Search in sources :

Example 41 with SimpleAuthorizationInfo

use of org.apache.shiro.authz.SimpleAuthorizationInfo in project zeppelin by apache.

the class LdapRealm method queryForAuthorizationInfo.

/**
 * Get groups from LDAP.
 *
 * @param principals
 *            the principals of the Subject whose AuthenticationInfo should
 *            be queried from the LDAP server.
 * @param ldapContextFactory
 *            factory used to retrieve LDAP connections.
 * @return an {@link AuthorizationInfo} instance containing information
 *         retrieved from the LDAP server.
 * @throws NamingException
 *             if any LDAP errors occur during the search.
 */
@Override
public AuthorizationInfo queryForAuthorizationInfo(final PrincipalCollection principals, final LdapContextFactory ldapContextFactory) throws NamingException {
    if (!isAuthorizationEnabled()) {
        return null;
    }
    final Set<String> roleNames = getRoles(principals, ldapContextFactory);
    LOGGER.debug("RolesNames Authorization: {}", roleNames);
    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(roleNames);
    Set<String> stringPermissions = permsFor(roleNames);
    simpleAuthorizationInfo.setStringPermissions(stringPermissions);
    return simpleAuthorizationInfo;
}
Also used : SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo)

Example 42 with SimpleAuthorizationInfo

use of org.apache.shiro.authz.SimpleAuthorizationInfo in project zeppelin by apache.

the class LdapGroupRealm method queryForAuthorizationInfo.

@Override
public AuthorizationInfo queryForAuthorizationInfo(PrincipalCollection principals, LdapContextFactory ldapContextFactory) throws NamingException {
    String username = (String) getAvailablePrincipal(principals);
    LdapContext ldapContext = ldapContextFactory.getSystemLdapContext();
    Set<String> roleNames = getRoleNamesForUser(username, ldapContext, getUserDnTemplate());
    return new SimpleAuthorizationInfo(roleNames);
}
Also used : SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo) LdapContext(javax.naming.ldap.LdapContext)

Example 43 with SimpleAuthorizationInfo

use of org.apache.shiro.authz.SimpleAuthorizationInfo in project SSM by Intel-bigdata.

the class LdapGroupRealm method queryForAuthorizationInfo.

public AuthorizationInfo queryForAuthorizationInfo(PrincipalCollection principals, LdapContextFactory ldapContextFactory) throws NamingException {
    String username = (String) getAvailablePrincipal(principals);
    LdapContext ldapContext = ldapContextFactory.getSystemLdapContext();
    Set<String> roleNames = getRoleNamesForUser(username, ldapContext, getUserDnTemplate());
    return new SimpleAuthorizationInfo(roleNames);
}
Also used : SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo) LdapContext(javax.naming.ldap.LdapContext)

Example 44 with SimpleAuthorizationInfo

use of org.apache.shiro.authz.SimpleAuthorizationInfo in project SSM by Intel-bigdata.

the class LdapRealm method queryForAuthorizationInfo.

/**
 * Get groups from LDAP.
 *
 * @param principals
 *            the principals of the Subject whose AuthenticationInfo should
 *            be queried from the LDAP server.
 * @param ldapContextFactory
 *            factory used to retrieve LDAP connections.
 * @return an {@link AuthorizationInfo} instance containing information
 *         retrieved from the LDAP server.
 * @throws NamingException
 *             if any LDAP errors occur during the search.
 */
@Override
protected AuthorizationInfo queryForAuthorizationInfo(final PrincipalCollection principals, final LdapContextFactory ldapContextFactory) throws NamingException {
    if (!isAuthorizationEnabled()) {
        return null;
    }
    final Set<String> roleNames = getRoles(principals, ldapContextFactory);
    if (log.isDebugEnabled()) {
        log.debug("RolesNames Authorization: " + roleNames);
    }
    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(roleNames);
    Set<String> stringPermissions = permsFor(roleNames);
    simpleAuthorizationInfo.setStringPermissions(stringPermissions);
    return simpleAuthorizationInfo;
}
Also used : SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo)

Example 45 with SimpleAuthorizationInfo

use of org.apache.shiro.authz.SimpleAuthorizationInfo in project qi4j-sdk by Qi4j.

the class PasswordRealmMixin method doGetAuthorizationInfo.

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    UnitOfWork uow = module.newUnitOfWork();
    try {
        String username = getAvailablePrincipal(principals).toString();
        RoleAssignee roleAssignee = findRoleAssignee(uow, username);
        if (roleAssignee == null) {
            LOG.debug("No authorization info for {}", username);
            return null;
        }
        LOG.debug("Found role assignee for {}: {}", username, roleAssignee);
        Set<String> roleNames = roleAssignee.roleNames();
        Set<String> permissionStrings = roleAssignee.permissionStrings();
        LOG.debug("Found role assignee has the following roles: {}", roleNames);
        LOG.debug("Found role assignee has the following permissions: {}", permissionStrings);
        SimpleAuthorizationInfo atzInfo = new SimpleAuthorizationInfo(roleNames);
        atzInfo.setStringPermissions(permissionStrings);
        return atzInfo;
    } finally {
        uow.discard();
    }
}
Also used : UnitOfWork(org.qi4j.api.unitofwork.UnitOfWork) SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo) RoleAssignee(org.qi4j.library.shiro.domain.permissions.RoleAssignee)

Aggregations

SimpleAuthorizationInfo (org.apache.shiro.authz.SimpleAuthorizationInfo)48 Permission (org.apache.shiro.authz.Permission)8 AuthorizationException (org.apache.shiro.authz.AuthorizationException)6 KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)5 KeyValuePermission (ddf.security.permission.KeyValuePermission)5 ArrayList (java.util.ArrayList)5 HashSet (java.util.HashSet)5 AuthenticationException (org.apache.shiro.authc.AuthenticationException)5 AuthorizationInfo (org.apache.shiro.authz.AuthorizationInfo)5 KeyValuePermissionImpl (ddf.security.permission.impl.KeyValuePermissionImpl)4 CollectionPermission (ddf.security.permission.CollectionPermission)3 HashMap (java.util.HashMap)3 PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)3 Group (com.ganster.cms.core.pojo.Group)2 Permission (com.ganster.cms.core.pojo.Permission)2 User (com.ganster.cms.core.pojo.User)2 UserExample (com.ganster.cms.core.pojo.UserExample)2 TbRolePermission (com.netsteadfast.greenstep.po.hbm.TbRolePermission)2 TbUserRole (com.netsteadfast.greenstep.po.hbm.TbUserRole)2 Set (java.util.Set)2