use of org.apache.shiro.authz.SimpleAuthorizationInfo in project neo4j by neo4j.
the class InternalFlatFileRealm method doGetAuthorizationInfo.
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) throws AuthenticationException {
if (!authorizationEnabled) {
return null;
}
String username = (String) getAvailablePrincipal(principals);
if (username == null) {
return null;
}
User user = userRepository.getUserByName(username);
if (user == null) {
return null;
}
if (user.passwordChangeRequired() || user.hasFlag(IS_SUSPENDED)) {
return new SimpleAuthorizationInfo();
} else {
Set<String> roles = roleRepository.getRoleNamesByUsername(user.name());
return new SimpleAuthorizationInfo(roles);
}
}
use of org.apache.shiro.authz.SimpleAuthorizationInfo in project neo4j by neo4j.
the class LdapRealm method cacheAuthorizationInfo.
private void cacheAuthorizationInfo(String username, Set<String> roleNames) {
// Use the existing authorizationCache in our base class
Cache<Object, AuthorizationInfo> authorizationCache = getAuthorizationCache();
authorizationCache.put(username, new SimpleAuthorizationInfo(roleNames));
}
use of org.apache.shiro.authz.SimpleAuthorizationInfo in project neo4j by neo4j.
the class LdapRealm method queryForAuthorizationInfo.
@Override
protected AuthorizationInfo queryForAuthorizationInfo(PrincipalCollection principals, LdapContextFactory ldapContextFactory) throws NamingException {
if (authorizationEnabled) {
String username = getUsername(principals);
if (username == null) {
return null;
}
if (useSystemAccountForAuthorization) {
// Perform context search using the system context
LdapContext ldapContext = useStartTls ? getSystemLdapContextUsingStartTls(ldapContextFactory) : ldapContextFactory.getSystemLdapContext();
Set<String> roleNames;
try {
roleNames = findRoleNamesForUser(username, ldapContext);
} finally {
LdapUtils.closeContext(ldapContext);
}
return new SimpleAuthorizationInfo(roleNames);
} else {
// Authorization info is cached during authentication
Cache<Object, AuthorizationInfo> authorizationCache = getAuthorizationCache();
AuthorizationInfo authorizationInfo = authorizationCache.get(username);
if (authorizationInfo == null) {
// so that the client can react by re-authenticating.
throw new AuthorizationExpiredException("LDAP authorization info expired.");
}
return authorizationInfo;
}
}
return null;
}
use of org.apache.shiro.authz.SimpleAuthorizationInfo in project bamboobsc by billchen198318.
the class GreenStepBaseAuthorizingLdapRealm method getSimpleAuthorizationInfo.
private SimpleAuthorizationInfo getSimpleAuthorizationInfo(String username) throws Exception {
Map<String, Object> params = new HashMap<String, Object>();
params.put("account", username);
List<TbUserRole> roleList = userRoleService.findListByParams(params);
if (roleList == null) {
return null;
}
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
for (TbUserRole userRole : roleList) {
info.addRole(userRole.getRole());
params.clear();
params.put("role", userRole.getRole());
List<TbRolePermission> rolePermissionList = rolePermissionService.findListByParams(params);
if (rolePermissionList == null) {
continue;
}
for (TbRolePermission rolePermission : rolePermissionList) {
info.addStringPermission(rolePermission.getPermission());
}
}
return info;
}
use of org.apache.shiro.authz.SimpleAuthorizationInfo in project tesla by linking12.
the class TeslaUserRealm method doGetAuthorizationInfo.
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
if (principals == null) {
throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
}
Long userId = (Long) principals.getPrimaryPrincipal();
List<String> permissions = userDao.findPermissonByUserId(userId);
List<String> roles = userDao.findRoleByUserId(userId);
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.addRoles(roles);
info.addStringPermissions(permissions);
return info;
}
Aggregations