/** * Creates the security manager without registering it. * * @param repo the component repository, only used to register secondary items like lifecycle, not null * @param pwService the password service, not null * @return the security manager, not null */ protected SecurityManager createSecurityManager(ComponentRepository repo, PasswordService pwService) throws IOException { // password matcher PasswordMatcher pwMatcher = new PasswordMatcher(); pwMatcher.setPasswordService(pwService); // user database realm UserSource userSource = getUserSource(); if (userSource == null) { userSource = getUserMaster(); } UserSourceRealm realm = new UserSourceRealm(userSource); realm.setAuthenticationCachingEnabled(true); realm.setAuthorizationCachingEnabled(true); realm.setCredentialsMatcher(pwMatcher); realm.setPermissionResolver(AuthUtils.getPermissionResolver()); // security manager DefaultWebSecurityManager sm = new DefaultWebSecurityManager(); sm.setRealm(realm); sm.setAuthorizer(realm); // replace ModularRealmAuthorizer as not needed sm.setCacheManager(new MemoryConstrainedCacheManager()); return sm; }
@Override protected Realm createRealm(Ini ini) { // Set the resolvers first, because IniRealm is initialized before the resolvers // are applied by the ModularRealmAuthorizer IniRealm realm = new IniRealm() { @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { SimpleAccount account = (SimpleAccount) super.doGetAuthorizationInfo(principals); // implicitly, give the role agate-user to all users from ini if(account != null) account.addRole(Roles.AGATE_USER.toString()); return account; } }; realm.setName(INI_REALM); // realm.setRolePermissionResolver(rolePermissionResolver); realm.setPermissionResolver(permissionResolver); realm.setResourcePath(getShiroIniPath()); realm.setCredentialsMatcher(new PasswordMatcher()); realm.setIni(ini); return realm; }
@Inject public GitPlexAuthorizingRealm(UserManager userManager, CacheManager cacheManager, ConfigManager configManager, MembershipManager membershipManager, GroupManager groupManager) { PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(AppLoader.getInstance(PasswordService.class)); setCredentialsMatcher(passwordMatcher); this.userManager = userManager; this.cacheManager = cacheManager; this.configManager = configManager; this.membershipManager = membershipManager; this.groupManager = groupManager; }
public PasswordRealmMixin() { super(); passwordService = new DefaultPasswordService(); PasswordMatcher matcher = new PasswordMatcher(); matcher.setPasswordService( passwordService ); setCredentialsMatcher( matcher ); }
public MyRealmMixin() { super(); passwordService = new DefaultPasswordService(); PasswordMatcher matcher = new PasswordMatcher(); matcher.setPasswordService( passwordService ); setCredentialsMatcher( matcher ); }
@PostConstruct private void Init() { PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(passwordService); setCredentialsMatcher(passwordMatcher); }
@Inject public AuthenticatingRealmImpl(final SecurityConfigurationManager configuration, final PasswordService passwordService) { this.configuration = configuration; this.passwordService = passwordService; PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(this.passwordService); setCredentialsMatcher(passwordMatcher); setName(NAME); setAuthenticationCachingEnabled(true); }
/** * @return the default security manager for this application */ @Produces public WebSecurityManager getSecurityManager() { if (this.securityManager == null) { // creates a custom security realm final AuthorizingRealm realm = new SecurityRealm(this.accountService); // instantiate the custom password matcher based on bcrypt final PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(new BCryptPasswordService()); realm.setCredentialsMatcher(passwordMatcher); // create the security manager this.securityManager = new DefaultWebSecurityManager(realm); // enable the remember me function based on cookies final CookieRememberMeManager rememberMeManager = new CookieRememberMeManager(); rememberMeManager.setCipherKey(this.createCypherKey()); this.securityManager.setRememberMeManager(rememberMeManager); this.securityManager.setCacheManager(new MemoryConstrainedCacheManager()); } return this.securityManager; }
protected void setup(HashService hashService, HashFormat hashFormat) { PortofinoPasswordService passwordService = new PortofinoPasswordService(); passwordService.setHashService(hashService); passwordService.setHashFormat(hashFormat); PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(passwordService); setCredentialsMatcher(passwordMatcher); this.passwordService = passwordService; }
@Override protected Realm createRealm(Ini ini) { // Set the resolvers first, because IniRealm is initialized before the resolvers // are applied by the ModularRealmAuthorizer IniRealm realm = new IniRealm(); realm.setName(INI_REALM); realm.setRolePermissionResolver(rolePermissionResolver); realm.setPermissionResolver(permissionResolver); realm.setResourcePath(getShiroIniPath()); realm.setCredentialsMatcher(new PasswordMatcher()); realm.setIni(ini); return realm; }
@Test public void getShiroBeanFromIni() { CdiIniSecurityManagerFactory securityManagerFactory = new CdiIniSecurityManagerFactory("classpath:test-shiro.ini", beanManager); SecurityManager securityManager = securityManagerFactory.createInstance(); assertThat(securityManager, is(notNullValue())); Object passwordMatcher = securityManagerFactory.getBeans().get("passwordMatcher"); assertThat(passwordMatcher, is(instanceOf(PasswordMatcher.class))); }
/** * Defines the realms. * * @return a list of {@link Realm}. */ private List<Realm> defineRealms() { final List<Realm> realms = new ArrayList<Realm>(); final IniRealm iniRealm = new IniRealm("classpath:userAndRoles.ini"); iniRealm.setCredentialsMatcher(new PasswordMatcher()); realms.add(iniRealm); return realms; }
@Bean(name="credentialsMatcher") public CredentialsMatcher credentialsMatcher(){ return new PasswordMatcher(); }
@Provides @Singleton KhaRealm provideKhaRealm(UsersDao usersDao, PasswordMatcher passwordMatcher) { KhaRealm realm = new KhaRealm(usersDao); realm.setCredentialsMatcher(passwordMatcher); realm.setAuthenticationCachingEnabled(true); return realm; }
@Provides @Singleton PasswordMatcher providePasswordMatcher(PasswordService passwordService) { PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(passwordService); return passwordMatcher; }
/** * @return the default security manager for this application */ @Produces public WebSecurityManager getSecurityManager() { if (this.securityManager == null) { // creates a custom security realm final AuthorizingRealm realm = new SecurityRealm(this.accountService); // instantiate the custom password matcher based on bcrypt final PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(new BCryptPasswordService()); realm.setCredentialsMatcher(passwordMatcher); // create the security manager this.securityManager = new DefaultWebSecurityManager(realm); // enable the remember me function based on cookies final CookieRememberMeManager rememberMeManager = new CookieRememberMeManager(); rememberMeManager.setCipherKey(this.createCypherKey()); this.securityManager.setRememberMeManager(rememberMeManager); } return this.securityManager; }
/** * Creates an instance with the specified {@code UserSecurityDAO}. * Calls {@link #JdbiShiroRealm(org.apache.shiro.authc.credential.CredentialsMatcher, io.ifar.security.dao.UserSecurityDAO)} * passing in a new {@link PasswordMatcher} with its default settings, and {@code userSecurityDAO}. * * @param userSecurityDAO a {@link UserSecurityDAO} used to retrieve user credentials and role/permission data. */ public JdbiShiroRealm(UserSecurityDAO userSecurityDAO) { this(new PasswordMatcher(), userSecurityDAO); // Default config. Should work out of the box. }
