org.apache.shiro.util.CollectionUtils Java Examples

The following examples show how to use org.apache.shiro.util.CollectionUtils. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: RuleCatalog.java    From arcusplatform with Apache License 2.0 6 votes vote down vote up
/**
 * Merge the templates from catalog2 into a new RuleCatalog.  Will use the current metadata and categories.
 * @param catalog1
 * @param catalog2
 * @return
 */
public RuleCatalog merge(RuleCatalog catalog2) {
   if( !CollectionUtils.isEmpty(catalog2.getTemplates()) ) {
      List<RuleTemplate> addedTempalates = catalog2.getTemplates();
      Map<String, RuleTemplate> ruleMap = templates.values().stream().collect(Collectors.toMap(x->x.getId(), x->x));
      addedTempalates.stream().forEach(c -> {
         if(!ruleMap.containsKey(c.getId())) {
            ruleMap.put(c.getId(), c);
         }
      });
      return new RuleCatalog(this.metadata, this.categories, ruleMap.values());
   }else{
      return this;
   }
   
}
 
Example #2
Source File: JsetsModularRealmAuthenticator.java    From jsets-shiro-spring-boot-starter with Apache License 2.0 6 votes vote down vote up
protected AuthenticationInfo doAuthenticate(AuthenticationToken authenticationToken) throws AuthenticationException {
	assertRealmsConfigured();
	List<Realm> realms = this.getRealms()
		.stream()
		.filter(realm -> {
				return realm.supports(authenticationToken);
		})
		.collect(toList());
	if (CollectionUtils.isEmpty(realms)) 
		throw new IllegalStateException("Configuration error:  No realms support token type:" + authenticationToken.getClass());
	
	if (realms.size() == 1) {
		return doSingleRealmAuthentication(realms.iterator().next(), authenticationToken);
	} else {
		return doMultiRealmAuthentication(realms, authenticationToken);
	}
}
 
Example #3
Source File: JsetsRolesAuthorizationFilter.java    From jsets-shiro-spring-boot-starter with Apache License 2.0 6 votes vote down vote up
public boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws IOException {
	Subject subject = getSubject(request, response);
    String[] rolesArray = (String[]) mappedValue;
    if (rolesArray == null || rolesArray.length == 0) {
    	return true;
    }
    List<String> roles = CollectionUtils.asList(rolesArray);
    boolean[] hasRoles = subject.hasRoles(roles);
    for(boolean hasRole:hasRoles){
    	if(hasRole) {
    		this.authListenerManager.onAccessAssert(request, (String)subject.getPrincipal(),roles.toString(), true);
    		return true;
    	}
    }
    this.authListenerManager.onAccessAssert(request, (String)subject.getPrincipal(),roles.toString(), false);
    return false;
}
 
Example #4
Source File: ShiroSessionDao.java    From Spring-Shiro-Spark with Apache License 2.0 6 votes vote down vote up
/**
 * 获取当前所有活跃用户
 */
@Override
public Collection<Session> getActiveSessions(){
    Jedis jedis = null;
    try {
        jedis = jedisPool.getResource();
        Set<String> keys = jedis.keys(prefix + "*");
        if(CollectionUtils.isEmpty(keys)){
            return null;
        }
        List<String> values = jedis.mget(keys.toArray(new String[keys.size()]));
        return SerializeUtils.deserializeFromStrings(values);
    } catch (Exception e){
        logger.warn("统计Session信息失败", e);
    } finally {
        jedis.close();
    }
    return null;
}
 
Example #5
Source File: ShiroSessionDAO.java    From phone with Apache License 2.0 6 votes vote down vote up
public Collection<Session> getActiveSessions() {
        Collection<Session> values = super.getActiveSessions();
//		RedisClientSupport jedis = SpringBeanUtil.getRedisClientSupport();
//		if (jedis != null) {
//			String key = RedisKeyConfig.getShiroSessionCacheKey("*");
//			try {
//				Set<String> valueSet = jedis.keys(key);
//				if (valueSet!=null&&valueSet.size()>0) {
//					for (String v : valueSet) {
////					Session session = JSON.parseObject(v, Session.class);
//						Session session = SerializableUtils.deserialize(v,Session.class);
//						values.add(session);
//					}
//				}
//			} catch (CacheAccessException e) {
//			}
//		}
        if (CollectionUtils.isEmpty(values)) {
            return Collections.emptySet();
        } else {
            return Collections.unmodifiableCollection(values);
        }
    }
 
