org.apache.shiro.guice.web

Class ShiroWebModule

java.lang.Object

com.google.inject.PrivateModule

org.apache.shiro.guice.ShiroModule

org.apache.shiro.guice.web.ShiroWebModule

All Implemented Interfaces:

com.google.inject.Module, org.apache.shiro.util.Destroyable

public abstract class ShiroWebModule
extends ShiroModule

Sets up Shiro lifecycles within Guice, enables the injecting of Shiro objects, and binds a default WebSecurityManager, SecurityManager and SessionManager. At least one realm must be added by using bindRealm.

Also provides for the configuring of filter chains and binds a FilterChainResolver with that information.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	ShiroWebModule.FilterConfig<T extends javax.servlet.Filter> Filter configuration which pairs a Filter class with its configuration used on a path.

Field Summary

Fields

Modifier and Type	Field and Description
static com.google.inject.Key<org.apache.shiro.web.filter.authc.AnonymousFilter>	ANON
static com.google.inject.Key<org.apache.shiro.web.filter.authc.FormAuthenticationFilter>	AUTHC
static com.google.inject.Key<org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter>	AUTHC_BASIC
static com.google.inject.Key<org.apache.shiro.web.filter.authc.LogoutFilter>	LOGOUT
static com.google.inject.Key<org.apache.shiro.web.filter.session.NoSessionCreationFilter>	NO_SESSION_CREATION
static com.google.inject.Key<org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter>	PERMS
static com.google.inject.Key<org.apache.shiro.web.filter.authz.PortFilter>	PORT
static com.google.inject.Key<org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter>	REST
static com.google.inject.Key<org.apache.shiro.web.filter.authz.RolesAuthorizationFilter>	ROLES
static com.google.inject.Key<org.apache.shiro.web.filter.authz.SslFilter>	SSL
static com.google.inject.Key<org.apache.shiro.web.filter.authc.UserFilter>	USER

Constructor Summary

Constructors

Constructor and Description
ShiroWebModule(javax.servlet.ServletContext servletContext)

Method Summary

Modifier and Type	Method and Description
protected void	addFilterChain(String pattern, com.google.inject.Key<? extends javax.servlet.Filter>... keys) Deprecated.
protected void	addFilterChain(String pattern, com.google.inject.Key<? extends javax.servlet.Filter> key)
protected void	addFilterChain(String pattern, ShiroWebModule.FilterConfig<? extends javax.servlet.Filter>... filterConfigs) Maps 'n' number of filterConfigs to a specific path pattern.
protected void	bindEnvironment(com.google.inject.binder.AnnotatedBindingBuilder<org.apache.shiro.env.Environment> bind) Binds the environment.
static void	bindGuiceFilter(com.google.inject.Binder binder)
static void	bindGuiceFilter(String pattern, com.google.inject.Binder binder)
protected void	bindSecurityManager(com.google.inject.binder.AnnotatedBindingBuilder<? super org.apache.shiro.mgt.SecurityManager> bind) Binds the security manager.
protected void	bindSessionManager(com.google.inject.binder.AnnotatedBindingBuilder<org.apache.shiro.session.mgt.SessionManager> bind) Binds the session manager.
protected void	bindWebEnvironment(com.google.inject.binder.AnnotatedBindingBuilder<? super org.apache.shiro.web.env.WebEnvironment> bind)
protected void	bindWebSecurityManager(com.google.inject.binder.AnnotatedBindingBuilder<? super org.apache.shiro.web.mgt.WebSecurityManager> bind) Binds the security manager.
protected static <T extends org.apache.shiro.web.filter.PathMatchingFilter> com.google.inject.Key<T>	config(Class<T> type, String configValue) Deprecated.
protected static <T extends org.apache.shiro.web.filter.PathMatchingFilter> com.google.inject.Key<T>	config(com.google.inject.Key<T> baseKey, String configValue) Deprecated.
protected static <T extends org.apache.shiro.web.filter.PathMatchingFilter> com.google.inject.Key<T>	config(com.google.inject.TypeLiteral<T> typeLiteral, String configValue) Deprecated.
protected void	configureShiro() Implement this method in order to configure your realms and any other Shiro customization you may need.
protected abstract void	configureShiroWeb()
protected static <T extends javax.servlet.Filter> ShiroWebModule.FilterConfig<T>	filterConfig(Class<T> type, String configValue) Builds a FilterConfig from a Filer and configuration String
protected static <T extends javax.servlet.Filter> ShiroWebModule.FilterConfig<T>	filterConfig(com.google.inject.Key<T> baseKey) Builds a FilterConfig from a Filer and configuration String
protected static <T extends javax.servlet.Filter> ShiroWebModule.FilterConfig<T>	filterConfig(com.google.inject.Key<T> baseKey, String configValue) Builds a FilterConfig from a Filer and configuration String
protected static <T extends javax.servlet.Filter> ShiroWebModule.FilterConfig<T>	filterConfig(com.google.inject.TypeLiteral<T> typeLiteral, String configValue) Builds a FilterConfig from a Filer and configuration String
static com.google.inject.servlet.ServletModule	guiceFilterModule()
static com.google.inject.servlet.ServletModule	guiceFilterModule(String pattern)

