Java tutorial
/* * Licensed to the Apache Software Foundation (ASF) under one or more contributor license * agreements. See the NOTICE file distributed with this work for additional information regarding * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance with the License. You may obtain a * copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software distributed under the License * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express * or implied. See the License for the specific language governing permissions and limitations under * the License. */ package org.apache.geode.internal.security.shiro; import java.io.Serializable; import java.util.Properties; import org.apache.geode.security.ResourcePermission; import org.apache.geode.security.SecurityManager; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.Permission; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.geode.internal.security.SecurityService; public class CustomAuthRealm extends AuthorizingRealm { private static final String REALM_NAME = "CUSTOMAUTHREALM"; private SecurityManager securityManager = null; /** * The caller must invoke {@link org.apache.geode.security.SecurityManager#init(Properties)} prior * to instantiating CustomAuthRealm. * * @param securityManager instance of SecurityManager which has already been initialized */ public CustomAuthRealm(SecurityManager securityManager) { this.securityManager = securityManager; setAuthenticationTokenClass(GeodeAuthenticationToken.class); } /** * SecurityManager will be constructed and initialized with the provided security properties. * * @param authenticatorFactory name of the SecurityManager implementation to construct * @param securityProperties the security properties to initialize SecurityManager with */ public CustomAuthRealm(String authenticatorFactory, Properties securityProperties) { this.securityManager = SecurityService.getObjectOfTypeFromClassName(authenticatorFactory, SecurityManager.class); this.securityManager.init(securityProperties); } @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { GeodeAuthenticationToken authToken = (GeodeAuthenticationToken) token; Object principal = securityManager.authenticate(authToken.getProperties()); return new SimpleAuthenticationInfo(principal, authToken.getCredentials(), REALM_NAME); } @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { // we intercepted the call to this method by overriding the isPermitted call return null; } @Override public boolean isPermitted(PrincipalCollection principals, Permission permission) { ResourcePermission context = (ResourcePermission) permission; Serializable principal = (Serializable) principals.getPrimaryPrincipal(); return securityManager.authorize(principal, context); } }