public abstract class AuthenticatingSecurityManager extends RealmSecurityManager
SecurityManager
class hierarchy that delegates all
authentication operations to a wrapped Authenticator
instance. That is, this class
implements all the Authenticator methods in the SecurityManager
interface, but in reality, those methods are merely passthrough calls to the underlying 'real'
Authenticator instance.
All other SecurityManager (authorization, session, etc) methods are left to be implemented by subclasses.
In keeping with the other classes in this hierarchy and Shiro's desire to minimize configuration whenever possible, suitable default instances for all dependencies are created upon instantiation.
Constructor and Description |
---|
AuthenticatingSecurityManager()
Default no-arg constructor that initializes its internal
authenticator instance to a
ModularRealmAuthenticator . |
Modifier and Type | Method and Description |
---|---|
protected void |
afterRealmsSet()
Passes on the
realms to the internal delegate Authenticator instance so
that it may use them during authentication attempts. |
AuthenticationInfo |
authenticate(AuthenticationToken token)
Delegates to the wrapped
Authenticator for authentication. |
void |
destroy()
Destroys the
cacheManager via LifecycleUtils.destroy . |
Authenticator |
getAuthenticator()
Returns the delegate
Authenticator instance that this SecurityManager uses to perform all
authentication operations. |
void |
setAuthenticator(Authenticator authenticator)
Sets the delegate
Authenticator instance that this SecurityManager uses to perform all
authentication operations. |
afterCacheManagerSet, afterEventBusSet, applyCacheManagerToRealms, applyEventBusToRealms, getRealms, setRealm, setRealms
applyEventBusToCacheManager, getCacheManager, getEventBus, setCacheManager, setEventBus
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
createSubject, login, logout
checkPermission, checkPermission, checkPermissions, checkPermissions, checkRole, checkRoles, checkRoles, hasAllRoles, hasRole, hasRoles, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll
getSession, start
public AuthenticatingSecurityManager()
authenticator
instance to a
ModularRealmAuthenticator
.public Authenticator getAuthenticator()
Authenticator
instance that this SecurityManager uses to perform all
authentication operations. Unless overridden by the
setAuthenticator
, the default instance is a
ModularRealmAuthenticator
.Authenticator
instance that this SecurityManager uses to perform all
authentication operations.public void setAuthenticator(Authenticator authenticator) throws IllegalArgumentException
Authenticator
instance that this SecurityManager uses to perform all
authentication operations. Unless overridden by this method, the default instance is a
ModularRealmAuthenticator
.authenticator
- the delegate Authenticator
instance that this SecurityManager will use to
perform all authentication operations.IllegalArgumentException
- if the argument is null
.protected void afterRealmsSet()
realms
to the internal delegate Authenticator
instance so
that it may use them during authentication attempts.afterRealmsSet
in class RealmSecurityManager
public AuthenticationInfo authenticate(AuthenticationToken token) throws AuthenticationException
Authenticator
for authentication.token
- any representation of a user's principals and credentials submitted during an
authentication attempt.AuthenticationException
- if there is any problem during the authentication process.
See the specific exceptions listed below to as examples of what could happen
in order to accurately handle these problems and to notify the user in an
appropriate manner why the authentication attempt failed. Realize an
implementation of this interface may or may not throw those listed or may
throw other AuthenticationExceptions, but the list shows the most common ones.ExpiredCredentialsException
,
IncorrectCredentialsException
,
ExcessiveAttemptsException
,
LockedAccountException
,
ConcurrentAccessException
,
UnknownAccountException
public void destroy()
CachingSecurityManager
cacheManager
via LifecycleUtils.destroy
.destroy
in interface Destroyable
destroy
in class RealmSecurityManager
Copyright © 2004–2017 The Apache Software Foundation. All rights reserved.