Package org.fcrepo.auth.webac
Class WebACAuthorizingRealm
- java.lang.Object
-
- org.apache.shiro.realm.CachingRealm
-
- org.apache.shiro.realm.AuthenticatingRealm
-
- org.apache.shiro.realm.AuthorizingRealm
-
- org.fcrepo.auth.webac.WebACAuthorizingRealm
-
- All Implemented Interfaces:
org.apache.shiro.authc.LogoutAware
,org.apache.shiro.authz.Authorizer
,org.apache.shiro.authz.permission.PermissionResolverAware
,org.apache.shiro.authz.permission.RolePermissionResolverAware
,org.apache.shiro.cache.CacheManagerAware
,org.apache.shiro.realm.Realm
,org.apache.shiro.util.Initializable
,org.apache.shiro.util.Nameable
public class WebACAuthorizingRealm extends org.apache.shiro.realm.AuthorizingRealm
Authorization-only realm that performs authorization checks using WebAC ACLs stored in a Fedora repository. It locates the ACL for the currently requested resource and parses the ACL RDF into a set ofWebACPermission
instances.- Author:
- peichman
-
-
Field Summary
Fields Modifier and Type Field Description static String
URIS_TO_AUTHORIZE
-
Constructor Summary
Constructors Constructor Description WebACAuthorizingRealm()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected org.apache.shiro.authc.AuthenticationInfo
doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token)
This realm is authorization-only.protected org.apache.shiro.authz.AuthorizationInfo
doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection principals)
boolean
supports(org.apache.shiro.authc.AuthenticationToken token)
This realm is authorization-only.-
Methods inherited from class org.apache.shiro.realm.AuthorizingRealm
afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getPermissions, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, onInit, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolver
-
Methods inherited from class org.apache.shiro.realm.AuthenticatingRealm
assertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher
-
Methods inherited from class org.apache.shiro.realm.CachingRealm
clearCache, getAvailablePrincipal, getCacheManager, getName, isCachingEnabled, onLogout, setCacheManager, setCachingEnabled
-
-
-
-
Field Detail
-
URIS_TO_AUTHORIZE
public static final String URIS_TO_AUTHORIZE
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
WebACAuthorizingRealm
public WebACAuthorizingRealm()
-
-
Method Detail
-
doGetAuthorizationInfo
protected org.apache.shiro.authz.AuthorizationInfo doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection principals)
- Specified by:
doGetAuthorizationInfo
in classorg.apache.shiro.realm.AuthorizingRealm
-
doGetAuthenticationInfo
protected org.apache.shiro.authc.AuthenticationInfo doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token) throws org.apache.shiro.authc.AuthenticationException
This realm is authorization-only.- Specified by:
doGetAuthenticationInfo
in classorg.apache.shiro.realm.AuthenticatingRealm
- Throws:
org.apache.shiro.authc.AuthenticationException
-
supports
public boolean supports(org.apache.shiro.authc.AuthenticationToken token)
This realm is authorization-only.- Specified by:
supports
in interfaceorg.apache.shiro.realm.Realm
- Overrides:
supports
in classorg.apache.shiro.realm.AuthenticatingRealm
-
-