core/src/main/java/org/apache/shiro/subject/support/DefaultSubjectContext.java - shiro - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.shiro.subject.support;

 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.UnavailableSecurityManagerException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.authc.HostAuthenticationToken;
 import org.apache.shiro.mgt.SecurityManager;
 import org.apache.shiro.session.Session;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.apache.shiro.subject.Subject;
 import org.apache.shiro.subject.SubjectContext;
 import org.apache.shiro.util.CollectionUtils;
 import org.apache.shiro.util.MapContext;
 import org.apache.shiro.util.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import java.io.Serializable;

 /**
  * Default implementation of the {@link SubjectContext} interface.  Note that the getters and setters are not
  * simple pass-through methods to an underlying attribute;  the getters will employ numerous heuristics to acquire
  * their data attribute as best as possible (for example, if {@link #getPrincipals} is invoked, if the principals aren't
  * in the backing map, it might check to see if there is a subject or session in the map and attempt to acquire the
  * principals from those objects).
  *
  * @since 1.0
  */
 public class DefaultSubjectContext extends MapContext implements SubjectContext {

     private static final String SECURITY_MANAGER = DefaultSubjectContext.class.getName() + ".SECURITY_MANAGER";

     private static final String SESSION_ID = DefaultSubjectContext.class.getName() + ".SESSION_ID";

     private static final String AUTHENTICATION_TOKEN = DefaultSubjectContext.class.getName() + ".AUTHENTICATION_TOKEN";

     private static final String AUTHENTICATION_INFO = DefaultSubjectContext.class.getName() + ".AUTHENTICATION_INFO";

     private static final String SUBJECT = DefaultSubjectContext.class.getName() + ".SUBJECT";

     private static final String PRINCIPALS = DefaultSubjectContext.class.getName() + ".PRINCIPALS";

     private static final String SESSION = DefaultSubjectContext.class.getName() + ".SESSION";

     private static final String AUTHENTICATED = DefaultSubjectContext.class.getName() + ".AUTHENTICATED";

     private static final String HOST = DefaultSubjectContext.class.getName() + ".HOST";

     public static final String SESSION_CREATION_ENABLED = DefaultSubjectContext.class.getName() + ".SESSION_CREATION_ENABLED";

     /**
      * The session key that is used to store subject principals.
      */
     public static final String PRINCIPALS_SESSION_KEY = DefaultSubjectContext.class.getName() + "_PRINCIPALS_SESSION_KEY";

     /**
      * The session key that is used to store whether or not the user is authenticated.
      */
     public static final String AUTHENTICATED_SESSION_KEY = DefaultSubjectContext.class.getName() + "_AUTHENTICATED_SESSION_KEY";

     private static final transient Logger log = LoggerFactory.getLogger(DefaultSubjectContext.class);

     public DefaultSubjectContext() {
         super();
     }

     public DefaultSubjectContext(SubjectContext ctx) {
         super(ctx);
     }

     public SecurityManager getSecurityManager() {
         return getTypedValue(SECURITY_MANAGER, SecurityManager.class);
     }

     public void setSecurityManager(SecurityManager securityManager) {
         nullSafePut(SECURITY_MANAGER, securityManager);
     }

     public SecurityManager resolveSecurityManager() {
         SecurityManager securityManager = getSecurityManager();
         if (securityManager == null) {
             if (log.isDebugEnabled()) {
                 log.debug("No SecurityManager available in subject context map.  " +
                         "Falling back to SecurityUtils.getSecurityManager() lookup.");
             }
             try {
                 securityManager = SecurityUtils.getSecurityManager();
             } catch (UnavailableSecurityManagerException e) {
                 if (log.isDebugEnabled()) {
                     log.debug("No SecurityManager available via SecurityUtils.  Heuristics exhausted.", e);
                 }
             }
         }
         return securityManager;
     }

     public Serializable getSessionId() {
         return getTypedValue(SESSION_ID, Serializable.class);
     }

     public void setSessionId(Serializable sessionId) {
         nullSafePut(SESSION_ID, sessionId);
     }

     public Subject getSubject() {
         return getTypedValue(SUBJECT, Subject.class);
     }

