Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
JSecurity
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jsecurity.mgt
Class DefaultSecurityManager

java.lang.Object
  extended by org.jsecurity.mgt.CachingSecurityManager
      extended by org.jsecurity.mgt.RealmSecurityManager
          extended by org.jsecurity.mgt.AuthenticatingSecurityManager
              extended by org.jsecurity.mgt.AuthorizingSecurityManager
                  extended by org.jsecurity.mgt.SessionsSecurityManager
                      extended by org.jsecurity.mgt.DefaultSecurityManager
All Implemented Interfaces:
AuthenticationListenerRegistrar, Authenticator, Authorizer, PermissionResolverAware, CacheManagerAware, SecurityManager, SessionFactory, SessionListenerRegistrar, Destroyable
Direct Known Subclasses:
DefaultWebSecurityManager
public class DefaultSecurityManager
extends SessionsSecurityManager

The JSecurity framework's default concrete implementation of the SecurityManager interface, based around a collection of Realms. This implementation delegates its authentication, authorization, and session operations to wrapped Authenticator, Authorizer, and SessionManager instances respectively via superclass implementation.

To greatly reduce and simplify configuration, this implementation (and its superclasses) will create suitable defaults for all of its required dependencies. Therefore, you only need to override attributes for custom behavior. But, note the following:

Unless you're happy with the default simple properties file-based realm, which may or may not be flexible enough for enterprise applications, you might want to specify at least one custom Realm implementation that 'knows' about your application's data/security model (via RealmSecurityManager.setRealm(org.jsecurity.realm.Realm) or one of the overloaded constructors). All other attributes in this class hierarchy will have suitable defaults for most enterprise applications.

RememberMe notice: This class supports the ability to configure a RememberMeManager for RememberMe identity services for login/logout, BUT, a default instance will not be created for this attribute at startup.

Because RememberMe services are inherently client tier-specific and therefore aplication-dependent, if you want RememberMe services enabled, you will have to specify an instance yourself via the setRememberMeManager mutator. However if you're reading this JavaDoc with the expectation of operating in a Web environment, take a look at the DefaultWebSecurityManager implementation, which does support RememberMe services by default at startup.

Since:
0.2
Author:
Les Hazlewood, Jeremy Haile
See Also:
DefaultWebSecurityManager

Field Summary
protected  RememberMeManager rememberMeManager
           
 
Fields inherited from class org.jsecurity.mgt.SessionsSecurityManager
sessionManager
 
Fields inherited from class org.jsecurity.mgt.AuthorizingSecurityManager
authorizer
 
Fields inherited from class org.jsecurity.mgt.RealmSecurityManager
realms
 
Fields inherited from class org.jsecurity.mgt.CachingSecurityManager
cacheManager
 
Constructor Summary
DefaultSecurityManager()
          Default no-arg constructor.
DefaultSecurityManager(Collection<Realm> realms)
          Supporting constructor for multiple realms.
DefaultSecurityManager(Realm singleRealm)
          Supporting constructor for a single-realm application.
 
Method Summary
protected  void beforeLogout(PrincipalCollection subjectIdentifier)
           
protected  void bind(Subject subject)
          Binds a Subject instance created after authentication to the application for later use.
protected  Subject createSubject()
           
protected  Subject createSubject(AuthenticationToken token, AuthenticationInfo info)
          Creates a Subject instance for the user represented by the given method arguments.
protected  Subject createSubject(PrincipalCollection subjectPrincipals)
           
protected  Subject createSubject(PrincipalCollection principals, Session existing)
           
protected  Subject createSubject(PrincipalCollection principals, Session existing, boolean authenticated)
           
protected  Subject createSubject(PrincipalCollection principals, Session existing, boolean authenticated, InetAddress inetAddress)
           
protected  PrincipalCollection getRememberedIdentity()
           
 RememberMeManager getRememberMeManager()
           
 Subject getSubject()
          Returns the Subject instance representing the currently executing user.
protected  Subject getSubject(boolean create)
           
