1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.shiro.web.mgt;
20
21 import org.apache.shiro.mgt.DefaultSubjectFactory;
22 import org.apache.shiro.mgt.SecurityManager;
23 import org.apache.shiro.session.Session;
24 import org.apache.shiro.subject.PrincipalCollection;
25 import org.apache.shiro.subject.Subject;
26 import org.apache.shiro.subject.SubjectContext;
27 import org.apache.shiro.web.subject.WebSubjectContext;
28 import org.apache.shiro.web.subject.support.WebDelegatingSubject;
29
30 import javax.servlet.ServletRequest;
31 import javax.servlet.ServletResponse;
32
33 import org.apache.shiro.web.subject.WebSubject;
34
35
36
37
38
39
40
41
42
43
44 public class DefaultWebSubjectFactory extends DefaultSubjectFactory {
45
46 public DefaultWebSubjectFactory() {
47 super();
48 }
49
50 public Subject createSubject(SubjectContext context) {
51
52
53
54
55 boolean isNotBasedOnWebSubject = context.getSubject() != null && !(context.getSubject() instanceof WebSubject);
56 if (!(context instanceof WebSubjectContext) || isNotBasedOnWebSubject) {
57 return super.createSubject(context);
58 }
59 WebSubjectContext wsc = (WebSubjectContext) context;
60 SecurityManager securityManager = wsc.resolveSecurityManager();
61 Session session = wsc.resolveSession();
62 boolean sessionEnabled = wsc.isSessionCreationEnabled();
63 PrincipalCollection principals = wsc.resolvePrincipals();
64 boolean authenticated = wsc.resolveAuthenticated();
65 String host = wsc.resolveHost();
66 ServletRequest request = wsc.resolveServletRequest();
67 ServletResponse response = wsc.resolveServletResponse();
68
69 return new WebDelegatingSubject(principals, authenticated, host, session, sessionEnabled,
70 request, response, securityManager);
71 }
72
73
74
75
76
77 @Deprecated
78 protected Subject newSubjectInstance(PrincipalCollection principals, boolean authenticated,
79 String host, Session session,
80 ServletRequest request, ServletResponse response,
81 SecurityManager securityManager) {
82 return new WebDelegatingSubject(principals, authenticated, host, session, true,
83 request, response, securityManager);
84 }
85 }