     public void setSubject(Subject subject) {
         nullSafePut(SUBJECT, subject);
     }

     public PrincipalCollection getPrincipals() {
         return getTypedValue(PRINCIPALS, PrincipalCollection.class);
     }

     public void setPrincipals(PrincipalCollection principals) {
         if (!CollectionUtils.isEmpty(principals)) {
             put(PRINCIPALS, principals);
         }
     }

     public PrincipalCollection resolvePrincipals() {
         PrincipalCollection principals = getPrincipals();

         if (CollectionUtils.isEmpty(principals)) {
             //check to see if they were just authenticated:
             AuthenticationInfo info = getAuthenticationInfo();
             if (info != null) {
                 principals = info.getPrincipals();
             }
         }

         if (CollectionUtils.isEmpty(principals)) {
             Subject subject = getSubject();
             if (subject != null) {
                 principals = subject.getPrincipals();
             }
         }

         if (CollectionUtils.isEmpty(principals)) {
             //try the session:
             Session session = resolveSession();
             if (session != null) {
                 principals = (PrincipalCollection) session.getAttribute(PRINCIPALS_SESSION_KEY);
             }
         }

         return principals;
     }


     public Session getSession() {
         return getTypedValue(SESSION, Session.class);
     }

     public void setSession(Session session) {
         nullSafePut(SESSION, session);
     }

     public Session resolveSession() {
         Session session = getSession();
         if (session == null) {
             //try the Subject if it exists:
             Subject existingSubject = getSubject();
             if (existingSubject != null) {
                 session = existingSubject.getSession(false);
             }
         }
         return session;
     }

     public boolean isSessionCreationEnabled() {
         Boolean val = getTypedValue(SESSION_CREATION_ENABLED, Boolean.class);
         return val == null || val;
     }

     public void setSessionCreationEnabled(boolean enabled) {
         nullSafePut(SESSION_CREATION_ENABLED, enabled);
     }

     public boolean isAuthenticated() {
         Boolean authc = getTypedValue(AUTHENTICATED, Boolean.class);
         return authc != null && authc;
     }

     public void setAuthenticated(boolean authc) {
         put(AUTHENTICATED, authc);
     }

     public boolean resolveAuthenticated() {
         Boolean authc = getTypedValue(AUTHENTICATED, Boolean.class);
         if (authc == null) {
             //see if there is an AuthenticationInfo object.  If so, the very presence of one indicates a successful
             //authentication attempt:
             AuthenticationInfo info = getAuthenticationInfo();
             authc = info != null;
         }
         if (!authc) {
             //fall back to a session check:
             Session session = resolveSession();
             if (session != null) {
                 Boolean sessionAuthc = (Boolean) session.getAttribute(AUTHENTICATED_SESSION_KEY);
                 authc = sessionAuthc != null && sessionAuthc;
             }
         }

         return authc;
     }

     public AuthenticationInfo getAuthenticationInfo() {
         return getTypedValue(AUTHENTICATION_INFO, AuthenticationInfo.class);
     }

     public void setAuthenticationInfo(AuthenticationInfo info) {
         nullSafePut(AUTHENTICATION_INFO, info);
     }

     public AuthenticationToken getAuthenticationToken() {
         return getTypedValue(AUTHENTICATION_TOKEN, AuthenticationToken.class);
     }

     public void setAuthenticationToken(AuthenticationToken token) {
         nullSafePut(AUTHENTICATION_TOKEN, token);
     }

     public String getHost() {
         return getTypedValue(HOST, String.class);
     }

     public void setHost(String host) {
         if (StringUtils.hasText(host)) {
             put(HOST, host);
         }
     }

     public String resolveHost() {
         String host = getHost();

         if (host == null) {
             //check to see if there is an AuthenticationToken from which to retrieve it:
             AuthenticationToken token = getAuthenticationToken();
             if (token instanceof HostAuthenticationToken) {
                 host = ((HostAuthenticationToken) token).getHost();
             }
         }

         if (host == null) {
             Session session = resolveSession();
             if (session != null) {
                 host = session.getHost();
             }
         }

         return host;
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.shiro.subject.support;

