting from the authentication ONLY if the lookup is successful (i.e. account exists and is valid, etc.)
Throws:
AuthenticationException - if there is an error acquiring data or performing realm-specific authentication logic for the specified token

doGetAuthorizationInfo

protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals)
Description copied from class: AuthorizingRealm
Retrieves the AuthorizationInfo for the given principals from the underlying data store. When returning an instance from this method, you might want to consider using an instance of SimpleAuthorizationInfo, as it is suitable in most cases.

Specified by:
doGetAuthorizationInfo in class AuthorizingRealm
Parameters:
principals - the primary identifying principals of the AuthorizationInfo that should be retrieved.
Returns:
the AuthorizationInfo associated with this principals.
See Also:
SimpleAuthorizationInfo


Copyright © 2004-2014 The Apache Software Foundation. All Rights Reserved.