Example #6
Source File: CasAuthenticatingFilter.java    From shiro-cas-spring-boot-starter with Apache License 2.0 5 votes vote down vote up
/**
  * If login has been successful, redirect user to the original protected url.
  * 
  * @param token the token representing the current authentication
  * @param subject the current authenticated subjet
  * @param request the incoming request
  * @param response the outgoing response
  * @throws Exception if there is an error processing the request.
  */
 @Override
 protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request,
                                  ServletResponse response) throws Exception {
     
     // Login Listener
if(getLoginListeners() != null && getLoginListeners().size() > 0){
	for (LoginListener loginListener : getLoginListeners()) {
		loginListener.onSuccess(token, subject, request, response);
	}
}

if (CollectionUtils.isEmpty(getSuccessHandlers())) {
	issueSuccessRedirect(request, response);
} else {
	boolean isMatched = false;
	for (AuthenticationSuccessHandler successHandler : getSuccessHandlers()) {

		if (successHandler != null && successHandler.supports(token)) {
			successHandler.onAuthenticationSuccess(token, request, response, subject);
			isMatched = true;
			break;
		}
	}
	if (!isMatched) {
		issueSuccessRedirect(request, response);
	}
}
      
     //we handled the success , prevent the chain from continuing:
     return false;
 }
 
Example #7
Source File: IamSession.java    From super-cloudops with Apache License 2.0 5 votes vote down vote up
/**
 * Serializes this object to the specified output stream for JDK
 * Serialization.
 *
 * @param out
 *            output stream used for Object serialization.
 * @throws IOException
 *             if any of this object's fields cannot be written to the
 *             stream.
 * @since 1.0
 */
@JsonIgnore
private void writeObject(ObjectOutputStream out) throws IOException {
	out.defaultWriteObject();
	short alteredFieldsBitMask = getAlteredFieldsBitMask();
	out.writeShort(alteredFieldsBitMask);
	if (id != null) {
		out.writeObject(id);
	}
	if (startTimestamp != null) {
		out.writeObject(startTimestamp);
	}
	if (stopTimestamp != null) {
		out.writeObject(stopTimestamp);
	}
	if (lastAccessTime != null) {
		out.writeObject(lastAccessTime);
	}
	if (timeout != 0l) {
		out.writeLong(timeout);
	}
	if (expired) {
		out.writeBoolean(expired);
	}
	if (host != null) {
		out.writeUTF(host);
	}
	if (!CollectionUtils.isEmpty(attributes)) {
		out.writeObject(attributes);
	}
}
 
Example #8
Source File: IamSession.java    From super-cloudops with Apache License 2.0 5 votes vote down vote up
/**
 * Returns a bit mask used during serialization indicating which fields have
 * been serialized. Fields that have been altered (not null and/or not
 * retaining the class defaults) will be serialized and have 1 in their
 * respective index, fields that are null and/or retain class default values
 * have 0.
 *
 * @return a bit mask used during serialization indicating which fields have
 *         been serialized.
 * @since 1.0
 */
@JsonIgnore
private short getAlteredFieldsBitMask() {
	int bitMask = 0;
	bitMask = id != null ? bitMask | ID_BIT_MASK : bitMask;
	bitMask = startTimestamp != null ? bitMask | START_TIMESTAMP_BIT_MASK : bitMask;
	bitMask = stopTimestamp != null ? bitMask | STOP_TIMESTAMP_BIT_MASK : bitMask;
	bitMask = lastAccessTime != null ? bitMask | LAST_ACCESS_TIME_BIT_MASK : bitMask;
	bitMask = timeout != 0l ? bitMask | TIMEOUT_BIT_MASK : bitMask;
	bitMask = expired ? bitMask | EXPIRED_BIT_MASK : bitMask;
	bitMask = host != null ? bitMask | HOST_BIT_MASK : bitMask;
	bitMask = !CollectionUtils.isEmpty(attributes) ? bitMask | ATTRIBUTES_BIT_MASK : bitMask;
	return (short) bitMask;
}
 
Example #9
Source File: EnhancedWildcardPermission.java    From super-cloudops with Apache License 2.0 5 votes vote down vote up
protected void initWildcardString(String wildcardString, boolean caseSensitive) {
	wildcardString = StringUtils.clean(wildcardString);
	if (isBlank(wildcardString)) {
		throw new IllegalArgumentException(
				"Wildcard string cannot be null or empty. Make sure permission strings are properly formatted.");
	}
	checkWildcard(wildcardString);
	if (!caseSensitive) {
		wildcardString = wildcardString.toLowerCase();
	}

