Package org.apache.shiro.realm

Class SimpleAccountRealm

  • All Implemented Interfaces:
    LogoutAware, Authorizer, PermissionResolverAware, RolePermissionResolverAware, org.apache.shiro.cache.CacheManagerAware, Realm, org.apache.shiro.util.Initializable, org.apache.shiro.util.Nameable
    Direct Known Subclasses:
    TextConfigurationRealm
    public class SimpleAccountRealm
extends AuthorizingRealm
    A simple implementation of the Realm interface that uses a set of configured user accounts and roles to support authentication and authorization. Each account entry specifies the username, password, and roles for a user. Roles can also be mapped to permissions and associated with users.

    User accounts and roles are stored in two Maps in memory, so it is expected that the total number of either is not sufficiently large.
    Since:
    0.1

    • Constructor Detail

      • SimpleAccountRealm

        public SimpleAccountRealm()

      • SimpleAccountRealm

        public SimpleAccountRealm(String name)

    • Method Detail

      • accountExists

        public boolean accountExists(String username)

      • addAccount

        public void addAccount(String username,
                       String password)

      • addAccount

        public void addAccount(String username,
                       String password,
                       String... roles)

      • roleExists

        public boolean roleExists(String name)

      • addRole

        public void addRole(String name)

      • doGetAuthenticationInfo

        protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
                                              throws AuthenticationException
        Description copied from class: AuthenticatingRealm
        Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given authentication token.

        For most datasources, this means just 'pulling' authentication data for an associated subject/user and nothing more and letting Shiro do the rest. But in some systems, this method could actually perform EIS specific log-in logic in addition to just retrieving data - it is up to the Realm implementation.

        A null return value means that no account could be associated with the specified token.
        Specified by:
        doGetAuthenticationInfo in class AuthenticatingRealm
        Parameters:
        token - the authentication token containing the user's principal and credentials.
        Returns:
        an AuthenticationInfo object containing account data resulting from the authentication ONLY if the lookup is successful (i.e. account exists and is valid, etc.)
        Throws:
        AuthenticationException - if there is an error acquiring data or performing realm-specific authentication logic for the specified token