src/site/assets/static/1.3.0/shiro-all/jacoco-aggregate/shiro-core/org.apache.shiro/SecurityUtils.java.html - shiro-site - Git at Google

 <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../../jacoco-resources/report.css" type="text/css"/><link rel="shortcut icon" href="../../jacoco-resources/report.gif" type="image/gif"/><title>SecurityUtils.java</title><link rel="stylesheet" href="../../jacoco-resources/prettify.css" type="text/css"/><script type="text/javascript" src="../../jacoco-resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="info"><a href="../../jacoco-sessions.html" class="el_session">Sessions</a></span><a href="../../index.html" class="el_report">Apache Shiro :: Jar Bundle</a> &gt; <a href="../index.html" class="el_bundle">shiro-core</a> &gt; <a href="index.source.html" class="el_package">org.apache.shiro</a> &gt; <span class="el_source">SecurityUtils.java</span></div><h1>SecurityUtils.java</h1><pre class="source lang-java linenums">/*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * &quot;License&quot;); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * &quot;AS IS&quot; BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.shiro;

 import org.apache.shiro.mgt.SecurityManager;
 import org.apache.shiro.subject.Subject;
 import org.apache.shiro.util.ThreadContext;


 /**
  * Accesses the currently accessible {@code Subject} for the calling code depending on runtime environment.
  *
  * @since 0.2
  */
 <span class="nc" id="L31">public abstract class SecurityUtils {</span>

     /**
      * ONLY used as a 'backup' in VM Singleton environments (that is, standalone environments), since the
      * ThreadContext should always be the primary source for Subject instances when possible.
      */
     private static SecurityManager securityManager;

     /**
      * Returns the currently accessible {@code Subject} available to the calling code depending on
      * runtime environment.
      * &lt;p/&gt;
      * This method is provided as a way of obtaining a {@code Subject} without having to resort to
      * implementation-specific methods.  It also allows the Shiro team to change the underlying implementation of
      * this method in the future depending on requirements/updates without affecting your code that uses it.
      *
      * @return the currently accessible {@code Subject} accessible to the calling code.
      * @throws IllegalStateException if no {@link Subject Subject} instance or
      *                               {@link SecurityManager SecurityManager} instance is available with which to obtain
      *                               a {@code Subject}, which which is considered an invalid application configuration
      *                               - a Subject should &lt;em&gt;always&lt;/em&gt; be available to the caller.
      */
     public static Subject getSubject() {
 <span class="fc" id="L54">        Subject subject = ThreadContext.getSubject();</span>
 <span class="fc bfc" id="L55" title="All 2 branches covered.">        if (subject == null) {</span>
 <span class="fc" id="L56">            subject = (new Subject.Builder()).buildSubject();</span>
 <span class="fc" id="L57">            ThreadContext.bind(subject);</span>
         }
 <span class="fc" id="L59">        return subject;</span>
     }

     /**
      * Sets a VM (static) singleton SecurityManager, specifically for transparent use in the
      * {@link #getSubject() getSubject()} implementation.
      * &lt;p/&gt;
      * &lt;b&gt;This method call exists mainly for framework development support.  Application developers should rarely,
      * if ever, need to call this method.&lt;/b&gt;
      * &lt;p/&gt;
      * The Shiro development team prefers that SecurityManager instances are non-static application singletons
      * and &lt;em&gt;not&lt;/em&gt; VM static singletons.  Application singletons that do not use static memory require some sort
      * of application configuration framework to maintain the application-wide SecurityManager instance for you
      * (for example, Spring or EJB3 environments) such that the object reference does not need to be static.
      * &lt;p/&gt;
      * In these environments, Shiro acquires Subject data based on the currently executing Thread via its own
      * framework integration code, and this is the preferred way to use Shiro.
      * &lt;p/&gt;
      * However in some environments, such as a standalone desktop application or Applets that do not use Spring or
      * EJB or similar config frameworks, a VM-singleton might make more sense (although the former is still preferred).
      * In these environments, setting the SecurityManager via this method will automatically enable the
      * {@link #getSubject() getSubject()} call to function with little configuration.
      * &lt;p/&gt;
      * For example, in these environments, this will work:
      * &lt;pre&gt;
      * DefaultSecurityManager securityManager = new {@link org.apache.shiro.mgt.DefaultSecurityManager DefaultSecurityManager}();
      * securityManager.setRealms( ... ); //one or more Realms
      * &lt;b&gt;SecurityUtils.setSecurityManager( securityManager );&lt;/b&gt;&lt;/pre&gt;
      * &lt;p/&gt;
      * And then anywhere in the application code, the following call will return the application's Subject:
      * &lt;pre&gt;
      * Subject currentUser = SecurityUtils.getSubject();&lt;/pre&gt;
      *
      * @param securityManager the securityManager instance to set as a VM static singleton.
      */
     public static void setSecurityManager(SecurityManager securityManager) {
 <span class="fc" id="L95">        SecurityUtils.securityManager = securityManager;</span>
 <span class="fc" id="L96">    }</span>

