@Override protected void configureShiroWeb() { bindRealm().to(EmptyRealm.class); // not used in practice, just here to keep Shiro module happy bindSingleton(SessionFactory.class, NexusSessionFactory.class); bindSingleton(SessionStorageEvaluator.class, NexusSessionStorageEvaluator.class); bindSingleton(SubjectDAO.class, NexusSubjectDAO.class); // configure our preferred security components bindSingleton(SessionDAO.class, NexusSessionDAO.class); bindSingleton(Authenticator.class, FirstSuccessfulModularRealmAuthenticator.class); bindSingleton(Authorizer.class, ExceptionCatchingModularRealmAuthorizer.class); bindSingleton(FilterChainManager.class, DynamicFilterChainManager.class); // path matching resolver has several constructors so we need to point Guice to the appropriate one bind(FilterChainResolver.class).toConstructor(ctor(PathMatchingFilterChainResolver.class)).asEagerSingleton(); // bindings used by external modules expose(FilterChainResolver.class); expose(FilterChainManager.class); }
@Override public void setAuthenticator(Authenticator authenticator) throws IllegalArgumentException { super.setAuthenticator(authenticator); if (authenticator instanceof ModularRealmAuthenticator) { ((ModularRealmAuthenticator) authenticator).setRealms(getRealms()); } }
@Override public Authenticator getAuthenticator() { ModularRealmAuthenticator authenticator = new ModularRealmAuthenticator(); authenticator.setAuthenticationStrategy(new NegotiateAuthenticationStrategy()); return authenticator; }
@Override protected void configure() { bindFactory(SubjectFactory.class) .to(Subject.class) .in(RequestScoped.class); bind(securityManager) .to(SecurityManager.class) .to(Authenticator.class) .to(Authorizer.class) .to(SessionManager.class) .proxy(false); }
@Override public Authenticator getAuthenticator() { return new ModularRealmAuthenticator(); }
/** * Sets the delegate <code>Authenticator</code> instance that this SecurityManager uses to perform all * authentication operations. Unless overridden by this method, the default instance is a * {@link org.apache.shiro.authc.pam.ModularRealmAuthenticator ModularRealmAuthenticator}. * * @param authenticator the delegate <code>Authenticator</code> instance that this SecurityManager will use to * perform all authentication operations. * @throws IllegalArgumentException if the argument is <code>null</code>. */ public void setAuthenticator(Authenticator authenticator) throws IllegalArgumentException { if (authenticator == null) { String msg = "Authenticator argument cannot be null."; throw new IllegalArgumentException(msg); } this.authenticator = authenticator; }
/** * Returns the delegate <code>Authenticator</code> instance that this SecurityManager uses to perform all * authentication operations. Unless overridden by the * {@link #setAuthenticator(org.apache.shiro.authc.Authenticator) setAuthenticator}, the default instance is a * {@link org.apache.shiro.authc.pam.ModularRealmAuthenticator ModularRealmAuthenticator}. * * @return the delegate <code>Authenticator</code> instance that this SecurityManager uses to perform all * authentication operations. */ public Authenticator getAuthenticator() { return authenticator; }
public abstract Authenticator getAuthenticator();
