Java tutorial
/* * Copyright (c) 2015. David Sowerby * * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the * specific language governing permissions and limitations under the License. */ package uk.q3c.krail.core.shiro; import com.google.inject.Inject; import com.vaadin.server.VaadinSession; import org.apache.shiro.SecurityUtils; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.subject.Subject; /** * Created by David Sowerby on 10/06/15. */ public class DefaultSubjectProvider implements SubjectProvider { /** * The security manager for the application. */ private SecurityManager securityManager; @Inject protected DefaultSubjectProvider(SecurityManager securityManager) { super(); this.securityManager = securityManager; } /** * Sets the security manager for the application. To support push, normally a * {@link DefaultSecurityManager} is used rather than a web specific one * because the normal HTTP request/response cycle isn't used. * * @param securityManager * the security manager to set */ public void setSecurityManager(SecurityManager securityManager) { this.securityManager = securityManager; } /** * {@inheritDoc} */ @Override public Subject get() { return getSubject(); } /** * Returns the subject for the application and thread which represents the * current user. The subject is always available; however it may represent an * anonymous user. * * @return the subject for the current application and thread * * @see SecurityUtils#getSubject() */ public Subject getSubject() { VaadinSession session = VaadinSession.getCurrent(); // This should never happen, but just in case we'll check. if (session == null) { throw new IllegalStateException("Unable to locate VaadinSession " + "to store Shiro Subject."); } Subject subject = (Subject) session.getAttribute(SUBJECT_ATTRIBUTE); if (subject == null) { // Create a new subject using the configured security manager. subject = (new Subject.Builder(securityManager)).buildSubject(); session.setAttribute(SUBJECT_ATTRIBUTE, subject); } return subject; } }