     /**
      * Returns the SecurityManager accessible to the calling code.
      * &lt;p/&gt;
      * This implementation favors acquiring a thread-bound {@code SecurityManager} if it can find one.  If one is
      * not available to the executing thread, it will attempt to use the static singleton if available (see the
      * {@link #setSecurityManager setSecurityManager} method for more on the static singleton).
      * &lt;p/&gt;
      * If neither the thread-local or static singleton instances are available, this method throws an
      * {@code UnavailableSecurityManagerException} to indicate an error - a SecurityManager should always be accessible
      * to calling code in an application. If it is not, it is likely due to a Shiro configuration problem.
      *
      * @return the SecurityManager accessible to the calling code.
      * @throws UnavailableSecurityManagerException
      *          if there is no {@code SecurityManager} instance available to the
      *          calling code, which typically indicates an invalid application configuration.
      */
     public static SecurityManager getSecurityManager() throws UnavailableSecurityManagerException {
 <span class="fc" id="L115">        SecurityManager securityManager = ThreadContext.getSecurityManager();</span>
 <span class="fc bfc" id="L116" title="All 2 branches covered.">        if (securityManager == null) {</span>
 <span class="fc" id="L117">            securityManager = SecurityUtils.securityManager;</span>
         }
 <span class="fc bfc" id="L119" title="All 2 branches covered.">        if (securityManager == null) {</span>
 <span class="fc" id="L120">            String msg = &quot;No SecurityManager accessible to the calling code, either bound to the &quot; +</span>
 <span class="fc" id="L121">                    ThreadContext.class.getName() + &quot; or as a vm static singleton.  This is an invalid application &quot; +</span>
                     &quot;configuration.&quot;;
 <span class="fc" id="L123">            throw new UnavailableSecurityManagerException(msg);</span>
         }
 <span class="fc" id="L125">        return securityManager;</span>
     }
 }
 </pre><div class="footer"><span class="right">Created with <a href="http://www.eclemma.org/jacoco">JaCoCo</a> 0.7.7.201606060606</span></div></body></html>
	<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../../jacoco-resources/report.css" type="text/css"/><link rel="shortcut icon" href="../../jacoco-resources/report.gif" type="image/gif"/><title>SecurityUtils.java</title><link rel="stylesheet" href="../../jacoco-resources/prettify.css" type="text/css"/><script type="text/javascript" src="../../jacoco-resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="info"><a href="../../jacoco-sessions.html" class="el_session">Sessions</a></span><a href="../../index.html" class="el_report">Apache Shiro :: Jar Bundle</a> > <a href="../index.html" class="el_bundle">shiro-core</a> > <a href="index.source.html" class="el_package">org.apache.shiro</a> > <span class="el_source">SecurityUtils.java</span></div><h1>SecurityUtils.java</h1><pre class="source lang-java linenums">/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.shiro;

	import org.apache.shiro.mgt.SecurityManager;
	import org.apache.shiro.subject.Subject;
	import org.apache.shiro.util.ThreadContext;


	/**
	* Accesses the currently accessible {@code Subject} for the calling code depending on runtime environment.
	*
	* @since 0.2
	*/
	<span class="nc" id="L31">public abstract class SecurityUtils {</span>

	/**
	* ONLY used as a 'backup' in VM Singleton environments (that is, standalone environments), since the
	* ThreadContext should always be the primary source for Subject instances when possible.
	*/
	private static SecurityManager securityManager;