	import org.apache.shiro.SecurityUtils;
	import org.apache.shiro.UnavailableSecurityManagerException;
	import org.apache.shiro.authc.AuthenticationInfo;
	import org.apache.shiro.authc.AuthenticationToken;
	import org.apache.shiro.authc.HostAuthenticationToken;
	import org.apache.shiro.mgt.SecurityManager;
	import org.apache.shiro.session.Session;
	import org.apache.shiro.subject.PrincipalCollection;
	import org.apache.shiro.subject.Subject;
	import org.apache.shiro.subject.SubjectContext;
	import org.apache.shiro.util.CollectionUtils;
	import org.apache.shiro.util.MapContext;
	import org.apache.shiro.util.StringUtils;
	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;

	import java.io.Serializable;

	/**
	* Default implementation of the {@link SubjectContext} interface. Note that the getters and setters are not
	* simple pass-through methods to an underlying attribute; the getters will employ numerous heuristics to acquire
	* their data attribute as best as possible (for example, if {@link #getPrincipals} is invoked, if the principals aren't
	* in the backing map, it might check to see if there is a subject or session in the map and attempt to acquire the
	* principals from those objects).
	*
	* @since 1.0
	*/
	public class DefaultSubjectContext extends MapContext implements SubjectContext {

	private static final String SECURITY_MANAGER = DefaultSubjectContext.class.getName() + ".SECURITY_MANAGER";

	private static final String SESSION_ID = DefaultSubjectContext.class.getName() + ".SESSION_ID";

	private static final String AUTHENTICATION_TOKEN = DefaultSubjectContext.class.getName() + ".AUTHENTICATION_TOKEN";

	private static final String AUTHENTICATION_INFO = DefaultSubjectContext.class.getName() + ".AUTHENTICATION_INFO";

	private static final String SUBJECT = DefaultSubjectContext.class.getName() + ".SUBJECT";

	private static final String PRINCIPALS = DefaultSubjectContext.class.getName() + ".PRINCIPALS";

	private static final String SESSION = DefaultSubjectContext.class.getName() + ".SESSION";

	private static final String AUTHENTICATED = DefaultSubjectContext.class.getName() + ".AUTHENTICATED";

	private static final String HOST = DefaultSubjectContext.class.getName() + ".HOST";

	public static final String SESSION_CREATION_ENABLED = DefaultSubjectContext.class.getName() + ".SESSION_CREATION_ENABLED";

	/**
	* The session key that is used to store subject principals.
	*/
	public static final String PRINCIPALS_SESSION_KEY = DefaultSubjectContext.class.getName() + "_PRINCIPALS_SESSION_KEY";

	/**
	* The session key that is used to store whether or not the user is authenticated.
	*/
	public static final String AUTHENTICATED_SESSION_KEY = DefaultSubjectContext.class.getName() + "_AUTHENTICATED_SESSION_KEY";

	private static final transient Logger log = LoggerFactory.getLogger(DefaultSubjectContext.class);

	public DefaultSubjectContext() {
	super();
	}

	public DefaultSubjectContext(SubjectContext ctx) {
	super(ctx);
	}

	public SecurityManager getSecurityManager() {
	return getTypedValue(SECURITY_MANAGER, SecurityManager.class);
	}

	public void setSecurityManager(SecurityManager securityManager) {
	nullSafePut(SECURITY_MANAGER, securityManager);
	}

	public SecurityManager resolveSecurityManager() {
	SecurityManager securityManager = getSecurityManager();
	if (securityManager == null) {
	if (log.isDebugEnabled()) {
	log.debug("No SecurityManager available in subject context map. " +
	"Falling back to SecurityUtils.getSecurityManager() lookup.");
	}
	try {
	securityManager = SecurityUtils.getSecurityManager();
	} catch (UnavailableSecurityManagerException e) {
	if (log.isDebugEnabled()) {
	log.debug("No SecurityManager available via SecurityUtils. Heuristics exhausted.", e);
	}
	}
	}
	return securityManager;
	}

	public Serializable getSessionId() {
	return getTypedValue(SESSION_ID, Serializable.class);
	}

	public void setSessionId(Serializable sessionId) {
	nullSafePut(SESSION_ID, sessionId);
	}

