| <!DOCTYPE HTML> |
| <html lang="en"> |
| <head> |
| <title>Source code</title> |
| <link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style"> |
| </head> |
| <body> |
| <main role="main"> |
| <div class="sourceContainer"> |
| <pre><span class="sourceLineNo">001</span><a id="line.1">/*</a> |
| <span class="sourceLineNo">002</span><a id="line.2"> * Licensed to the Apache Software Foundation (ASF) under one</a> |
| <span class="sourceLineNo">003</span><a id="line.3"> * or more contributor license agreements. See the NOTICE file</a> |
| <span class="sourceLineNo">004</span><a id="line.4"> * distributed with this work for additional information</a> |
| <span class="sourceLineNo">005</span><a id="line.5"> * regarding copyright ownership. The ASF licenses this file</a> |
| <span class="sourceLineNo">006</span><a id="line.6"> * to you under the Apache License, Version 2.0 (the</a> |
| <span class="sourceLineNo">007</span><a id="line.7"> * "License"); you may not use this file except in compliance</a> |
| <span class="sourceLineNo">008</span><a id="line.8"> * with the License. You may obtain a copy of the License at</a> |
| <span class="sourceLineNo">009</span><a id="line.9"> *</a> |
| <span class="sourceLineNo">010</span><a id="line.10"> * http://www.apache.org/licenses/LICENSE-2.0</a> |
| <span class="sourceLineNo">011</span><a id="line.11"> *</a> |
| <span class="sourceLineNo">012</span><a id="line.12"> * Unless required by applicable law or agreed to in writing,</a> |
| <span class="sourceLineNo">013</span><a id="line.13"> * software distributed under the License is distributed on an</a> |
| <span class="sourceLineNo">014</span><a id="line.14"> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</a> |
| <span class="sourceLineNo">015</span><a id="line.15"> * KIND, either express or implied. See the License for the</a> |
| <span class="sourceLineNo">016</span><a id="line.16"> * specific language governing permissions and limitations</a> |
| <span class="sourceLineNo">017</span><a id="line.17"> * under the License.</a> |
| <span class="sourceLineNo">018</span><a id="line.18"> */</a> |
| <span class="sourceLineNo">019</span><a id="line.19">package org.apache.shiro.authc.pam;</a> |
| <span class="sourceLineNo">020</span><a id="line.20"></a> |
| <span class="sourceLineNo">021</span><a id="line.21">import org.slf4j.Logger;</a> |
| <span class="sourceLineNo">022</span><a id="line.22">import org.slf4j.LoggerFactory;</a> |
| <span class="sourceLineNo">023</span><a id="line.23"></a> |
| <span class="sourceLineNo">024</span><a id="line.24">import org.apache.shiro.authc.AuthenticationException;</a> |
| <span class="sourceLineNo">025</span><a id="line.25">import org.apache.shiro.authc.AuthenticationInfo;</a> |
| <span class="sourceLineNo">026</span><a id="line.26">import org.apache.shiro.authc.AuthenticationToken;</a> |
| <span class="sourceLineNo">027</span><a id="line.27">import org.apache.shiro.authc.UnknownAccountException;</a> |
| <span class="sourceLineNo">028</span><a id="line.28">import org.apache.shiro.realm.Realm;</a> |
| <span class="sourceLineNo">029</span><a id="line.29"></a> |
| <span class="sourceLineNo">030</span><a id="line.30"></a> |
| <span class="sourceLineNo">031</span><a id="line.31">/**</a> |
| <span class="sourceLineNo">032</span><a id="line.32"> * <tt>AuthenticationStrategy</tt> implementation that requires <em>all</em> configured realms to</a> |
| <span class="sourceLineNo">033</span><a id="line.33"> * <b>successfully</b> process the submitted <tt>AuthenticationToken</tt> during the log-in attempt.</a> |
| <span class="sourceLineNo">034</span><a id="line.34"> * <p/></a> |
| <span class="sourceLineNo">035</span><a id="line.35"> * <p>If one or more realms do not support the submitted token, or one or more are unable to acquire</a> |
