Class SimpleAccount

java.lang.Object
org.apache.shiro.authc.SimpleAccount
All Implemented Interfaces:
Serializable, Account, AuthenticationInfo, MergableAuthenticationInfo, SaltedAuthenticationInfo, AuthorizationInfo
public class SimpleAccount extends Object implements Account, MergableAuthenticationInfo, SaltedAuthenticationInfo, Serializable
Simple implementation of the Account interface that contains principal and credential and authorization information (roles and permissions) as instance variables and exposes them via getters and setters using standard JavaBean notation.
Since:
0.1
See Also:

  • Constructor Details

    • SimpleAccount

      public SimpleAccount()
      Default no-argument constructor.

    • SimpleAccount

      public SimpleAccount(Object principal, Object credentials, String realmName)
      Constructs a SimpleAccount instance for the specified realm with the given principals and credentials.
      Parameters:
      principal - the 'primary' identifying attribute of the account, for example, a user id or username.
      credentials - the credentials that verify identity for the account
      realmName - the name of the realm that accesses this account data

    • SimpleAccount

      public SimpleAccount(Object principal, Object hashedCredentials, org.apache.shiro.lang.util.ByteSource credentialsSalt, String realmName)
      Constructs a SimpleAccount instance for the specified realm with the given principals, hashedCredentials and credentials salt used when hashing the credentials.
      Parameters:
      principal - the 'primary' identifying attribute of the account, for example, a user id or username.
      hashedCredentials - the credentials that verify identity for the account
      credentialsSalt - the salt used when hashing the credentials
      realmName - the name of the realm that accesses this account data
      Since:
      1.1
      See Also:

    • SimpleAccount

      public SimpleAccount(Collection principals, Object credentials, String realmName)
      Constructs a SimpleAccount instance for the specified realm with the given principals and credentials.
      Parameters:
      principals - the identifying attributes of the account, at least one of which should be considered the account's 'primary' identifying attribute, for example, a user id or username.
      credentials - the credentials that verify identity for the account
      realmName - the name of the realm that accesses this account data

    • SimpleAccount

      public SimpleAccount(PrincipalCollection principals, Object credentials)
      Constructs a SimpleAccount instance for the specified principals and credentials.
      Parameters:
      principals - the identifying attributes of the account, at least one of which should be considered the account's 'primary' identifying attribute, for example, a user id or username.
      credentials - the credentials that verify identity for the account

    • SimpleAccount

      public SimpleAccount(PrincipalCollection principals, Object hashedCredentials, org.apache.shiro.lang.util.ByteSource credentialsSalt)
      Constructs a SimpleAccount instance for the specified principals and credentials.
      Parameters:
      principals - the identifying attributes of the account, at least one of which should be considered the account's 'primary' identifying attribute, for example, a user id or username.
      hashedCredentials - the hashed credentials that verify identity for the account
      credentialsSalt - the salt used when hashing the credentials
      Since:
      1.1
      See Also:

    • SimpleAccount

      public SimpleAccount(PrincipalCollection principals, Object credentials, Set<String> roles)
      Constructs a SimpleAccount instance for the specified principals and credentials, with the assigned roles.
      Parameters:
      principals - the identifying attributes of the account, at least one of which should be considered the account's 'primary' identifying attribute, for example, a user id or username.
      credentials - the credentials that verify identity for the account
      roles - the names of the roles assigned to this account.

    • SimpleAccount

      public SimpleAccount(Object principal, Object credentials, String realmName, Set<String> roleNames, Set<Permission> permissions)
      Constructs a SimpleAccount instance for the specified realm with the given principal and credentials, with the the assigned roles and permissions.
      Parameters:
      principal - the 'primary' identifying attributes of the account, for example, a user id or username.
      credentials - the credentials that verify identity for the account
      realmName - the name of the realm that accesses this account data
      roleNames - the names of the roles assigned to this account.
      permissions - the permissions assigned to this account directly (not those assigned to any of the realms).

