public interface Subject{
//@return this Subject's application-specific unique identity.
Object getPrincipal();
//@return all of this Subject's principals (identifying attributes).
PrincipalCollection getPrincipals();
//@return true if this Subject is permitted, false otherwise.
boolean isPermitted(String permission);
//@return true if this Subject is permitted, false otherwise.
boolean isPermitted(Permission permission);
//@return a boolean array where indices correspond to the index of the permissions in the given list.
boolean[] isPermitted(String... permissions);
boolean[] isPermitted(List<Permission> permissions);
boolean isPermittedAll(String... permissions);
boolean isPermittedAll(Collection<Permission> permissions);
void checkPermission(String permission) throws AuthorizationException;
void checkPermission(Permission permission) throws AuthorizationException;
void checkPermissions(String... permissions) throws AuthorizationException;
void checkPermissions(Collection<Permission> permissions) throws AuthorizationException;
//@return {@code true} if this Subject has the specified role, {@code false} otherwise.
boolean hasRole(String roleIdentifier);
boolean[] hasRoles(List<String> roleIdentifiers);
boolean hasAllRoles(Collection<String> roleIdentifiers);
void checkRole(String roleIdentifier) throws AuthorizationException;
void checkRoles(Collection<String> roleIdentifiers) throws AuthorizationException;
void checkRoles(String... roleIdentifiers) throws AuthorizationException;
void login(AuthenticationToken token) throws AuthenticationException;
boolean isAuthenticated();
boolean isRemembered();
Session getSession();
Session getSession(boolean create);
void logout();
<V> V execute(Callable<V> callable) throws ExecutionException;
void execute(Runnable runnable);
<V> Callable<V> associateWith(Callable<V> callable);
Runnable associateWith(Runnable runnable);
void runAs(PrincipalCollection principals) throws NullPointerException, IllegalStateException;
boolean isRunAs();
PrincipalCollection getPreviousPrincipals();
PrincipalCollection releaseRunAs();
public static class Builder {
....暂时省略
}
}
通过查看Subject的体系结构,
DelegatingSubject是主要的实现类,而这里面的方法主要由SecurityManager接口来完成的。
再看一下SecurityManager接口,继承Authenticator(验证接口,验证账号等),Authorizer(权限验证),SessionManager
主要方法:
Subject login(Subject subject, AuthenticationToken authenticationToken) throws AuthenticationException;
void logout(Subject subject);
Subject createSubject(SubjectContext context);
先眼熟,有时间再更