Examples with PrincipalCollection org.apache.shiro.subject.PrincipalCollection used on opensource projects

Example 51 with PrincipalCollection

use of org.apache.shiro.subject.PrincipalCollection in project ddf by codice.

the class CswEndpointTest method addSecurity.

private void addSecurity() {
    org.apache.shiro.mgt.SecurityManager secManager = new DefaultSecurityManager();
    PrincipalCollection principals = new SimplePrincipalCollection(USER_ID, "testrealm");
    Subject subject = new Subject.Builder(secManager).principals(principals).session(new SimpleSession()).authenticated(true).buildSubject();
    ThreadContext.bind(secManager);
    ThreadContext.bind(subject);
}

Example 52 with PrincipalCollection

use of org.apache.shiro.subject.PrincipalCollection in project ddf by codice.

the class SubjectUtilsTest method testGetDefaultName.

@Test
public void testGetDefaultName() {
    org.apache.shiro.subject.Subject subject;
    org.apache.shiro.mgt.SecurityManager secManager = new DefaultSecurityManager();
    PrincipalCollection principals = new SimplePrincipalCollection();
    subject = new ddf.security.Subject.Builder(secManager).principals(principals).session(new SimpleSession()).authenticated(true).buildSubject();
    assertEquals(DEFAULT_NAME, subjectUtils.getName(subject, DEFAULT_NAME));
    assertEquals(DEFAULT_NAME, subjectUtils.getName(null, DEFAULT_NAME));
}

Example 53 with PrincipalCollection

use of org.apache.shiro.subject.PrincipalCollection in project ddf by codice.

the class SecurityManagerImpl method getSubject.

@Override
public Subject getSubject(Object token) throws SecurityServiceException {
    AuthenticationToken authenticationToken = null;
    if (token instanceof SessionToken) {
        SimpleSession session = new SimpleSession();
        session.setId((String) ((SessionToken) token).getCredentials());
        return new SubjectImpl(((PrincipalCollection) ((SessionToken) token).getPrincipal()), true, session, internalManager);
    } else if (token instanceof AuthenticationToken) {
        authenticationToken = (AuthenticationToken) token;
    }
    if (authenticationToken != null) {
        Subject subject = getSubject(authenticationToken);
        securityLogger.audit("Logged in", subject);
        return subject;
    } else {
        throw new SecurityServiceException("Incoming token object NOT supported by security manager implementation. Currently supported types are AuthenticationToken and SecurityToken");
    }
}

Example 54 with PrincipalCollection

use of org.apache.shiro.subject.PrincipalCollection in project ddf by codice.

the class SubjectUtils method getType.

/**
 * Retrieves the type of the Security Assertion inside the given Subject.
 *
 * @param subject Subject to get the user name from.
 * @return String representation of the user name if available or defaultName if no user name
 *     could be found or incoming subject was null.
 */
@Override
public String getType(Subject subject) {
    if (subject == null) {
        LOGGER.debug("Incoming subject was null, cannot look up security assertion type.");
        return null;
    }
    PrincipalCollection principals = subject.getPrincipals();
    if (principals == null) {
        LOGGER.debug("No principals located in the incoming subject, cannot look up security assertion type.");
        return null;
    }
    Collection<SecurityAssertion> assertions = principals.byType(SecurityAssertion.class);
    if (assertions == null || assertions.isEmpty()) {
        LOGGER.debug("No principals located in the incoming subject, cannot look up security assertion type.");
        return null;
    }
    List<SecurityAssertion> assertionList = new ArrayList<>(assertions);
    assertionList.sort(new SecurityAssertionComparator());
    return assertionList.get(0).getTokenType();
}

Example 55 with PrincipalCollection

use of org.apache.shiro.subject.PrincipalCollection in project ddf by codice.

the class SubjectUtils method getAttribute.

/**
 * Get any attribute from a subject by key.
 *
 * @param subject
 * @param key
 * @return attribute values or an empty list if not found.
 */
@Override
public List<String> getAttribute(@Nullable Subject subject, String key) {
    Validate.notNull(key);
    if (subject == null) {
        LOGGER.debug("Incoming subject was null, cannot look up {}.", key);
        return Collections.emptyList();
    }
    PrincipalCollection principals = subject.getPrincipals();
    if (principals == null) {
        LOGGER.debug("No principals located in the incoming subject, cannot look up {}.", key);
        return Collections.emptyList();
    }
    Collection<SecurityAssertion> assertions = principals.byType(SecurityAssertion.class);
    if (assertions.isEmpty()) {
        LOGGER.debug("Could not find Security Assertion, cannot look up {}.", key);
        return Collections.emptyList();
    }
    List<SecurityAssertion> assertionList = new ArrayList<>(assertions);
    assertionList.sort(new SecurityAssertionComparator());
    return assertionList.stream().map(SecurityAssertion::getAttributeStatements).flatMap(List::stream).flatMap(as -> as.getAttributes().stream()).filter(a -> a.getName().equals(key)).flatMap(a -> a.getValues().stream()).collect(Collectors.toList());
}