Example Code for Apache Shiro (eugenp#2441)

* added updated example codes

* updated example code StringToCharStream

* deleted StringToCharStream.java locally

* removed redundant file

* added code for apache commons collection SetUtils

* refactored example code

* added example code for bytebuddy

* added example code for PCollections

* update pom

* refactored tests for PCollections

* spring security xml config

* spring security xml config

* remove redundant comment

* example code for apache-shiro

* Fixed indentation.

* Fix formatting issues

apache-shiro/.gitignore

@@ -0,0 +1,4 @@
+
+/.idea/
+/target/
+/apache-shiro.iml

apache-shiro/pom.xml

@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>com.baeldung</groupId>
+    <artifactId>apache-shiro</artifactId>
+    <version>1.0-SNAPSHOT</version>
+
+    <parent>
+        <groupId>com.baeldung</groupId>
+        <artifactId>parent-modules</artifactId>
+        <version>1.0.0-SNAPSHOT</version>
+    </parent>
+
+    <properties>
+        <apache-shiro-core-version>1.4.0</apache-shiro-core-version>
+        <log4j-version>1.2.17</log4j-version>
+        <slf4j-version>1.7.25</slf4j-version>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-core</artifactId>
+            <version>${apache-shiro-core-version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>jcl-over-slf4j</artifactId>
+            <version>${slf4j-version}</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-log4j12</artifactId>
+            <version>${slf4j-version}</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>log4j</groupId>
+            <artifactId>log4j</artifactId>
+            <version>${log4j-version}</version>
+            <scope>runtime</scope>
+        </dependency>
+
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.6.2</version>
+                <configuration>
+                    <source>1.8</source>
+                    <target>1.8</target>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+
+</project>

apache-shiro/src/main/java/com/baeldung/Main.java

@@ -0,0 +1,84 @@
+package com.baeldung;
+
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authc.*;
+import org.apache.shiro.config.IniSecurityManagerFactory;
+import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.session.Session;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.util.Factory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class Main {
+    private static final transient Logger log = LoggerFactory.getLogger(Main.class);
+
+    public static void main(String[] args) {
+
+        Factory<SecurityManager> factory
+          = new IniSecurityManagerFactory("classpath:shiro.ini");
+        SecurityManager securityManager = factory.getInstance();
+
+        SecurityUtils.setSecurityManager(securityManager);
+        Subject currentUser = SecurityUtils.getSubject();
+
+        if (!currentUser.isAuthenticated()) {
+          UsernamePasswordToken token 
+            = new UsernamePasswordToken("user", "password");
+          token.setRememberMe(true);
+          try {
+              currentUser.login(token);
+          } catch (UnknownAccountException uae) {
+              log.error("Username Not Found!", uae);
+          } catch (IncorrectCredentialsException ice) {
+              log.error("Invalid Credentials!", ice);
+          } catch (LockedAccountException lae) {
+              log.error("Your Account is Locked!", lae);
+          } catch (AuthenticationException ae) {
+              log.error("Unexpected Error!", ae);
+          }
+        }
+
+        log.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");
+
+        if (currentUser.hasRole("admin")) {
+            log.info("Welcome Admin");
+        } else if(currentUser.hasRole("editor")) {
+            log.info("Welcome, Editor!");
+        } else if(currentUser.hasRole("author")) {
+            log.info("Welcome, Author");
+        } else {
+            log.info("Welcome, Guest");
+        }
+
+        if(currentUser.isPermitted("articles:compose")) {
+            log.info("You can compose an article");
+        } else {
+            log.info("You are not permitted to compose an article!");
+        }
+
+        if(currentUser.isPermitted("articles:save")) {
+            log.info("You can save articles");
+        } else {
+            log.info("You can not save articles");
+        }
+
+        if(currentUser.isPermitted("articles:publish")) {
+            log.info("You can publish articles");
+        } else {
+            log.info("You can not publish articles");
+        }
+
+        Session session = currentUser.getSession();
+        session.setAttribute("key", "value");
+        String value = (String) session.getAttribute("key");
+        if (value.equals("value")) {
+            log.info("Retrieved the correct value! [" + value + "]");
+        }
+
+        currentUser.logout();
+
+        System.exit(0);
+    }
+
+}