Methods inherited from class org.apache.shiro.guice.ShiroModule

add, bindBeanType, bindEventBus, bindRealm, configure, destroy

Methods inherited from class com.google.inject.PrivateModule

addError, addError, addError, bind, bind, bind, bindConstant, binder, bindInterceptor, bindListener, bindScope, configure, convertToTypes, currentStage, expose, expose, expose, getMembersInjector, getMembersInjector, getProvider, getProvider, install, requestInjection, requestStaticInjection, requireBinding, requireBinding

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ANON

public static final com.google.inject.Key<org.apache.shiro.web.filter.authc.AnonymousFilter> ANON

AUTHC

public static final com.google.inject.Key<org.apache.shiro.web.filter.authc.FormAuthenticationFilter> AUTHC

AUTHC_BASIC

public static final com.google.inject.Key<org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter> AUTHC_BASIC

NO_SESSION_CREATION

public static final com.google.inject.Key<org.apache.shiro.web.filter.session.NoSessionCreationFilter> NO_SESSION_CREATION

LOGOUT

public static final com.google.inject.Key<org.apache.shiro.web.filter.authc.LogoutFilter> LOGOUT

PERMS

public static final com.google.inject.Key<org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter> PERMS

PORT

public static final com.google.inject.Key<org.apache.shiro.web.filter.authz.PortFilter> PORT

REST

public static final com.google.inject.Key<org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter> REST

ROLES

public static final com.google.inject.Key<org.apache.shiro.web.filter.authz.RolesAuthorizationFilter> ROLES

SSL

public static final com.google.inject.Key<org.apache.shiro.web.filter.authz.SslFilter> SSL

USER

public static final com.google.inject.Key<org.apache.shiro.web.filter.authc.UserFilter> USER

Constructor Detail

ShiroWebModule

public ShiroWebModule(javax.servlet.ServletContext servletContext)

Method Detail

bindGuiceFilter

public static void bindGuiceFilter(com.google.inject.Binder binder)

bindGuiceFilter

public static void bindGuiceFilter(String pattern,
                                   com.google.inject.Binder binder)

guiceFilterModule

public static com.google.inject.servlet.ServletModule guiceFilterModule()

guiceFilterModule

public static com.google.inject.servlet.ServletModule guiceFilterModule(String pattern)

configureShiro

protected final void configureShiro()

Description copied from class: ShiroModule

Implement this method in order to configure your realms and any other Shiro customization you may need.

Specified by:

configureShiro in class ShiroModule

configureShiroWeb

protected abstract void configureShiroWeb()

bindSecurityManager

protected final void bindSecurityManager(com.google.inject.binder.AnnotatedBindingBuilder<? super org.apache.shiro.mgt.SecurityManager> bind)

Description copied from class: ShiroModule

Binds the security manager. Override this method in order to provide your own security manager binding.

By default, a DefaultSecurityManager is bound as an eager singleton.

Overrides:

bindSecurityManager in class ShiroModule

bindWebSecurityManager

protected void bindWebSecurityManager(com.google.inject.binder.AnnotatedBindingBuilder<? super org.apache.shiro.web.mgt.WebSecurityManager> bind)

Binds the security manager. Override this method in order to provide your own security manager binding.

By default, a DefaultWebSecurityManager is bound as an eager singleton.

Parameters:

bind -

bindSessionManager

protected void bindSessionManager(com.google.inject.binder.AnnotatedBindingBuilder<org.apache.shiro.session.mgt.SessionManager> bind)

Binds the session manager. Override this method in order to provide your own session manager binding.

