CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/maven-org-apache-shiro--shiro-web

Web support module for Apache Shiro providing servlet filters, session management, and web-specific authentication and authorization features

Pending
Overview
Eval results
Files

web-subjects.mddocs/

Web Subjects

Web-aware subject implementations providing access to servlet requests and responses in Apache Shiro web applications. These components extend Shiro's Subject interface with web-specific functionality and builder patterns for subject creation.

Capabilities

Web Subject Interface

interface WebSubject extends Subject, RequestPairSource {
    /**
     * Returns the servlet request associated with this subject.
     *
     * @return the ServletRequest instance
     */
    ServletRequest getServletRequest();
    
    /**
     * Returns the servlet response associated with this subject.
     *
     * @return the ServletResponse instance
     */
    ServletResponse getServletResponse();
    
    /**
     * Builder class for creating WebSubject instances.
     */
    class Builder extends Subject.Builder {
        public Builder(SecurityManager securityManager, ServletRequest request, ServletResponse response);
        
        public Builder sessionId(Serializable sessionId);
        public Builder host(String host);
        public Builder session(Session session);
        public Builder principals(PrincipalCollection principals);
        public Builder authenticated(boolean authenticated);
        
        public WebSubject buildWebSubject();
    }
}

Web Subject Context

interface WebSubjectContext extends SubjectContext, RequestPairSource {
    ServletRequest getServletRequest();
    ServletResponse getServletResponse();
    void setServletRequest(ServletRequest request);
    void setServletResponse(ServletResponse response);
}
class DefaultWebSubjectContext extends DefaultSubjectContext implements WebSubjectContext {
    public DefaultWebSubjectContext();
    
    public ServletRequest getServletRequest();
    public void setServletRequest(ServletRequest request);
    
    public ServletResponse getServletResponse();
    public void setServletResponse(ServletResponse response);
}

Web Subject Implementation

class WebDelegatingSubject extends DelegatingSubject implements WebSubject {
    public WebDelegatingSubject(PrincipalCollection principals, boolean authenticated, String host,
                               Session session, boolean sessionEnabled, ServletRequest request,
                               ServletResponse response, SecurityManager securityManager);
    
    public ServletRequest getServletRequest();
    public ServletResponse getServletResponse();
    
    protected Session decorate(Session session);
}

Usage Examples

Working with Web Subjects

public void handleWebRequest(HttpServletRequest request, HttpServletResponse response) {
    WebSubject currentUser = (WebSubject) SecurityUtils.getSubject();
    
    // Access servlet request/response through WebSubject
    ServletRequest subjectRequest = currentUser.getServletRequest();
    ServletResponse subjectResponse = currentUser.getServletResponse();
    
    // Standard Subject operations
    if (currentUser.isAuthenticated()) {
        String userId = (String) currentUser.getPrincipal();
        // Handle authenticated user
    }
    
    // Web-specific operations
    HttpServletRequest httpRequest = (HttpServletRequest) subjectRequest;
    String userAgent = httpRequest.getHeader("User-Agent");
}

Install with Tessl CLI

npx tessl i tessl/maven-org-apache-shiro--shiro-web

docs

authentication-filters.md

authorization-filters.md

environment-config.md

filter-chain-management.md

index.md

jsp-tag-library.md

servlet-filters.md

session-management.md

web-security-management.md

web-subjects.md

web-utilities.md

tile.json