    • SimpleAccount

      public SimpleAccount(Collection principals, Object credentials, String realmName, Set<String> roleNames, Set<Permission> permissions)
      Constructs a SimpleAccount instance for the specified realm with the given principals and credentials, with the the assigned roles and permissions.
      Parameters:
      principals - the identifying attributes of the account, at least one of which should be considered the account's 'primary' identifying attribute, for example, a user id or username.
      credentials - the credentials that verify identity for the account
      realmName - the name of the realm that accesses this account data
      roleNames - the names of the roles assigned to this account.
      permissions - the permissions assigned to this account directly (not those assigned to any of the realms).

    • SimpleAccount

      public SimpleAccount(PrincipalCollection principals, Object credentials, Set<String> roleNames, Set<Permission> permissions)
      Constructs a SimpleAccount instance from the given principals and credentials, with the the assigned roles and permissions.
      Parameters:
      principals - the identifying attributes of the account, at least one of which should be considered the account's 'primary' identifying attribute, for example, a user id or username.
      credentials - the credentials that verify identity for the account
      roleNames - the names of the roles assigned to this account.
      permissions - the permissions assigned to this account directly (not those assigned to any of the realms).

  • Method Details

    • getPrincipals

      public PrincipalCollection getPrincipals()
      Returns the principals, aka the identifying attributes (username, user id, first name, last name, etc.) of this Account.
      Specified by:
      getPrincipals in interface AuthenticationInfo
      Returns:
      all the principals, aka the identifying attributes, of this Account.

    • setPrincipals

      public void setPrincipals(PrincipalCollection principals)
      Sets the principals, aka the identifying attributes (username, user id, first name, last name, etc.) of this Account.
      Parameters:
      principals - all the principals, aka the identifying attributes, of this Account.
      See Also:

    • getCredentials

      public Object getCredentials()
      Simply returns this.authcInfo.getCredentials. The authcInfo attribute is constructed via the constructors to wrap the input arguments.
      Specified by:
      getCredentials in interface AuthenticationInfo
      Returns:
      this Account's credentials.

    • setCredentials

      public void setCredentials(Object credentials)
      Sets this Account's credentials that verify one or more of the Account's principals, such as a password or private key.
      Parameters:
      credentials - the credentials associated with this Account that verify one or more of the Account principals.
      See Also:

    • getCredentialsSalt

      public org.apache.shiro.lang.util.ByteSource getCredentialsSalt()
      Returns the salt used to hash this Account's credentials (e.g. for password hashing), or null if no salt was used or credentials were not hashed at all.
      Specified by:
      getCredentialsSalt in interface SaltedAuthenticationInfo
      Returns:
      the salt used to hash this Account's credentials (e.g. for password hashing), or null if no salt was used or credentials were not hashed at all.
      Since:
      1.1

    • setCredentialsSalt

      public void setCredentialsSalt(org.apache.shiro.lang.util.ByteSource salt)
      Sets the salt to use to hash this Account's credentials (e.g. for password hashing), or null if no salt is used or credentials are not hashed at all.
      Parameters:
      salt - the salt to use to hash this Account's credentials (e.g. for password hashing), or null if no salt is used or credentials are not hashed at all.
      Since:
      1.1

    • getRoles

      public Collection<String> getRoles()
      Returns this.authzInfo.getRoles();
      Specified by:
      getRoles in interface AuthorizationInfo
      Returns:
      the Account's assigned roles.

    • setRoles

      public void setRoles(Set<String> roles)
      Sets the Account's assigned roles. Simply calls this.authzInfo.setRoles(roles).
      Parameters:
      roles - the Account's assigned roles.
      See Also:

    • addRole

      public void addRole(String role)
      Adds a role to this Account's set of assigned roles. Simply delegates to this.authzInfo.addRole(role).
      Parameters:
      role - a role to assign to this Account.

    • addRole

      public void addRole(Collection<String> roles)
      Adds one or more roles to this Account's set of assigned roles. Simply delegates to this.authzInfo.addRoles(roles).
      Parameters:
      roles - one or more roles to assign to this Account.

