001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied.  See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019package org.apache.shiro;
020
021import org.apache.shiro.mgt.SecurityManager;
022import org.apache.shiro.subject.Subject;
023import org.apache.shiro.util.ThreadContext;
024
025
026/**
027 * Accesses the currently accessible {@code Subject} for the calling code depending on runtime environment.
028 *
029 * @since 0.2
030 */
031public abstract class SecurityUtils {
032
033    /**
034     * ONLY used as a 'backup' in VM Singleton environments (that is, standalone environments), since the
035     * ThreadContext should always be the primary source for Subject instances when possible.
036     */
037    private static SecurityManager securityManager;
038
039    /**
040     * Returns the currently accessible {@code Subject} available to the calling code depending on
041     * runtime environment.
042     * <p/>
043     * This method is provided as a way of obtaining a {@code Subject} without having to resort to
044     * implementation-specific methods.  It also allows the Shiro team to change the underlying implementation of
045     * this method in the future depending on requirements/updates without affecting your code that uses it.
046     *
047     * @return the currently accessible {@code Subject} accessible to the calling code.
048     * @throws IllegalStateException if no {@link Subject Subject} instance or
049     *                               {@link SecurityManager SecurityManager} instance is available with which to obtain
050     *                               a {@code Subject}, which which is considered an invalid application configuration
051     *                               - a Subject should <em>always</em> be available to the caller.
052     */
053    public static Subject getSubject() {
054        Subject subject = ThreadContext.getSubject();
055        if (subject == null) {
056            subject = (new Subject.Builder()).buildSubject();
057            ThreadContext.bind(subject);
058        }
059        return subject;
060    }
061
062    /**
063     * Sets a VM (static) singleton SecurityManager, specifically for transparent use in the
064     * {@link #getSubject() getSubject()} implementation.
065     * <p/>
066     * <b>This method call exists mainly for framework development support.  Application developers should rarely,
067     * if ever, need to call this method.</b>
068     * <p/>
069     * The Shiro development team prefers that SecurityManager instances are non-static application singletons
070     * and <em>not</em> VM static singletons.  Application singletons that do not use static memory require some sort
071     * of application configuration framework to maintain the application-wide SecurityManager instance for you
072     * (for example, Spring or EJB3 environments) such that the object reference does not need to be static.
073     * <p/>
074     * In these environments, Shiro acquires Subject data based on the currently executing Thread via its own
075     * framework integration code, and this is the preferred way to use Shiro.
076     * <p/>
077     * However in some environments, such as a standalone desktop application or Applets that do not use Spring or
078     * EJB or similar config frameworks, a VM-singleton might make more sense (although the former is still preferred).
079     * In these environments, setting the SecurityManager via this method will automatically enable the
080     * {@link #getSubject() getSubject()} call to function with little configuration.
081     * <p/>
082     * For example, in these environments, this will work:
083     * <pre>
084     * DefaultSecurityManager securityManager = new {@link org.apache.shiro.mgt.DefaultSecurityManager DefaultSecurityManager}();
085     * securityManager.setRealms( ... ); //one or more Realms
086     * <b>SecurityUtils.setSecurityManager( securityManager );</b></pre>
087     * <p/>
088     * And then anywhere in the application code, the following call will return the application's Subject:
089     * <pre>
090     * Subject currentUser = SecurityUtils.getSubject();</pre>
091     *
092     * @param securityManager the securityManager instance to set as a VM static singleton.
093     */
094    public static void setSecurityManager(SecurityManager securityManager) {
095        SecurityUtils.securityManager = securityManager;
096    }
097
098    /**
099     * Returns the SecurityManager accessible to the calling code.
100     * <p/>
101     * This implementation favors acquiring a thread-bound {@code SecurityManager} if it can find one.  If one is
102     * not available to the executing thread, it will attempt to use the static singleton if available (see the
103     * {@link #setSecurityManager setSecurityManager} method for more on the static singleton).
104     * <p/>
105     * If neither the thread-local or static singleton instances are available, this method throws an
106     * {@code UnavailableSecurityManagerException} to indicate an error - a SecurityManager should always be accessible
107     * to calling code in an application. If it is not, it is likely due to a Shiro configuration problem.
108     *
109     * @return the SecurityManager accessible to the calling code.
110     * @throws UnavailableSecurityManagerException
111     *          if there is no {@code SecurityManager} instance available to the
112     *          calling code, which typically indicates an invalid application configuration.
113     */
114    public static SecurityManager getSecurityManager() throws UnavailableSecurityManagerException {
115        SecurityManager securityManager = ThreadContext.getSecurityManager();
116        if (securityManager == null) {
117            securityManager = SecurityUtils.securityManager;
118        }
119        if (securityManager == null) {
120            String msg = "No SecurityManager accessible to the calling code, either bound to the " +
121                    ThreadContext.class.getName() + " or as a vm static singleton.  This is an invalid application " +
122                    "configuration.";
123            throw new UnavailableSecurityManagerException(msg);
124        }
125        return securityManager;
126    }
127}