	/**
	* Returns the currently accessible {@code Subject} available to the calling code depending on
	* runtime environment.
	* <p/>
	* This method is provided as a way of obtaining a {@code Subject} without having to resort to
	* implementation-specific methods. It also allows the Shiro team to change the underlying implementation of
	* this method in the future depending on requirements/updates without affecting your code that uses it.
	*
	* @return the currently accessible {@code Subject} accessible to the calling code.
	* @throws IllegalStateException if no {@link Subject Subject} instance or
	* {@link SecurityManager SecurityManager} instance is available with which to obtain
	* a {@code Subject}, which which is considered an invalid application configuration
	* - a Subject should <em>always</em> be available to the caller.
	*/
	public static Subject getSubject() {
	<span class="fc" id="L54"> Subject subject = ThreadContext.getSubject();</span>
	<span class="fc bfc" id="L55" title="All 2 branches covered."> if (subject == null) {</span>
	<span class="fc" id="L56"> subject = (new Subject.Builder()).buildSubject();</span>
	<span class="fc" id="L57"> ThreadContext.bind(subject);</span>
	}
	<span class="fc" id="L59"> return subject;</span>
	}

	/**
	* Sets a VM (static) singleton SecurityManager, specifically for transparent use in the
	* {@link #getSubject() getSubject()} implementation.
	* <p/>
	* <b>This method call exists mainly for framework development support. Application developers should rarely,
	* if ever, need to call this method.</b>
	* <p/>
	* The Shiro development team prefers that SecurityManager instances are non-static application singletons
	* and <em>not</em> VM static singletons. Application singletons that do not use static memory require some sort
	* of application configuration framework to maintain the application-wide SecurityManager instance for you
	* (for example, Spring or EJB3 environments) such that the object reference does not need to be static.
	* <p/>
	* In these environments, Shiro acquires Subject data based on the currently executing Thread via its own
	* framework integration code, and this is the preferred way to use Shiro.
	* <p/>
	* However in some environments, such as a standalone desktop application or Applets that do not use Spring or
	* EJB or similar config frameworks, a VM-singleton might make more sense (although the former is still preferred).
	* In these environments, setting the SecurityManager via this method will automatically enable the
	* {@link #getSubject() getSubject()} call to function with little configuration.
	* <p/>
	* For example, in these environments, this will work:
	* <pre>
	* DefaultSecurityManager securityManager = new {@link org.apache.shiro.mgt.DefaultSecurityManager DefaultSecurityManager}();
	* securityManager.setRealms( ... ); //one or more Realms
	* <b>SecurityUtils.setSecurityManager( securityManager );</b></pre>
	* <p/>
	* And then anywhere in the application code, the following call will return the application's Subject:
	* <pre>
	* Subject currentUser = SecurityUtils.getSubject();</pre>
	*
	* @param securityManager the securityManager instance to set as a VM static singleton.
	*/
	public static void setSecurityManager(SecurityManager securityManager) {
	<span class="fc" id="L95"> SecurityUtils.securityManager = securityManager;</span>
	<span class="fc" id="L96"> }</span>

	/**
	* Returns the SecurityManager accessible to the calling code.
	* <p/>
	* This implementation favors acquiring a thread-bound {@code SecurityManager} if it can find one. If one is
	* not available to the executing thread, it will attempt to use the static singleton if available (see the
	* {@link #setSecurityManager setSecurityManager} method for more on the static singleton).
	* <p/>
	* If neither the thread-local or static singleton instances are available, this method throws an
	* {@code UnavailableSecurityManagerException} to indicate an error - a SecurityManager should always be accessible
	* to calling code in an application. If it is not, it is likely due to a Shiro configuration problem.
	*
	* @return the SecurityManager accessible to the calling code.
	* @throws UnavailableSecurityManagerException
	* if there is no {@code SecurityManager} instance available to the
	* calling code, which typically indicates an invalid application configuration.
	*/
	public static SecurityManager getSecurityManager() throws UnavailableSecurityManagerException {
	<span class="fc" id="L115"> SecurityManager securityManager = ThreadContext.getSecurityManager();</span>
	<span class="fc bfc" id="L116" title="All 2 branches covered."> if (securityManager == null) {</span>
	<span class="fc" id="L117"> securityManager = SecurityUtils.securityManager;</span>
	}
	<span class="fc bfc" id="L119" title="All 2 branches covered."> if (securityManager == null) {</span>
	<span class="fc" id="L120"> String msg = "No SecurityManager accessible to the calling code, either bound to the " +</span>
	<span class="fc" id="L121"> ThreadContext.class.getName() + " or as a vm static singleton. This is an invalid application " +</span>
	"configuration.";
	<span class="fc" id="L123"> throw new UnavailableSecurityManagerException(msg);</span>
	}
	<span class="fc" id="L125"> return securityManager;</span>
	}
	}
	</pre><div class="footer"><span class="right">Created with <a href="http://www.eclemma.org/jacoco">JaCoCo</a> 0.7.7.201606060606</span></div></body></html>