001/** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.apache.activemq.shiro.subject; 018 019import org.apache.activemq.shiro.ConnectionReference; 020import org.apache.shiro.subject.Subject; 021 022/** 023 * A {@code ConnectionSubjectFactory} creates a {@code Subject} instance that represents the connection client's identity. 024 * <p/> 025 * Most implementations will simply use the {@link Subject.Builder Subject.Builder} to create an anonymous 026 * {@code Subject} instance and let a downstream {@link org.apache.activemq.shiro.authc.AuthenticationFilter} authenticate the {@code Subject} based on 027 * any credentials associated with the connection. After authentication, the {@code Subject} will have an identity, and 028 * this is the expected flow for most connection clients. 029 * <p/> 030 * However, if there is some other data associated with the connection that can be inspected to create a 031 * {@code Subject} instance beyond what the {@link DefaultConnectionSubjectFactory} provides, this interface allows that 032 * logic to be plugged in as necessary. 033 * 034 * @see DefaultConnectionSubjectFactory 035 * @since 5.10.0 036 */ 037public interface ConnectionSubjectFactory { 038 039 /** 040 * Creates a {@code Subject} instance representing the connection client. It is common for {@code Subject} instances 041 * returned from this method to be anonymous until a downstream {@link org.apache.activemq.shiro.authc.AuthenticationFilter} authenticates the 042 * subject to associate an identity. 043 * 044 * @param ref a reference to the client's connection metadata 045 * @return a {@code Subject} instance representing the connection client. 046 */ 047 Subject createSubject(ConnectionReference ref); 048}