 Subject login(AuthenticationToken token)
          First authenticates the AuthenticationToken argument, and if successful, constructs a Subject instance representing the authenticated account's identity.
 void logout(PrincipalCollection principals)
          Logs out the specified Subject from the system.
protected  void onFailedLogin(AuthenticationToken token, AuthenticationException ae)
           
protected  void onSuccessfulLogin(AuthenticationToken token, AuthenticationInfo info)
           
protected  void rememberMeFailedLogin(AuthenticationToken token, AuthenticationException ex)
           
protected  void rememberMeLogout(PrincipalCollection subjectPrincipals)
           
protected  void rememberMeSuccessfulLogin(AuthenticationToken token, AuthenticationInfo info)
           
 void setRememberMeCipher(Cipher cipher)
           
 void setRememberMeCipherKey(byte[] bytes)
           
 void setRememberMeCipherKeyBase64(String base64)
           
 void setRememberMeCipherKeyHex(String hex)
           
 void setRememberMeDecryptionCipherKey(byte[] bytes)
           
 void setRememberMeDecryptionCipherKeyBase64(String base64)
           
 void setRememberMeDecryptionCipherKeyHex(String hex)
           
 void setRememberMeEncryptionCipherKey(byte[] bytes)
           
 void setRememberMeEncryptionCipherKeyBase64(String base64)
           
 void setRememberMeEncryptionCipherKeyHex(String hex)
           
 void setRememberMeManager(RememberMeManager rememberMeManager)
           
protected  void stopSession(Subject subject)
           
protected  void unbind(Subject subject)
           
 
Methods inherited from class org.jsecurity.mgt.SessionsSecurityManager
add, afterCacheManagerSet, applyCacheManagerToSessionManager, beforeAuthorizerDestroyed, beforeSessionManagerDestroyed, createSessionManager, destroySessionManager, ensureSessionManager, getSession, getSessionManager, newSessionManagerInstance, remove, setSessionListeners, setSessionManager, start
 
Methods inherited from class org.jsecurity.mgt.AuthorizingSecurityManager
beforeAuthenticatorDestroyed, checkPermission, checkPermission, checkPermissions, checkPermissions, checkRole, checkRoles, createAuthorizer, destroyAuthorizer, ensureAuthorizer, getAuthorizer, hasAllRoles, hasRole, hasRoles, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, setAuthorizer, setPermissionResolver, setRealms
 
Methods inherited from class org.jsecurity.mgt.AuthenticatingSecurityManager
add, authenticate, beforeRealmsDestroyed, createAuthenticator, destroyAuthenticator, ensureAuthenticator, getAuthenticator, remove, setAuthenticationListeners, setAuthenticator, setModularAuthenticationStrategy
 
Methods inherited from class org.jsecurity.mgt.RealmSecurityManager
applyCacheManagerToRealms, beforeCacheManagerDestroyed, createDefaultRealm, destroyRealms, ensureRealms, getRealms, setRealm
 
Methods inherited from class org.jsecurity.mgt.CachingSecurityManager
createCacheManager, destroy, destroyCacheManager, ensureCacheManager, getCacheManager, setCacheManager
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

rememberMeManager

protected RememberMeManager rememberMeManager
Constructor Detail

DefaultSecurityManager

public DefaultSecurityManager()
Default no-arg constructor.

DefaultSecurityManager

public DefaultSecurityManager(Realm singleRealm)
Supporting constructor for a single-realm application.

Parameters:
singleRealm - the single realm used by this SecurityManager.

DefaultSecurityManager

public DefaultSecurityManager(Collection<Realm> realms)
Supporting constructor for multiple realms.