    • getStringPermissions

      public Collection<String> getStringPermissions()
      Returns all String-based permissions assigned to this Account. Simply delegates to this.authzInfo.getStringPermissions().
      Specified by:
      getStringPermissions in interface AuthorizationInfo
      Returns:
      all String-based permissions assigned to this Account.

    • setStringPermissions

      public void setStringPermissions(Set<String> permissions)
      Sets the String-based permissions assigned to this Account. Simply delegates to this.authzInfo.setStringPermissions(permissions).
      Parameters:
      permissions - all String-based permissions assigned to this Account.
      See Also:

    • addStringPermission

      public void addStringPermission(String permission)
      Assigns a String-based permission directly to this Account (not to any of its realms).
      Parameters:
      permission - the String-based permission to assign.

    • addStringPermissions

      public void addStringPermissions(Collection<String> permissions)
      Assigns one or more string-based permissions directly to this Account (not to any of its realms).
      Parameters:
      permissions - one or more String-based permissions to assign.

    • getObjectPermissions

      public Collection<Permission> getObjectPermissions()
      Returns all object-based permissions assigned directly to this Account (not any of its realms).
      Specified by:
      getObjectPermissions in interface AuthorizationInfo
      Returns:
      all object-based permissions assigned directly to this Account (not any of its realms).

    • setObjectPermissions

      public void setObjectPermissions(Set<Permission> permissions)
      Set al. object-based permissions assigned directly to this Account (not any of its realms).
      Parameters:
      permissions - the object-based permissions to assign directly to this Account.

    • addObjectPermission

      public void addObjectPermission(Permission permission)
      Assigns an object-based permission directly to this Account (not any of its realms).
      Parameters:
      permission - the object-based permission to assign directly to this Account (not any of its realms).

    • addObjectPermissions

      public void addObjectPermissions(Collection<Permission> permissions)
      Assigns one or more object-based permissions directly to this Account (not any of its realms).
      Parameters:
      permissions - one or more object-based permissions to assign directly to this Account (not any of its realms).

    • isLocked

      public boolean isLocked()
      Returns true if this Account is locked and thus cannot be used to login, false otherwise.
      Returns:
      true if this Account is locked and thus cannot be used to login, false otherwise.

    • setLocked

      public void setLocked(boolean locked)
      Sets whether or not the account is locked and can be used to login.
      Parameters:
      locked - true if this Account is locked and thus cannot be used to login, false otherwise.

    • isCredentialsExpired

      public boolean isCredentialsExpired()
      Returns whether or not the Account's credentials are expired. This usually indicates that the Subject or an application administrator would need to change the credentials before the account could be used.
      Returns:
      whether or not the Account's credentials are expired.

    • setCredentialsExpired

      public void setCredentialsExpired(boolean credentialsExpired)
      Sets whether or not the Account's credentials are expired. A true value indicates that the Subject or application administrator would need to change their credentials before the account could be used.
      Parameters:
      credentialsExpired - true if this Account's credentials are expired and need to be changed, false otherwise.

    • merge

      public void merge(AuthenticationInfo info)
      Merges the specified AuthenticationInfo into this Account.

      If the specified argument is also an instance of SimpleAccount, the isLocked() and isCredentialsExpired() attributes are merged (set on this instance) as well (only if their values are true).

      Specified by:
      merge in interface MergableAuthenticationInfo
      Parameters:
      info - the AuthenticationInfo to merge into this account.

    • hashCode

      public int hashCode()
      If the principals are not null, returns principals.hashCode(), otherwise returns 0 (zero).
      Overrides:
      hashCode in class Object
      Returns:
      principals.hashCode() if they are not null, 0 (zero) otherwise.

    • equals

      public boolean equals(Object o)
      Returns true if the specified object is also a SimpleAccount and its principals are equal to this object's principals, false otherwise.
      Overrides:
      equals in class Object
      Parameters:
      o - the object to test for equality.
      Returns:
      true if the specified object is also a SimpleAccount and its principals are equal to this object's principals, false otherwise.

    • toString

      public String toString()
      Returns principals.toString() if they are not null, otherwise prints out the string "empty"
      Overrides:
      toString in class Object
      Returns:
      the String representation of this Account object.