001/* 002 * Licensed under the Apache License, Version 2.0 (the "License"); 003 * you may not use this file except in compliance with the License. 004 * You may obtain a copy of the License at 005 * 006 * http://www.apache.org/licenses/LICENSE-2.0 007 * 008 * Unless required by applicable law or agreed to in writing, software 009 * distributed under the License is distributed on an "AS IS" BASIS, 010 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 011 * See the License for the specific language governing permissions and 012 * limitations under the License. 013 */ 014package org.apache.shiro.cdi; 015 016import java.io.Serializable; 017import java.util.List; 018import javax.annotation.Priority; 019import javax.enterprise.context.Dependent; 020import javax.interceptor.AroundInvoke; 021import javax.interceptor.Interceptor; 022import javax.interceptor.InvocationContext; 023 024import org.apache.shiro.cdi.AopHelper.SecurityInterceptor; 025 026/** 027 * Enforce Shiro security on EJBs and CDI Beans 028 */ 029@Interceptor 030@ShiroSecureAnnotation 031@Dependent 032@Priority(Interceptor.Priority.LIBRARY_BEFORE) 033public class ShiroSecurityInterceptor implements Serializable { 034 private static final long serialVersionUID = 1L; 035 036 @AroundInvoke 037 public Object propagateShiroSecurity(final InvocationContext ctx) throws Exception { 038 checkPermissions(ctx); 039 return ctx.proceed(); 040 } 041 042 043 private void checkPermissions(final InvocationContext ctx) throws Exception { 044 List<SecurityInterceptor> siList = AopHelper.createSecurityInterceptors(ctx.getMethod(), 045 ctx.getMethod().getDeclaringClass()); 046 siList.forEach(SecurityInterceptor::intercept); 047 } 048}