By default, a DefaultWebSessionManager is bound as an eager singleton.

Overrides:

bindSessionManager in class ShiroModule

Parameters:

bind -

bindEnvironment

protected final void bindEnvironment(com.google.inject.binder.AnnotatedBindingBuilder<org.apache.shiro.env.Environment> bind)

Description copied from class: ShiroModule

Binds the environment. Override this method in order to provide your own environment binding.

By default, a GuiceEnvironment is bound as an eager singleton.

Overrides:

bindEnvironment in class ShiroModule

bindWebEnvironment

protected void bindWebEnvironment(com.google.inject.binder.AnnotatedBindingBuilder<? super org.apache.shiro.web.env.WebEnvironment> bind)

addFilterChain

protected final void addFilterChain(String pattern,
                                    com.google.inject.Key<? extends javax.servlet.Filter> key)

addFilterChain

protected final void addFilterChain(String pattern,
                                    ShiroWebModule.FilterConfig<? extends javax.servlet.Filter>... filterConfigs)

Maps 'n' number of filterConfigs to a specific path pattern.
For example, a path of '/my_private_resource/**' to 'filterConfig(AUTHC)' would require any resource under the path '/my_private_resource' would be processed through the FormAuthenticationFilter.

Parameters:

pattern - URL patter to be mapped to a FilterConfig, e.g. '/my_private-path/**'

filterConfigs - FilterConfiguration representing the Filter and config to be used when processing resources on pattern.

Since:

1.4

filterConfig

protected static <T extends javax.servlet.Filter> ShiroWebModule.FilterConfig<T> filterConfig(com.google.inject.Key<T> baseKey,
                                                                                              String configValue)

Builds a FilterConfig from a Filer and configuration String

Type Parameters:

T - A Servlet Filter class.

Parameters:

baseKey - The Key of the Filter class to be used.

Returns:

A FilterConfig used to map a String path to this configuration.

Since:

1.4

filterConfig

protected static <T extends javax.servlet.Filter> ShiroWebModule.FilterConfig<T> filterConfig(com.google.inject.Key<T> baseKey)

Builds a FilterConfig from a Filer and configuration String

Type Parameters:

T - A Servlet Filter class.

Parameters:

baseKey - The Key of the Filter class to be used.

Returns:

A FilterConfig used to map a String path to this configuration.

Since:

1.4

filterConfig

protected static <T extends javax.servlet.Filter> ShiroWebModule.FilterConfig<T> filterConfig(com.google.inject.TypeLiteral<T> typeLiteral,
                                                                                              String configValue)

Builds a FilterConfig from a Filer and configuration String

Type Parameters:

T - A Servlet Filter class.

Parameters:

typeLiteral - The TyleLiteral of the filter key to be used.

configValue - the configuration used.

Returns:

A FilterConfig used to map a String path to this configuration.

Since:

1.4

filterConfig

protected static <T extends javax.servlet.Filter> ShiroWebModule.FilterConfig<T> filterConfig(Class<T> type,
                                                                                              String configValue)

Builds a FilterConfig from a Filer and configuration String

Type Parameters:

T - A Servlet Filter class.

Parameters:

type - The filter to be used.

configValue - the configuration used.

Returns:

A FilterConfig used to map a String path to this configuration.

Since:

1.4

addFilterChain

@Deprecated
protected final void addFilterChain(String pattern,
                                                com.google.inject.Key<? extends javax.servlet.Filter>... keys)

Deprecated.

Adds a filter chain to the shiro configuration.

NOTE: If the provided key is for a subclass of PathMatchingFilter, it will be registered with a proper provider.

Parameters:

pattern -

keys -

config

@Deprecated
protected static <T extends org.apache.shiro.web.filter.PathMatchingFilter> com.google.inject.Key<T> config(com.google.inject.Key<T> baseKey,
                                                                                                                        String configValue)

Deprecated.

config

@Deprecated
protected static <T extends org.apache.shiro.web.filter.PathMatchingFilter> com.google.inject.Key<T> config(com.google.inject.TypeLiteral<T> typeLiteral,
                                                                                                                        String configValue)

Deprecated.

config

@Deprecated
protected static <T extends org.apache.shiro.web.filter.PathMatchingFilter> com.google.inject.Key<T> config(Class<T> type,
                                                                                                                        String configValue)

Deprecated.