From 3b5d9585ed6a7c8e8d0d23cdcb5a3ef34107032c Mon Sep 17 00:00:00 2001
From: Seun Matt <smatt382@gmail.com>
Date: Tue, 15 Aug 2017 13:41:02 +0100
Subject: [PATCH] Example Code for Apache Shiro (#2441)

* added updated example codes

* updated example code StringToCharStream

* deleted StringToCharStream.java locally

* removed redundant file

* added code for apache commons collection SetUtils

* refactored example code

* added example code for bytebuddy

* added example code for PCollections

* update pom

* refactored tests for PCollections

* spring security xml config

* spring security xml config

* remove redundant comment

* example code for apache-shiro

* Fixed indentation.

* Fix formatting issues
---
 apache-shiro/.gitignore                       |   4 +
 apache-shiro/README.md                        |   0
 apache-shiro/pom.xml                          |  65 +++++++++++
 .../src/main/java/com/baeldung/Main.java      |  84 +++++++++++++++
 .../main/java/com/baeldung/MyCustomRealm.java | 102 ++++++++++++++++++
 .../src/main/resources/log4j.properties       |  12 +++
 apache-shiro/src/main/resources/shiro.ini     |   3 +
 7 files changed, 270 insertions(+)
 create mode 100644 apache-shiro/.gitignore
 create mode 100644 apache-shiro/README.md
 create mode 100644 apache-shiro/pom.xml
 create mode 100644 apache-shiro/src/main/java/com/baeldung/Main.java
 create mode 100644 apache-shiro/src/main/java/com/baeldung/MyCustomRealm.java
 create mode 100644 apache-shiro/src/main/resources/log4j.properties
 create mode 100644 apache-shiro/src/main/resources/shiro.ini