| <span class="sourceLineNo">036</span><a id="line.36"> * <tt>AuthenticationInfo</tt> for the token, this implementation will immediately fail the log-in attempt for the</a> |
| <span class="sourceLineNo">037</span><a id="line.37"> * associated subject (user).</a> |
| <span class="sourceLineNo">038</span><a id="line.38"> *</a> |
| <span class="sourceLineNo">039</span><a id="line.39"> * @since 0.2</a> |
| <span class="sourceLineNo">040</span><a id="line.40"> */</a> |
| <span class="sourceLineNo">041</span><a id="line.41">public class AllSuccessfulStrategy extends AbstractAuthenticationStrategy {</a> |
| <span class="sourceLineNo">042</span><a id="line.42"></a> |
| <span class="sourceLineNo">043</span><a id="line.43"> /** Private class log instance. */</a> |
| <span class="sourceLineNo">044</span><a id="line.44"> private static final Logger log = LoggerFactory.getLogger(AllSuccessfulStrategy.class);</a> |
| <span class="sourceLineNo">045</span><a id="line.45"></a> |
| <span class="sourceLineNo">046</span><a id="line.46"> /**</a> |
| <span class="sourceLineNo">047</span><a id="line.47"> * Because all realms in this strategy must complete successfully, this implementation ensures that the given</a> |
| <span class="sourceLineNo">048</span><a id="line.48"> * <code>Realm</code> {@link org.apache.shiro.realm.Realm#supports(org.apache.shiro.authc.AuthenticationToken) supports} the given</a> |
| <span class="sourceLineNo">049</span><a id="line.49"> * <code>token</code> argument. If it does not, this method throws an</a> |
| <span class="sourceLineNo">050</span><a id="line.50"> * {@link UnsupportedTokenException UnsupportedTokenException} to end the authentication</a> |
| <span class="sourceLineNo">051</span><a id="line.51"> * process immediately. If the realm does support the token, the <code>info</code> argument is returned immediately.</a> |
| <span class="sourceLineNo">052</span><a id="line.52"> */</a> |
| <span class="sourceLineNo">053</span><a id="line.53"> public AuthenticationInfo beforeAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo info) throws AuthenticationException {</a> |
| <span class="sourceLineNo">054</span><a id="line.54"> if (!realm.supports(token)) {</a> |
| <span class="sourceLineNo">055</span><a id="line.55"> String msg = "Realm [" + realm + "] of type [" + realm.getClass().getName() + "] does not support " +</a> |
| <span class="sourceLineNo">056</span><a id="line.56"> " the submitted AuthenticationToken [" + token + "]. The [" + getClass().getName() +</a> |
| <span class="sourceLineNo">057</span><a id="line.57"> "] implementation requires all configured realm(s) to support and be able to process the submitted " +</a> |
| <span class="sourceLineNo">058</span><a id="line.58"> "AuthenticationToken.";</a> |
| <span class="sourceLineNo">059</span><a id="line.59"> throw new UnsupportedTokenException(msg);</a> |
| <span class="sourceLineNo">060</span><a id="line.60"> }</a> |
| <span class="sourceLineNo">061</span><a id="line.61"></a> |
| <span class="sourceLineNo">062</span><a id="line.62"> return info;</a> |
| <span class="sourceLineNo">063</span><a id="line.63"> }</a> |
| <span class="sourceLineNo">064</span><a id="line.64"></a> |
| <span class="sourceLineNo">065</span><a id="line.65"> /**</a> |
| <span class="sourceLineNo">066</span><a id="line.66"> * Merges the specified <code>info</code> into the <code>aggregate</code> argument and returns it (just as the</a> |
| <span class="sourceLineNo">067</span><a id="line.67"> * parent implementation does), but additionally ensures the following:</a> |
| <span class="sourceLineNo">068</span><a id="line.68"> * <ol></a> |
| <span class="sourceLineNo">069</span><a id="line.69"> * <li>if the <code>Throwable</code> argument is not <code>null</code>, re-throws it to immediately cancel the</a> |
