• Home
• com.adaptrex
• adaptrex-complete
• 0.9.1
• source code
• AdaptrexShiroWebEnvironment.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.adaptrex.security.shiro.AdaptrexShiroWebEnvironment Maven / Gradle / Ivy

/*
 * Copyright 2012 Adaptrex, LLC
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package com.adaptrex.security.shiro;

import com.adaptrex.core.Adaptrex;
import java.util.Arrays;
import java.util.Map;
import org.apache.shiro.config.Ini;
import org.apache.shiro.config.Ini.Section;
import org.apache.shiro.web.env.IniWebEnvironment;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class AdaptrexShiroWebEnvironment extends IniWebEnvironment {
	
	private static final Logger log = LoggerFactory.getLogger(AdaptrexShiroWebEnvironment.class);
	
	@SuppressWarnings("unchecked")
	public void init() {
		try {
			Map securityConfig = (Map) 
				Adaptrex.getAdaptrex().getConfig().get("security");

			/*
			 * Get our context path
			 */
			String contextPath = this.getServletContext().getContextPath().replace("/", "");
			if (contextPath.isEmpty()) contextPath = "root";
			String ssoName = securityConfig.get("sso") == null ? contextPath : (String) securityConfig.get("sso");
			
			/*
			 * Timeout
			 */
			String timeout = securityConfig.get("timeout") == null ? "3600000" : String.valueOf((Integer) securityConfig.get("timeout") * 60000);
			
			
			/*
			 * Main ini section
			 */
			Ini ini = new Ini();
			Section main = ini.addSection("main");
			

			/*
			 * Get the login url
			 * TODO: Should we also allow a configuration with a standard 403 response?
			 */
			String loginUrl = (String) securityConfig.get("loginUrl");
			main.put("authc.loginUrl", loginUrl == null ? "/login/" : loginUrl);
			
			/*
			 * Set up our realm, right now only LDAP
			 * This also sets up an authorization cache
			 * TODO: Add ability to have other and more advanced realms
			 */
			Map ldapConfig = (Map) securityConfig.get("ldap");
			if (ldapConfig != null) {
				main.put("ldapRealm", "com.adaptrex.core.security.realm.BasicLdapRealm");
				main.put("ldapRealm.searchBase", ldapConfig.get("searchBase"));
				main.put("ldapRealm.userDnTemplate", ldapConfig.get("userDnTemplate"));
				main.put("ldapRealm.contextFactory.url", ldapConfig.get("url"));
				main.put("ldapRealm.authorizationCacheName", "com.adaptrex.cache.authorizationCache");
				main.put("ldapRealm.authenticationCacheName", "com.adaptrex.cache.authenticationCache");
			}
			
			// Adaptrex Shiro Cache Manager
			main.put("cacheManager", "com.adaptrex.core.security.shiro.AdaptrexShiroCacheManager");
			main.put("cacheManager.cacheManagerConfigFile", "classpath:adaptrex-ehcache.xml");
			main.put("securityManager.cacheManager", "$cacheManager");

			// Need to use native session for single sign on 
			main.put("sessionManager", "org.apache.shiro.web.session.mgt.DefaultWebSessionManager");
			main.put("sessionManager.globalSessionTimeout", timeout);
			main.put("securityManager.sessionManager", "$sessionManager");

			// DAO for cached sessions
			main.put("sessionDAO", "org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO");
			main.put("sessionDAO.activeSessionsCacheName", "com.adaptrex.cache.ActiveSession." + ssoName);
			main.put("securityManager.sessionManager.sessionDAO", "$sessionDAO");
			
			// cookie for single sign on
			main.put("cookie", "org.apache.shiro.web.servlet.SimpleCookie");
			main.put("cookie.name", "session." + ssoName);
			main.put("cookie.path", "/");
			main.put("securityManager.sessionManager.sessionIdCookie", "$cookie");
			
			
			/*
			 * URLs ini section
			 */
			Section urls = ini.addSection("urls");
			
			/*
			 * Add standard urls
			 * TODO: login should be customized based on the config for this webapp
			 */
			urls.put("/ax-login*", "anon");
			urls.put("/ax-logout*", "anon");
			urls.put("/login/**", "anon");
			urls.put("/favicon.ico", "anon");
			
			/*
			 * Add site specific url filters
			 * TODO: allow reading a configuration for each webapp instead of the server config
			 */
			Map urlsConfig = (Map) securityConfig.get("urls");
			if (securityConfig.get("urls") != null) {
				for (String key : urlsConfig.keySet()) {
					urls.put(key, urlsConfig.get(key));
				}
			}
			
			setIni(ini);
			configure();			
		} catch (Exception e) {
			String msg = "Error Configuring AdaptrexShiroWebEnvironment:\n" + e.getMessage() + "\n" + Arrays.toString(e.getStackTrace()).replaceAll(",", "\n");
			System.out.println(msg);
			log.warn(msg);
		}
	}
}