	List<String> permits = CollectionUtils.asList(wildcardString.split(PERMIT_DIVIDER_TOKEN));
	permitParts = new ArrayList<Set<String>>();
	for (String permit : permits) {
		Set<String> permitPart = CollectionUtils.asSet(permit.split(PERMIT_PART_DIVIDER_TOKEN));
		if (permitPart.isEmpty()) {
			throw new IllegalArgumentException(
					"Wildcard string cannot contain parts with only dividers. Make sure permission strings are properly formatted.");
		}
		permitParts.add(permitPart);
	}

	if (permitParts.isEmpty()) {
		throw new IllegalArgumentException(
				"Wildcard string cannot contain only dividers. Make sure permission strings are properly formatted.");
	}
}
 
Example #10
Source File: AbstractPermittingAuthorizingRealm.java    From super-cloudops with Apache License 2.0 5 votes vote down vote up
/**
 * New create and merge {@link IamPrincipalInfo} to
 * {@link PrincipalCollection}
 * 
 * @param principal
 * @param info
 * @return
 */
protected PrincipalCollection createPermitPrincipalCollection(String principal, IamPrincipalInfo info) {
	notNull(principal, "Principal can't null");
	notNull(info, "IamPrincipalInfo can't null");

	// Authenticate attributes.(roles/permissions/rememberMe)
	Map<String, String> principalMap = info.getAttributes();
	principalMap.put(KEY_ROLES_ATTRIBUTE_NAME, info.getRoles());
	principalMap.put(KEY_PERMITS_ATTRIBUTE_NAME, info.getPermissions());

	// Create simple-authentication info
	List<Object> principals = CollectionUtils.asList(principal, principalMap);
	return new SimplePrincipalCollection(principals, getName());
}
 
Example #11
Source File: DefineModularRealmAuthenticator.java    From cms with Apache License 2.0 5 votes vote down vote up
/**
 * 判断realm是否为空
 *
 * @throws IllegalStateException
 */
@Override
protected void assertRealmsConfigured() throws IllegalStateException {
    this.definedRealms = this.getDefinedRealms();
    if (CollectionUtils.isEmpty(this.definedRealms)) {
        throw new ShiroException("值传递错误!");
    }
}
 
Example #12
Source File: RealmServiceImpl.java    From nano-framework with Apache License 2.0 5 votes vote down vote up
protected Realm getRealm() {
    final SecurityManager securityManager = SecurityUtils.getSecurityManager();
    if(securityManager instanceof RealmSecurityManager) {
        Collection<Realm> realms = ((RealmSecurityManager) securityManager).getRealms();
        if(!CollectionUtils.isEmpty(realms) && realms.size() == 1) {
            return realms.iterator().next();
        }
    }
    
    throw new MultiRealmException();
}
 
Example #13
Source File: RolesAuthorizationFilter.java    From tapestry-security with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings({"unchecked"})
public boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws IOException {

    Subject subject = getSubject(request, response);
    String[] rolesArray = (String[]) mappedValue;

    if (rolesArray == null || rolesArray.length == 0) {
        //no roles specified, so nothing to check - allow access.
        return true;
    }

    Set<String> roles = CollectionUtils.asSet(rolesArray);
    return subject.hasAllRoles(roles);
}
 
Example #14
Source File: SecurityConfigurer.java    From seed with Mozilla Public License 2.0 5 votes vote down vote up
SecurityConfigurer(SecurityConfig securityConfig, Map<Class<?>, Collection<Class<?>>> securityClasses,
        Collection<Class<? extends PrincipalCustomizer<?>>> principalCustomizerClasses) {
    this.securityConfig = securityConfig;
    this.securityClasses = securityClasses;
    this.principalCustomizerClasses = principalCustomizerClasses;
    if (CollectionUtils.isEmpty(securityClasses.get(Realm.class))) {
        throw new IllegalArgumentException("No realm class provided !");
    }
    buildRealms();
}
 
Example #15
Source File: SecurityConfigurer.java    From seed with Mozilla Public License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
private <T> Class<? extends T> findRealmComponent(String realmName, String componentName,
        Class<? extends T> clazz) {
    Class<? extends T> componentClass;
    if (CollectionUtils.isEmpty(securityClasses.get(clazz))) {
        throw new IllegalArgumentException("No class of type " + componentName + " were found");
    }
    componentClass = (Class<? extends T>) findClass(componentName, securityClasses.get(clazz));
    if (componentClass == null) {
        throw new IllegalArgumentException("Unknown property value " + componentName + " for realm " + realmName);
    }
    return componentClass;
}
 
Example #16
Source File: SearchRequest.java    From es with Apache License 2.0 5 votes vote down vote up
@Override
public Searchable addSearchFilters(Collection<? extends SearchFilter> searchFilters) {
    if (CollectionUtils.isEmpty(searchFilters)) {
        return this;
    }
    for (SearchFilter searchFilter : searchFilters) {
        addSearchFilter(searchFilter);
    }
    return this;
}