| <span class="sourceLineNo">070</span><a id="line.70"> * authentication process, since this strategy requires all realms to authenticate successfully.</li></a> |
| <span class="sourceLineNo">071</span><a id="line.71"> * <li>neither the <code>info</code> or <code>aggregate</code> argument is <code>null</code> to ensure that each</a> |
| <span class="sourceLineNo">072</span><a id="line.72"> * realm did in fact authenticate successfully</li></a> |
| <span class="sourceLineNo">073</span><a id="line.73"> * </ol></a> |
| <span class="sourceLineNo">074</span><a id="line.74"> */</a> |
| <span class="sourceLineNo">075</span><a id="line.75"> public AuthenticationInfo afterAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo info, AuthenticationInfo aggregate, Throwable t)</a> |
| <span class="sourceLineNo">076</span><a id="line.76"> throws AuthenticationException {</a> |
| <span class="sourceLineNo">077</span><a id="line.77"> if (t != null) {</a> |
| <span class="sourceLineNo">078</span><a id="line.78"> if (t instanceof AuthenticationException) {</a> |
| <span class="sourceLineNo">079</span><a id="line.79"> //propagate:</a> |
| <span class="sourceLineNo">080</span><a id="line.80"> throw ((AuthenticationException) t);</a> |
| <span class="sourceLineNo">081</span><a id="line.81"> } else {</a> |
| <span class="sourceLineNo">082</span><a id="line.82"> String msg = "Unable to acquire account data from realm [" + realm + "]. The [" +</a> |
| <span class="sourceLineNo">083</span><a id="line.83"> getClass().getName() + " implementation requires all configured realm(s) to operate successfully " +</a> |
| <span class="sourceLineNo">084</span><a id="line.84"> "for a successful authentication.";</a> |
| <span class="sourceLineNo">085</span><a id="line.85"> throw new AuthenticationException(msg, t);</a> |
| <span class="sourceLineNo">086</span><a id="line.86"> }</a> |
| <span class="sourceLineNo">087</span><a id="line.87"> }</a> |
| <span class="sourceLineNo">088</span><a id="line.88"> if (info == null) {</a> |
| <span class="sourceLineNo">089</span><a id="line.89"> String msg = "Realm [" + realm + "] could not find any associated account data for the submitted " +</a> |
| <span class="sourceLineNo">090</span><a id="line.90"> "AuthenticationToken [" + token + "]. The [" + getClass().getName() + "] implementation requires " +</a> |
| <span class="sourceLineNo">091</span><a id="line.91"> "all configured realm(s) to acquire valid account data for a submitted token during the " +</a> |
| <span class="sourceLineNo">092</span><a id="line.92"> "log-in process.";</a> |
| <span class="sourceLineNo">093</span><a id="line.93"> throw new UnknownAccountException(msg);</a> |
| <span class="sourceLineNo">094</span><a id="line.94"> }</a> |
| <span class="sourceLineNo">095</span><a id="line.95"></a> |
| <span class="sourceLineNo">096</span><a id="line.96"> log.debug("Account successfully authenticated using realm [{}]", realm);</a> |
| <span class="sourceLineNo">097</span><a id="line.97"></a> |
| <span class="sourceLineNo">098</span><a id="line.98"> // If non-null account is returned, then the realm was able to authenticate the</a> |
| <span class="sourceLineNo">099</span><a id="line.99"> // user - so merge the account with any accumulated before:</a> |
| <span class="sourceLineNo">100</span><a id="line.100"> merge(info, aggregate);</a> |
| <span class="sourceLineNo">101</span><a id="line.101"></a> |
| <span class="sourceLineNo">102</span><a id="line.102"> return aggregate;</a> |
| <span class="sourceLineNo">103</span><a id="line.103"> }</a> |
| <span class="sourceLineNo">104</span><a id="line.104">}</a> |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| </pre> |
| </div> |
| </main> |
| </body> |
| </html> |