| Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
| AuthenticatingSecurityManager |
|
| 1.5;1.5 |
| 1 | /* | |
| 2 | * Licensed to the Apache Software Foundation (ASF) under one | |
| 3 | * or more contributor license agreements. See the NOTICE file | |
| 4 | * distributed with this work for additional information | |
| 5 | * regarding copyright ownership. The ASF licenses this file | |
| 6 | * to you under the Apache License, Version 2.0 (the | |
| 7 | * "License"); you may not use this file except in compliance | |
| 8 | * with the License. You may obtain a copy of the License at | |
| 9 | * | |
| 10 | * http://www.apache.org/licenses/LICENSE-2.0 | |
| 11 | * | |
| 12 | * Unless required by applicable law or agreed to in writing, | |
| 13 | * software distributed under the License is distributed on an | |
| 14 | * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
| 15 | * KIND, either express or implied. See the License for the | |
| 16 | * specific language governing permissions and limitations | |
| 17 | * under the License. | |
| 18 | */ | |
| 19 | package org.apache.shiro.mgt; | |
| 20 | ||
| 21 | import org.apache.shiro.authc.AuthenticationException; | |
| 22 | import org.apache.shiro.authc.AuthenticationInfo; | |
| 23 | import org.apache.shiro.authc.AuthenticationToken; | |
| 24 | import org.apache.shiro.authc.Authenticator; | |
| 25 | import org.apache.shiro.authc.pam.ModularRealmAuthenticator; | |
| 26 | import org.apache.shiro.util.LifecycleUtils; | |
| 27 | ||
| 28 | ||
| 29 | /** | |
| 30 | * Shiro support of a {@link SecurityManager} class hierarchy that delegates all | |
| 31 | * authentication operations to a wrapped {@link Authenticator Authenticator} instance. That is, this class | |
| 32 | * implements all the <tt>Authenticator</tt> methods in the {@link SecurityManager SecurityManager} | |
| 33 | * interface, but in reality, those methods are merely passthrough calls to the underlying 'real' | |
| 34 | * <tt>Authenticator</tt> instance. | |
| 35 | * | |
| 36 | * <p>All other <tt>SecurityManager</tt> (authorization, session, etc) methods are left to be implemented by subclasses. | |
| 37 | * | |
| 38 | * <p>In keeping with the other classes in this hierarchy and Shiro's desire to minimize configuration whenever | |
| 39 | * possible, suitable default instances for all dependencies are created upon instantiation. | |
| 40 | * | |
| 41 | * @since 0.9 | |
| 42 | */ | |
| 43 | public abstract class AuthenticatingSecurityManager extends RealmSecurityManager { | |
| 44 | ||
| 45 | /** | |
| 46 | * The internal <code>Authenticator</code> delegate instance that this SecurityManager instance will use | |
| 47 | * to perform all authentication operations. | |
| 48 | */ | |
| 49 | private Authenticator authenticator; | |
| 50 | ||
| 51 | /** | |
| 52 | * Default no-arg constructor that initializes its internal | |
| 53 | * <code>authenticator</code> instance to a | |
| 54 | * {@link org.apache.shiro.authc.pam.ModularRealmAuthenticator ModularRealmAuthenticator}. | |
| 55 | */ | |
| 56 | public AuthenticatingSecurityManager() { | |
| 57 | 36 | super(); |
| 58 | 36 | this.authenticator = new ModularRealmAuthenticator(); |
| 59 | 36 | } |
| 60 | ||
| 61 | /** | |
| 62 | * Returns the delegate <code>Authenticator</code> instance that this SecurityManager uses to perform all | |
| 63 | * authentication operations. Unless overridden by the | |
| 64 | * {@link #setAuthenticator(org.apache.shiro.authc.Authenticator) setAuthenticator}, the default instance is a | |
| 65 | * {@link org.apache.shiro.authc.pam.ModularRealmAuthenticator ModularRealmAuthenticator}. | |
| 66 | * | |
| 67 | * @return the delegate <code>Authenticator</code> instance that this SecurityManager uses to perform all | |
| 68 | * authentication operations. | |
| 69 | */ | |
| 70 | public Authenticator getAuthenticator() { | |
| 71 | 27 | return authenticator; |
| 72 | } | |
| 73 | ||
| 74 | /** | |
| 75 | * Sets the delegate <code>Authenticator</code> instance that this SecurityManager uses to perform all | |
| 76 | * authentication operations. Unless overridden by this method, the default instance is a | |
| 77 | * {@link org.apache.shiro.authc.pam.ModularRealmAuthenticator ModularRealmAuthenticator}. | |
| 78 | * | |
| 79 | * @param authenticator the delegate <code>Authenticator</code> instance that this SecurityManager will use to | |
| 80 | * perform all authentication operations. | |
| 81 | * @throws IllegalArgumentException if the argument is <code>null</code>. | |
| 82 | */ | |
| 83 | public void setAuthenticator(Authenticator authenticator) throws IllegalArgumentException { | |
| 84 | 0 | if (authenticator == null) { |
| 85 | 0 | String msg = "Authenticator argument cannot be null."; |
| 86 | 0 | throw new IllegalArgumentException(msg); |
| 87 | } | |
| 88 | 0 | this.authenticator = authenticator; |
| 89 | 0 | } |
| 90 | ||
| 91 | /** | |
| 92 | * Passes on the {@link #getRealms() realms} to the internal delegate <code>Authenticator</code> instance so | |
| 93 | * that it may use them during authentication attempts. | |
| 94 | */ | |
| 95 | protected void afterRealmsSet() { | |
| 96 | 32 | super.afterRealmsSet(); |
| 97 | 32 | if (this.authenticator instanceof ModularRealmAuthenticator) { |
| 98 | 32 | ((ModularRealmAuthenticator) this.authenticator).setRealms(getRealms()); |
| 99 | } | |
| 100 | 32 | } |
| 101 | ||
| 102 | /** | |
| 103 | * Delegates to the wrapped {@link org.apache.shiro.authc.Authenticator Authenticator} for authentication. | |
| 104 | */ | |
| 105 | public AuthenticationInfo authenticate(AuthenticationToken token) throws AuthenticationException { | |
| 106 | 21 | return this.authenticator.authenticate(token); |
| 107 | } | |
| 108 | ||
| 109 | public void destroy() { | |
| 110 | 19 | LifecycleUtils.destroy(getAuthenticator()); |
| 111 | 19 | this.authenticator = null; |
| 112 | 19 | super.destroy(); |
| 113 | 19 | } |
| 114 | } |