001/**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.activemq.shiro.subject;
018
019import org.apache.activemq.broker.ConnectionContext;
020import org.apache.activemq.security.SecurityContext;
021import org.apache.activemq.shiro.ConnectionReference;
022import org.apache.shiro.subject.Subject;
023
024/**
025 * A {@code SubjectResolver} that acquires the current Subject from a {@link org.apache.activemq.shiro.ConnectionReference}.
026 *
027 * @since 5.10.0
028 */
029public class ConnectionSubjectResolver implements SubjectResolver {
030
031    private final SubjectSecurityContext securityContext;
032
033    public ConnectionSubjectResolver(ConnectionContext connCtx) {
034        if (connCtx == null) {
035            throw new IllegalArgumentException("ConnectionContext argument cannot be null.");
036        }
037        SecurityContext secCtx = connCtx.getSecurityContext();
038        if (secCtx == null) {
039            String msg = "There is no SecurityContext available on the ConnectionContext.  It " +
040                    "is expected that a previous broker in the chain will create the SecurityContext prior to this " +
041                    "resolver being invoked.  Ensure you have configured the SubjectPlugin and that it is " +
042                    "configured before all other Shiro-dependent broker filters.";
043            throw new IllegalArgumentException(msg);
044        }
045        if (!(secCtx instanceof SubjectSecurityContext)) {
046            String msg = "The specified SecurityContext is expected to be a " + SubjectSecurityContext.class.getName() +
047                    " instance.  The current instance's class: " + secCtx.getClass().getName();
048            throw new IllegalArgumentException(msg);
049        }
050        this.securityContext = (SubjectSecurityContext) secCtx;
051    }
052
053    public ConnectionSubjectResolver(ConnectionReference conn) {
054        this(conn.getConnectionContext());
055    }
056
057    @Override
058    public Subject getSubject() {
059        Subject subject = securityContext.getSubject();
060        if (subject != null) {
061            return subject;
062        }
063        String msg = "There is no Subject available in the SecurityContext.  Ensure " +
064                "that the SubjectPlugin is configured before all other Shiro-dependent broker filters.";
065        throw new IllegalStateException(msg);
066    }
067}