activemq-shiro/src/main/java/org/apache/activemq/shiro/subject/SubjectSecurityContext.java - activemq - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.activemq.shiro.subject;

 import java.security.Principal;
 import java.util.Set;
 import java.util.concurrent.ConcurrentMap;

 import org.apache.activemq.command.ActiveMQDestination;
 import org.apache.activemq.security.SecurityContext;
 import org.apache.shiro.subject.Subject;

 /**
  * ActiveMQ {@code SecurityContext} implementation that retains a Shiro {@code Subject} instance for use during
  * security checks and other security-related operations.
  *
  * @since 5.10.0
  */
 public class SubjectSecurityContext extends SecurityContext {

     private final Subject subject;

     public SubjectSecurityContext(SubjectConnectionReference conn) {
         //The username might not be available at the time this object is instantiated (the Subject might be
         //anonymous).  Instead we override the getUserName() method below and that will always delegate to the
         //Subject to return the most accurate/freshest username available.
         super(null);
         this.subject = conn.getSubject();
     }

     public Subject getSubject() {
         return subject;
     }

     private static String getUsername(Subject subject) {
         if (subject != null) {
             Object principal = subject.getPrincipal();
             if (principal != null) {
                 return String.valueOf(principal);
             }
         }
         return null;
     }

     @Override
     public String getUserName() {
         return getUsername(this.subject);
     }

     private static UnsupportedOperationException notAllowed(String methodName) {
         String msg = "Do not invoke the '" + methodName + "' method or use a broker filter that invokes it.  Use one " +
                 "of the Shiro-based security filters instead.";
         return new UnsupportedOperationException(msg);
     }

     @Override
     public boolean isInOneOf(Set<?> allowedPrincipals) {
         throw notAllowed("isInOneOf");
     }

     @Override
     public ConcurrentMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedWriteDests() {
         throw notAllowed("getAuthorizedWriteDests");
     }

     @Override
     public Set<Principal> getPrincipals() {
         throw notAllowed("getPrincipals");
     }
 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.activemq.shiro.subject;

	import java.security.Principal;
	import java.util.Set;
	import java.util.concurrent.ConcurrentMap;

	import org.apache.activemq.command.ActiveMQDestination;
	import org.apache.activemq.security.SecurityContext;
	import org.apache.shiro.subject.Subject;

	/**
	* ActiveMQ {@code SecurityContext} implementation that retains a Shiro {@code Subject} instance for use during
	* security checks and other security-related operations.
	*
	* @since 5.10.0
	*/
	public class SubjectSecurityContext extends SecurityContext {

	private final Subject subject;

	public SubjectSecurityContext(SubjectConnectionReference conn) {
	//The username might not be available at the time this object is instantiated (the Subject might be
	//anonymous). Instead we override the getUserName() method below and that will always delegate to the
	//Subject to return the most accurate/freshest username available.
	super(null);
	this.subject = conn.getSubject();
	}

	public Subject getSubject() {
	return subject;
	}

	private static String getUsername(Subject subject) {
	if (subject != null) {
	Object principal = subject.getPrincipal();
	if (principal != null) {
	return String.valueOf(principal);
	}
	}
	return null;
	}

	@Override
	public String getUserName() {
	return getUsername(this.subject);
	}

	private static UnsupportedOperationException notAllowed(String methodName) {
	String msg = "Do not invoke the '" + methodName + "' method or use a broker filter that invokes it. Use one " +
	"of the Shiro-based security filters instead.";
	return new UnsupportedOperationException(msg);
	}

	@Override
	public boolean isInOneOf(Set<?> allowedPrincipals) {
	throw notAllowed("isInOneOf");
	}

	@Override
	public ConcurrentMap<ActiveMQDestination, ActiveMQDestination> getAuthorizedWriteDests() {
	throw notAllowed("getAuthorizedWriteDests");
	}

	@Override
	public Set<Principal> getPrincipals() {
	throw notAllowed("getPrincipals");
	}
	}