Search in sources :

Example 6 with DefaultSecurityManager

use of org.apache.shiro.mgt.DefaultSecurityManager in project killbill by killbill.

the class EhCacheManagerProvider method get.

@Override
public EhCacheManager get() {
    final EhCacheManager shiroEhCacheManager = new EhCacheManager();
    // Same EhCache manager instance as the rest of the system
    shiroEhCacheManager.setCacheManager(ehCacheCacheManager);
    if (securityManager instanceof DefaultSecurityManager) {
        // For RBAC only (see also KillbillJdbcTenantRealmProvider)
        ((DefaultSecurityManager) securityManager).setCacheManager(shiroEhCacheManager);
    }
    return shiroEhCacheManager;
}
Also used : EhCacheManager(org.apache.shiro.cache.ehcache.EhCacheManager) DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager)

Example 7 with DefaultSecurityManager

use of org.apache.shiro.mgt.DefaultSecurityManager in project killbill by killbill.

the class IniRealmProvider method get.

@Override
public IniRealm get() {
    try {
        final Factory<SecurityManager> factory = new IniSecurityManagerFactory(securityConfig.getShiroResourcePath());
        // TODO Pierre hack - lame cast here, but we need to have Shiro go through its reflection magic
        // to parse the [main] section of the ini file. Without duplicating code, this seems to be possible only
        // by going through IniSecurityManagerFactory.
        final DefaultSecurityManager securityManager = (DefaultSecurityManager) factory.getInstance();
        final Collection<Realm> realms = securityManager.getRealms();
        IniRealm iniRealm = null;
        if (realms == null || realms.isEmpty()) {
            iniRealm = new IniRealm(securityConfig.getShiroResourcePath());
        } else {
            for (final Realm cur : realms) {
                if (cur instanceof IniRealm) {
                    iniRealm = (IniRealm) cur;
                    break;
                }
            }
        }
        if (iniRealm != null) {
            // See JavaDoc warning: https://shiro.apache.org/static/1.2.3/apidocs/org/apache/shiro/realm/AuthenticatingRealm.html
            iniRealm.setAuthenticationCachingEnabled(true);
            return iniRealm;
        } else {
            throw new ConfigurationException();
        }
    } catch (final ConfigurationException e) {
        log.warn("Unable to configure RBAC", e);
        return new IniRealm();
    }
}
Also used : IniSecurityManagerFactory(org.apache.shiro.config.IniSecurityManagerFactory) DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager) SecurityManager(org.apache.shiro.mgt.SecurityManager) ConfigurationException(org.apache.shiro.config.ConfigurationException) IniRealm(org.apache.shiro.realm.text.IniRealm) DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager) IniRealm(org.apache.shiro.realm.text.IniRealm) Realm(org.apache.shiro.realm.Realm)

Example 8 with DefaultSecurityManager

use of org.apache.shiro.mgt.DefaultSecurityManager in project killbill by killbill.

the class DefaultSecurityApi method invalidateJDBCAuthorizationCache.

private void invalidateJDBCAuthorizationCache(final String username) {
    final Collection<Realm> realms = ((DefaultSecurityManager) SecurityUtils.getSecurityManager()).getRealms();
    final KillBillJdbcRealm killBillJdbcRealm = (KillBillJdbcRealm) Iterables.tryFind(realms, new Predicate<Realm>() {

        @Override
        public boolean apply(@Nullable final Realm input) {
            return (input instanceof KillBillJdbcRealm);
        }
    }).orNull();
    if (killBillJdbcRealm != null) {
        final SimplePrincipalCollection principals = new SimplePrincipalCollection();
        principals.add(username, killBillJdbcRealm.getName());
        killBillJdbcRealm.clearCachedAuthorizationInfo(principals);
    }
}
Also used : KillBillJdbcRealm(org.killbill.billing.util.security.shiro.realm.KillBillJdbcRealm) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager) Realm(org.apache.shiro.realm.Realm) KillBillJdbcRealm(org.killbill.billing.util.security.shiro.realm.KillBillJdbcRealm)

Example 9 with DefaultSecurityManager

use of org.apache.shiro.mgt.DefaultSecurityManager in project graylog2-server by Graylog2.

the class ShiroSecurityContextFilterTest method setUp.

@Before
public void setUp() throws Exception {
    when(securityContext.isSecure()).thenReturn(false);
    when(requestContext.getSecurityContext()).thenReturn(securityContext);
    final DefaultSecurityManager securityManager = new DefaultSecurityManager();
    final Provider<Request> grizzlyRequestProvider = () -> mock(Request.class);
    filter = new ShiroSecurityContextFilter(securityManager, grizzlyRequestProvider, Collections.emptySet());
}
Also used : Request(org.glassfish.grizzly.http.server.Request) DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager) Before(org.junit.Before)

Example 10 with DefaultSecurityManager

use of org.apache.shiro.mgt.DefaultSecurityManager in project geode by apache.

the class IntegratedSecurityServiceTest method testInitWithOutsideShiroSecurityManager.

@Test
public void testInitWithOutsideShiroSecurityManager() {
    SecurityUtils.setSecurityManager(new DefaultSecurityManager());
    securityService.initSecurity(properties);
    assertTrue(securityService.isIntegratedSecurity());
}
Also used : DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager) Test(org.junit.Test) UnitTest(org.apache.geode.test.junit.categories.UnitTest)

Aggregations

DefaultSecurityManager (org.apache.shiro.mgt.DefaultSecurityManager)14 SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)7 PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)6 Realm (org.apache.shiro.realm.Realm)5 Principal (java.security.Principal)3 ArrayList (java.util.ArrayList)3 Permission (org.apache.shiro.authz.Permission)3 AuthorizingRealm (org.apache.shiro.realm.AuthorizingRealm)3 SimpleSession (org.apache.shiro.session.mgt.SimpleSession)3 Before (org.junit.Before)3 Test (org.junit.Test)3 CollectionPermission (ddf.security.permission.CollectionPermission)2 KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)2 BeforeMethod (org.testng.annotations.BeforeMethod)2 HikariConfig (com.zaxxer.hikari.HikariConfig)1 HikariDataSource (com.zaxxer.hikari.HikariDataSource)1 Metacard (ddf.catalog.data.Metacard)1 ResultImpl (ddf.catalog.data.impl.ResultImpl)1 DeleteRequest (ddf.catalog.operation.DeleteRequest)1 ResourceRequest (ddf.catalog.operation.ResourceRequest)1