Parameters:
realms - the realm instances backing this SecurityManager.
Method Detail

getRememberMeManager

public RememberMeManager getRememberMeManager()

setRememberMeManager

public void setRememberMeManager(RememberMeManager rememberMeManager)

setRememberMeCipher

public void setRememberMeCipher(Cipher cipher)

setRememberMeCipherKey

public void setRememberMeCipherKey(byte[] bytes)

setRememberMeCipherKeyHex

public void setRememberMeCipherKeyHex(String hex)

setRememberMeCipherKeyBase64

public void setRememberMeCipherKeyBase64(String base64)

setRememberMeEncryptionCipherKey

public void setRememberMeEncryptionCipherKey(byte[] bytes)

setRememberMeEncryptionCipherKeyHex

public void setRememberMeEncryptionCipherKeyHex(String hex)

setRememberMeEncryptionCipherKeyBase64

public void setRememberMeEncryptionCipherKeyBase64(String base64)

setRememberMeDecryptionCipherKey

public void setRememberMeDecryptionCipherKey(byte[] bytes)

setRememberMeDecryptionCipherKeyHex

public void setRememberMeDecryptionCipherKeyHex(String hex)

setRememberMeDecryptionCipherKeyBase64

public void setRememberMeDecryptionCipherKeyBase64(String base64)

createSubject

protected Subject createSubject()

createSubject

protected Subject createSubject(PrincipalCollection subjectPrincipals)

createSubject

protected Subject createSubject(PrincipalCollection principals,
                                Session existing)

createSubject

protected Subject createSubject(PrincipalCollection principals,
                                Session existing,
                                boolean authenticated)

createSubject

protected Subject createSubject(PrincipalCollection principals,
                                Session existing,
                                boolean authenticated,
                                InetAddress inetAddress)

createSubject

protected Subject createSubject(AuthenticationToken token,
                                AuthenticationInfo info)
Creates a Subject instance for the user represented by the given method arguments.

Parameters:
token - the AuthenticationToken submitted for the successful authentication.
info - the AuthenticationInfo of a newly authenticated user.
Returns:
the Subject instance that represents the user and session data for the newly authenticated user.

bind

protected void bind(Subject subject)
Binds a Subject instance created after authentication to the application for later use.

The default implementation merely binds the argument to the thread local via the ThreadContext. Should be overridden by subclasses for environment-specific binding (e.g. web environment, etc).

Parameters:
subject - the Subject instance created after authentication to be bound to the application for later use.

rememberMeSuccessfulLogin

protected void rememberMeSuccessfulLogin(AuthenticationToken token,
                                         AuthenticationInfo info)

rememberMeFailedLogin

protected void rememberMeFailedLogin(AuthenticationToken token,
                                     AuthenticationException ex)

rememberMeLogout

protected void rememberMeLogout(PrincipalCollection subjectPrincipals)

login

public Subject login(AuthenticationToken token)
              throws AuthenticationException
First authenticates the AuthenticationToken argument, and if successful, constructs a Subject instance representing the authenticated account's identity.

Once constructed, the Subject instance is then bound to the application for subsequent access before being returned to the caller.

Parameters:
token - the authenticationToken to process for the login attempt.
Returns:
a Subject representing the authenticated user.
Throws:
AuthenticationException - if there is a problem authenticating the specified token.

onSuccessfulLogin

protected void onSuccessfulLogin(AuthenticationToken token,
                                 AuthenticationInfo info)

onFailedLogin

protected void onFailedLogin(AuthenticationToken token,
                             AuthenticationException ae)

beforeLogout

protected void beforeLogout(PrincipalCollection subjectIdentifier)

logout

public void logout(PrincipalCollection principals)
Description copied from interface: SecurityManager
Logs out the specified Subject from the system.

Note that most application developers should not call this method unless they have a good reason for doing so. The preferred way to logout a Subject is to call Subject.logout(), not the SecurityManager directly.

Parameters:
principals - the identifier of the subject/user to log out.
See Also:
SecurityManager.getSubject()

stopSession

protected void stopSession(Subject subject)

unbind

protected void unbind(Subject subject)

getRememberedIdentity

protected PrincipalCollection getRememberedIdentity()

getSubject

protected Subject getSubject(boolean create)

getSubject

public Subject getSubject()
Description copied from interface: SecurityManager
Returns the Subject instance representing the currently executing user.

Returns:
the Subject instance representing the currently executing user.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
JSecurity
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2008 JSecurity.