	public Subject getSubject() {
	return getTypedValue(SUBJECT, Subject.class);
	}

	public void setSubject(Subject subject) {
	nullSafePut(SUBJECT, subject);
	}

	public PrincipalCollection getPrincipals() {
	return getTypedValue(PRINCIPALS, PrincipalCollection.class);
	}

	public void setPrincipals(PrincipalCollection principals) {
	if (!CollectionUtils.isEmpty(principals)) {
	put(PRINCIPALS, principals);
	}
	}

	public PrincipalCollection resolvePrincipals() {
	PrincipalCollection principals = getPrincipals();

	if (CollectionUtils.isEmpty(principals)) {
	//check to see if they were just authenticated:
	AuthenticationInfo info = getAuthenticationInfo();
	if (info != null) {
	principals = info.getPrincipals();
	}
	}

	if (CollectionUtils.isEmpty(principals)) {
	Subject subject = getSubject();
	if (subject != null) {
	principals = subject.getPrincipals();
	}
	}

	if (CollectionUtils.isEmpty(principals)) {
	//try the session:
	Session session = resolveSession();
	if (session != null) {
	principals = (PrincipalCollection) session.getAttribute(PRINCIPALS_SESSION_KEY);
	}
	}

	return principals;
	}


	public Session getSession() {
	return getTypedValue(SESSION, Session.class);
	}

	public void setSession(Session session) {
	nullSafePut(SESSION, session);
	}

	public Session resolveSession() {
	Session session = getSession();
	if (session == null) {
	//try the Subject if it exists:
	Subject existingSubject = getSubject();
	if (existingSubject != null) {
	session = existingSubject.getSession(false);
	}
	}
	return session;
	}

	public boolean isSessionCreationEnabled() {
	Boolean val = getTypedValue(SESSION_CREATION_ENABLED, Boolean.class);
	return val == null \|\| val;
	}

	public void setSessionCreationEnabled(boolean enabled) {
	nullSafePut(SESSION_CREATION_ENABLED, enabled);
	}

	public boolean isAuthenticated() {
	Boolean authc = getTypedValue(AUTHENTICATED, Boolean.class);
	return authc != null && authc;
	}

	public void setAuthenticated(boolean authc) {
	put(AUTHENTICATED, authc);
	}

	public boolean resolveAuthenticated() {
	Boolean authc = getTypedValue(AUTHENTICATED, Boolean.class);
	if (authc == null) {
	//see if there is an AuthenticationInfo object. If so, the very presence of one indicates a successful
	//authentication attempt:
	AuthenticationInfo info = getAuthenticationInfo();
	authc = info != null;
	}
	if (!authc) {
	//fall back to a session check:
	Session session = resolveSession();
	if (session != null) {
	Boolean sessionAuthc = (Boolean) session.getAttribute(AUTHENTICATED_SESSION_KEY);
	authc = sessionAuthc != null && sessionAuthc;
	}
	}

	return authc;
	}

	public AuthenticationInfo getAuthenticationInfo() {
	return getTypedValue(AUTHENTICATION_INFO, AuthenticationInfo.class);
	}

	public void setAuthenticationInfo(AuthenticationInfo info) {
	nullSafePut(AUTHENTICATION_INFO, info);
	}

	public AuthenticationToken getAuthenticationToken() {
	return getTypedValue(AUTHENTICATION_TOKEN, AuthenticationToken.class);
	}

	public void setAuthenticationToken(AuthenticationToken token) {
	nullSafePut(AUTHENTICATION_TOKEN, token);
	}

	public String getHost() {
	return getTypedValue(HOST, String.class);
	}

	public void setHost(String host) {
	if (StringUtils.hasText(host)) {
	put(HOST, host);
	}
	}

	public String resolveHost() {
	String host = getHost();

	if (host == null) {
	//check to see if there is an AuthenticationToken from which to retrieve it:
	AuthenticationToken token = getAuthenticationToken();
	if (token instanceof HostAuthenticationToken) {
	host = ((HostAuthenticationToken) token).getHost();
	}
	}

	if (host == null) {
	Session session = resolveSession();
	if (session != null) {
	host = session.getHost();
	}
	}

	return host;
	}
	}