org.wicketstuff.shiro.example.sprhib.security

Class SampleRealm

java.lang.Object

org.apache.shiro.realm.CachingRealm

org.apache.shiro.realm.AuthenticatingRealm

org.apache.shiro.realm.AuthorizingRealm

org.wicketstuff.shiro.example.sprhib.security.SampleRealm

All Implemented Interfaces:

org.apache.shiro.authc.LogoutAware, org.apache.shiro.authz.Authorizer, org.apache.shiro.authz.permission.PermissionResolverAware, org.apache.shiro.authz.permission.RolePermissionResolverAware, org.apache.shiro.cache.CacheManagerAware, org.apache.shiro.realm.Realm, org.apache.shiro.util.Initializable, org.apache.shiro.util.Nameable

@Component
public class SampleRealm
extends org.apache.shiro.realm.AuthorizingRealm

The Spring/Hibernate sample application's one and only configured Apache Shiro Realm.

Because a Realm is really just a security-specific DAO, we could have just made Hibernate calls directly in the implementation and named it a 'HibernateRealm' or something similar.

But we've decided to make the calls to the database using a UserDAO, since a DAO would be used in other areas of a 'real' application in addition to here. We felt it better to use that same DAO to show code re-use.

Field Summary

Fields

Modifier and Type	Field and Description
protected UserDAO	userDAO

Constructor Summary

Constructors

Constructor and Description
SampleRealm()

Method Summary

Methods

Modifier and Type	Method and Description
protected org.apache.shiro.authc.AuthenticationInfo	doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken authcToken)
protected org.apache.shiro.authz.AuthorizationInfo	doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection principals)
void	setUserDAO(UserDAO userDAO)

Methods inherited from class org.apache.shiro.realm.AuthorizingRealm

afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, onInit, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolver

Methods inherited from class org.apache.shiro.realm.AuthenticatingRealm

assertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher, supports

Methods inherited from class org.apache.shiro.realm.CachingRealm

clearCache, getAvailablePrincipal, getCacheManager, getName, isCachingEnabled, onLogout, setCacheManager, setCachingEnabled

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.shiro.util.Initializable

init

Field Detail

userDAO

protected UserDAO userDAO

Constructor Detail

SampleRealm

public SampleRealm()

Method Detail

setUserDAO

@Autowired
public void setUserDAO(UserDAO userDAO)

doGetAuthenticationInfo

protected org.apache.shiro.authc.AuthenticationInfo doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken authcToken)
                                                                     throws org.apache.shiro.authc.AuthenticationException

Specified by:

doGetAuthenticationInfo in class org.apache.shiro.realm.AuthenticatingRealm

Throws:

org.apache.shiro.authc.AuthenticationException

doGetAuthorizationInfo

protected org.apache.shiro.authz.AuthorizationInfo doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection principals)

Specified by:

doGetAuthorizationInfo in class org.apache.shiro.realm.AuthorizingRealm