Examples with WebSubjectContext org.apache.shiro.web.subject.WebSubjectContext used on opensource projects

Example 6 with WebSubjectContext

use of org.apache.shiro.web.subject.WebSubjectContext in project shiro by apache.

the class CookieRememberMeManager method getRememberedSerializedIdentity.

/**
 * Returns a previously serialized identity byte array or {@code null} if the byte array could not be acquired.
 * This implementation retrieves an HTTP cookie, Base64-decodes the cookie value, and returns the resulting byte
 * array.
 * <p/>
 * The {@code SubjectContext} instance is expected to be a {@link WebSubjectContext} instance with an HTTP
 * Request/Response pair so an HTTP cookie can be retrieved from the incoming request.  If it is not a
 * {@code WebSubjectContext} or that {@code WebSubjectContext} does not have an HTTP Request/Response pair, this
 * implementation returns {@code null}.
 *
 * @param subjectContext the contextual data, usually provided by a {@link Subject.Builder} implementation, that
 *                       is being used to construct a {@link Subject} instance.  To be used to assist with data
 *                       lookup.
 * @return a previously serialized identity byte array or {@code null} if the byte array could not be acquired.
 */
protected byte[] getRememberedSerializedIdentity(SubjectContext subjectContext) {
    if (!WebUtils.isHttp(subjectContext)) {
        if (log.isDebugEnabled()) {
            String msg = "SubjectContext argument is not an HTTP-aware instance.  This is required to obtain a " + "servlet request and response in order to retrieve the rememberMe cookie. Returning " + "immediately and ignoring rememberMe operation.";
            log.debug(msg);
        }
        return null;
    }
    WebSubjectContext wsc = (WebSubjectContext) subjectContext;
    if (isIdentityRemoved(wsc)) {
        return null;
    }
    HttpServletRequest request = WebUtils.getHttpRequest(wsc);
    HttpServletResponse response = WebUtils.getHttpResponse(wsc);
    String base64 = getCookie().readValue(request, response);
    // ignore cookies that are scheduled for removal
    if (Cookie.DELETED_COOKIE_VALUE.equals(base64))
        return null;
    if (base64 != null) {
        base64 = ensurePadding(base64);
        if (log.isTraceEnabled()) {
            log.trace("Acquired Base64 encoded identity [" + base64 + "]");
        }
        byte[] decoded = Base64.decode(base64);
        if (log.isTraceEnabled()) {
            log.trace("Base64 decoded byte array length: " + (decoded != null ? decoded.length : 0) + " bytes.");
        }
        return decoded;
    } else {
        // no cookie set - new site visitor?
        return null;
    }
}

Example 7 with WebSubjectContext

use of org.apache.shiro.web.subject.WebSubjectContext in project shiro by apache.

the class DefaultWebSubjectFactory method createSubject.

public Subject createSubject(SubjectContext context) {
    if (!(context instanceof WebSubjectContext)) {
        return super.createSubject(context);
    }
    WebSubjectContext wsc = (WebSubjectContext) context;
    SecurityManager securityManager = wsc.resolveSecurityManager();
    Session session = wsc.resolveSession();
    boolean sessionEnabled = wsc.isSessionCreationEnabled();
    PrincipalCollection principals = wsc.resolvePrincipals();
    boolean authenticated = wsc.resolveAuthenticated();
    String host = wsc.resolveHost();
    ServletRequest request = wsc.resolveServletRequest();
    ServletResponse response = wsc.resolveServletResponse();
    return new WebDelegatingSubject(principals, authenticated, host, session, sessionEnabled, request, response, securityManager);
}