diff --git a/apache-shiro/.gitignore b/apache-shiro/.gitignore
new file mode 100644
index 0000000000..020cda4898
--- /dev/null
+++ b/apache-shiro/.gitignore
@@ -0,0 +1,4 @@
+
+/.idea/
+/target/
+/apache-shiro.iml
\ No newline at end of file
diff --git a/apache-shiro/README.md b/apache-shiro/README.md
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/apache-shiro/pom.xml b/apache-shiro/pom.xml
new file mode 100644
index 0000000000..97ed872a26
--- /dev/null
+++ b/apache-shiro/pom.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>com.baeldung</groupId>
+    <artifactId>apache-shiro</artifactId>
+    <version>1.0-SNAPSHOT</version>
+
+    <parent>
+        <groupId>com.baeldung</groupId>
+        <artifactId>parent-modules</artifactId>
+        <version>1.0.0-SNAPSHOT</version>
+    </parent>
+
+    <properties>
+        <apache-shiro-core-version>1.4.0</apache-shiro-core-version>
+        <log4j-version>1.2.17</log4j-version>
+        <slf4j-version>1.7.25</slf4j-version>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-core</artifactId>
+            <version>${apache-shiro-core-version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>jcl-over-slf4j</artifactId>
+            <version>${slf4j-version}</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-log4j12</artifactId>
+            <version>${slf4j-version}</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>log4j</groupId>
+            <artifactId>log4j</artifactId>
+            <version>${log4j-version}</version>
+            <scope>runtime</scope>
+        </dependency>
+
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.6.2</version>
+                <configuration>
+                    <source>1.8</source>
+                    <target>1.8</target>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+    
+</project>
\ No newline at end of file
diff --git a/apache-shiro/src/main/java/com/baeldung/Main.java b/apache-shiro/src/main/java/com/baeldung/Main.java
new file mode 100644
index 0000000000..68af5d7b46
--- /dev/null
+++ b/apache-shiro/src/main/java/com/baeldung/Main.java
@@ -0,0 +1,84 @@
+package com.baeldung;
+
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authc.*;
+import org.apache.shiro.config.IniSecurityManagerFactory;
+import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.session.Session;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.util.Factory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class Main {
+    private static final transient Logger log = LoggerFactory.getLogger(Main.class);
+
+    public static void main(String[] args) {
+
+        Factory<SecurityManager> factory
+          = new IniSecurityManagerFactory("classpath:shiro.ini");
+        SecurityManager securityManager = factory.getInstance();
+
+        SecurityUtils.setSecurityManager(securityManager);
+        Subject currentUser = SecurityUtils.getSubject();
+
+        if (!currentUser.isAuthenticated()) {
+          UsernamePasswordToken token 
+            = new UsernamePasswordToken("user", "password");
+          token.setRememberMe(true);
+          try {
+              currentUser.login(token);
+          } catch (UnknownAccountException uae) {
+              log.error("Username Not Found!", uae);
+          } catch (IncorrectCredentialsException ice) {
+              log.error("Invalid Credentials!", ice);
+          } catch (LockedAccountException lae) {
+              log.error("Your Account is Locked!", lae);
+          } catch (AuthenticationException ae) {
+              log.error("Unexpected Error!", ae);
+          }
+        }
+
+        log.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");
+
+        if (currentUser.hasRole("admin")) {
+            log.info("Welcome Admin");
+        } else if(currentUser.hasRole("editor")) {
+            log.info("Welcome, Editor!");
+        } else if(currentUser.hasRole("author")) {
+            log.info("Welcome, Author");
+        } else {
+            log.info("Welcome, Guest");
+        }
+
+        if(currentUser.isPermitted("articles:compose")) {
+            log.info("You can compose an article");
+        } else {
+            log.info("You are not permitted to compose an article!");
+        }
+
+        if(currentUser.isPermitted("articles:save")) {
+            log.info("You can save articles");
+        } else {
+            log.info("You can not save articles");
+        }
+
+        if(currentUser.isPermitted("articles:publish")) {
+            log.info("You can publish articles");
+        } else {
+            log.info("You can not publish articles");
+        }
+
+        Session session = currentUser.getSession();
+        session.setAttribute("key", "value");
+        String value = (String) session.getAttribute("key");
+        if (value.equals("value")) {
+            log.info("Retrieved the correct value! [" + value + "]");
+        }
+
+        currentUser.logout();
+
+        System.exit(0);
+    }
+
+}
diff --git a/apache-shiro/src/main/java/com/baeldung/MyCustomRealm.java b/apache-shiro/src/main/java/com/baeldung/MyCustomRealm.java
new file mode 100644
index 0000000000..8d792c76a5
--- /dev/null
+++ b/apache-shiro/src/main/java/com/baeldung/MyCustomRealm.java
@@ -0,0 +1,102 @@
+package com.baeldung;
+
+import org.apache.shiro.authc.*;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.realm.jdbc.JdbcRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.sql.Connection;
+import java.sql.SQLException;
+import java.util.*;
+
+public class MyCustomRealm extends JdbcRealm {
+
+    private Map<String, String> credentials = new HashMap<>();
+    private Map<String, Set<String>> roles = new HashMap<>();
+    private Map<String, Set<String>> perm = new HashMap<>();
+
+    {
+      credentials.put("user", "password");
+      credentials.put("user2", "password2");
+      credentials.put("user3", "password3");
+
+      roles.put("user", new HashSet<>(Arrays.asList("admin")));
+      roles.put("user2", new HashSet<>(Arrays.asList("editor")));
+      roles.put("user3", new HashSet<>(Arrays.asList("author")));
+
+      perm.put("admin", new HashSet<>(Arrays.asList("*")));
+      perm.put("editor", new HashSet<>(Arrays.asList("articles:*")));
+      perm.put("author",
+        new HashSet<>(Arrays.asList("articles:compose",
+          "articles:save")));
+
+    }
+
+    @Override
+    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
+      throws AuthenticationException {
+
+        UsernamePasswordToken uToken = (UsernamePasswordToken) token;
+
+        if(uToken.getUsername() == null
+          || uToken.getUsername().isEmpty()
+          || !credentials.containsKey(uToken.getUsername())
+          ) {
+            throw new UnknownAccountException("username not found!");
+        }
+
+
+        return new SimpleAuthenticationInfo(
+          uToken.getUsername(), credentials.get(uToken.getUsername()),
+          getName());
+    }
+
+    @Override
+    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
+        Set<String> roleNames = new HashSet<>();
+        Set<String> permissions = new HashSet<>();
+
+        principals.forEach(p -> {
+            try {
+                Set<String> roles = getRoleNamesForUser(null, (String) p);
+                roleNames.addAll(roles);
+                permissions.addAll(getPermissions(null, null,roles));
+            } catch (SQLException e) {
+                e.printStackTrace();
+            }
+        });
+
+        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
+        info.setStringPermissions(permissions);
+        return info;
+    }
+
+    @Override
+    protected Set<String> getRoleNamesForUser(Connection conn, String username) throws SQLException {
+        if(!roles.containsKey(username)) {
+            throw new SQLException("username not found!");
+        }
+
+       return roles.get(username);
+    }
+
+    @Override
+    protected Set<String> getPermissions(Connection conn, String username, Collection<String> roleNames) throws SQLException {
+        for (String role : roleNames) {
+            if (!perm.containsKey(role)) {
+                throw new SQLException("role not found!");
+            }
+        }
+
+        Set<String> finalSet = new HashSet<>();
+        for (String role : roleNames) {
+            finalSet.addAll(perm.get(role));
+        }
+
+        return finalSet;
+    }
+
+}
diff --git a/apache-shiro/src/main/resources/log4j.properties b/apache-shiro/src/main/resources/log4j.properties
new file mode 100644
index 0000000000..897bf08221
--- /dev/null
+++ b/apache-shiro/src/main/resources/log4j.properties
@@ -0,0 +1,12 @@
+log4j.rootLogger=INFO, stdout
+
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] - %m %n
+
+log4j.logger.org.apache=WARN
+
+log4j.logger.org.apache.shiro=INFO
+
+log4j.logger.org.apache.shiro.util.ThreadContext=WARN
+log4j.logger.org.apache.shiro.cache.ehcache.EhCache=WARN
\ No newline at end of file
diff --git a/apache-shiro/src/main/resources/shiro.ini b/apache-shiro/src/main/resources/shiro.ini
new file mode 100644
index 0000000000..a75f591015
--- /dev/null
+++ b/apache-shiro/src/main/resources/shiro.ini
@@ -0,0 +1,3 @@
+jdbcRealm = com.baeldung.MyCustomRealm
+
+securityManager.realms = $jdbcRealm
\ No newline at end of file