apache-shiro/src/main/java/com/baeldung/MyCustomRealm.java

@@ -0,0 +1,102 @@
+package com.baeldung;
+
+import org.apache.shiro.authc.*;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.realm.jdbc.JdbcRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.sql.Connection;
+import java.sql.SQLException;
+import java.util.*;
+
+public class MyCustomRealm extends JdbcRealm {
+
+    private Map<String, String> credentials = new HashMap<>();
+    private Map<String, Set<String>> roles = new HashMap<>();
+    private Map<String, Set<String>> perm = new HashMap<>();
+
+    {
+      credentials.put("user", "password");
+      credentials.put("user2", "password2");
+      credentials.put("user3", "password3");
+
+      roles.put("user", new HashSet<>(Arrays.asList("admin")));
+      roles.put("user2", new HashSet<>(Arrays.asList("editor")));
+      roles.put("user3", new HashSet<>(Arrays.asList("author")));
+
+      perm.put("admin", new HashSet<>(Arrays.asList("*")));
+      perm.put("editor", new HashSet<>(Arrays.asList("articles:*")));
+      perm.put("author",
+        new HashSet<>(Arrays.asList("articles:compose",
+          "articles:save")));
+
+    }
+
+    @Override
+    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
+      throws AuthenticationException {
+
+        UsernamePasswordToken uToken = (UsernamePasswordToken) token;
+
+        if(uToken.getUsername() == null
+          || uToken.getUsername().isEmpty()
+          || !credentials.containsKey(uToken.getUsername())
+          ) {
+            throw new UnknownAccountException("username not found!");
+        }
+
+
+        return new SimpleAuthenticationInfo(
+          uToken.getUsername(), credentials.get(uToken.getUsername()),
+          getName());
+    }
+
+    @Override
+    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
+        Set<String> roleNames = new HashSet<>();
+        Set<String> permissions = new HashSet<>();
+
+        principals.forEach(p -> {
+            try {
+                Set<String> roles = getRoleNamesForUser(null, (String) p);
+                roleNames.addAll(roles);
+                permissions.addAll(getPermissions(null, null,roles));
+            } catch (SQLException e) {
+                e.printStackTrace();
+            }
+        });
+
+        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
+        info.setStringPermissions(permissions);
+        return info;
+    }
+
+    @Override
+    protected Set<String> getRoleNamesForUser(Connection conn, String username) throws SQLException {
+        if(!roles.containsKey(username)) {
+            throw new SQLException("username not found!");
+        }
+
+       return roles.get(username);
+    }
+
+    @Override
+    protected Set<String> getPermissions(Connection conn, String username, Collection<String> roleNames) throws SQLException {
+        for (String role : roleNames) {
+            if (!perm.containsKey(role)) {
+                throw new SQLException("role not found!");
+            }
+        }
+
+        Set<String> finalSet = new HashSet<>();
+        for (String role : roleNames) {
+            finalSet.addAll(perm.get(role));
+        }
+
+        return finalSet;
+    }
+
+}

apache-shiro/src/main/resources/log4j.properties

@@ -0,0 +1,12 @@
+log4j.rootLogger=INFO, stdout
+
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] - %m %n
+
+log4j.logger.org.apache=WARN
+
+log4j.logger.org.apache.shiro=INFO
+
+log4j.logger.org.apache.shiro.util.ThreadContext=WARN
+log4j.logger.org.apache.shiro.cache.ehcache.EhCache=WARN

apache-shiro/src/main/resources/shiro.ini

@@ -0,0 +1,3 @@
+jdbcRealm = com.baeldung.MyCustomRealm
+
+securityManager.realms = $jdbcRealm