public class GroupMappingWaffleRealm extends AbstractWaffleRealm
Realm
that authenticates with Active Directory using WAFFLE and assigns roles to
users based on a mapping from their groups. To define permissions based on these roles, set a
RolePermissionResolver
.Constructor and Description |
---|
GroupMappingWaffleRealm() |
Modifier and Type | Method and Description |
---|---|
protected org.apache.shiro.authz.AuthorizationInfo |
buildAuthorizationInfo(WaffleFqnPrincipal principal)
Builds an
AuthorizationInfo object based on the user's groups. |
protected Collection<String> |
getRoleNamesForGroups(Collection<String> groupNames)
This method is called by to translate group names to role names.
|
void |
setGroupRolesMap(Map<String,String> value)
Sets the translation from group names to role names.
|
doGetAuthenticationInfo, doGetAuthorizationInfo
afterCacheManagerSet, checkPermission, checkPermission, checkPermission, checkPermissions, checkPermissions, checkPermissions, checkRole, checkRole, checkRoles, checkRoles, checkRoles, clearCachedAuthorizationInfo, doClearCache, getAuthorizationCache, getAuthorizationCacheKey, getAuthorizationCacheName, getAuthorizationInfo, getPermissionResolver, getRolePermissionResolver, hasAllRoles, hasRole, hasRole, hasRoles, hasRoles, isAuthorizationCachingEnabled, isPermitted, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, isPermittedAll, onInit, setAuthorizationCache, setAuthorizationCacheName, setAuthorizationCachingEnabled, setName, setPermissionResolver, setRolePermissionResolver
assertCredentialsMatch, clearCachedAuthenticationInfo, getAuthenticationCache, getAuthenticationCacheKey, getAuthenticationCacheKey, getAuthenticationCacheName, getAuthenticationInfo, getAuthenticationTokenClass, getCredentialsMatcher, init, isAuthenticationCachingEnabled, isAuthenticationCachingEnabled, setAuthenticationCache, setAuthenticationCacheName, setAuthenticationCachingEnabled, setAuthenticationTokenClass, setCredentialsMatcher, supports
clearCache, getAvailablePrincipal, getCacheManager, getName, isCachingEnabled, onLogout, setCacheManager, setCachingEnabled
public void setGroupRolesMap(Map<String,String> value)
value
- the group roles map to setprotected Collection<String> getRoleNamesForGroups(Collection<String> groupNames)
groupNames
- the group names that apply to the current usersetGroupRolesMap(java.util.Map<java.lang.String, java.lang.String>)
protected org.apache.shiro.authz.AuthorizationInfo buildAuthorizationInfo(WaffleFqnPrincipal principal)
AuthorizationInfo
object based on the user's groups. The groups are translated to roles names
by using the configured groupRolesMap.buildAuthorizationInfo
in class AbstractWaffleRealm
principal
- the principal of Subject that is being authorizedsetGroupRolesMap(java.util.Map<java.lang.String, java.lang.String>)
,
getRoleNamesForGroups(java.util.Collection<java.lang.String>)
Copyright © 2010–2015 com.github.dblock. All rights reserved.