You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by da...@apache.org on 2021/05/25 18:09:25 UTC
[isis] branch ISIS-2697 created (now 69e6892)
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a change to branch ISIS-2697
in repository https://gitbox.apache.org/repos/asf/isis.git.
at 69e6892 ISIS-2697: simplifies secman's support for user registration
This branch includes the following new commits:
new ce188b5 ISIS-2694: removes guard to hide newDelegateUser
new 9ed6497 ISIS-2694: deletes SecurityRealm and a bunch of other classes
new 69e6892 ISIS-2697: simplifies secman's support for user registration
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[isis] 03/03: ISIS-2697: simplifies secman's support for user
registration
Posted by da...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch ISIS-2697
in repository https://gitbox.apache.org/repos/asf/isis.git
commit 69e68922147605c4ceca0e19510aa26c9ce65252
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Tue May 25 19:05:04 2021 +0100
ISIS-2697: simplifies secman's support for user registration
---
...UserRegistrationService_010-implementation.adoc | 26 +-------
.../apache/isis/core/config/IsisConfiguration.java | 19 ++++++
.../adoc/modules/secman/pages/setting-up.adoc | 20 ++++++
.../secman/model/IsisModuleExtSecmanModel.java | 4 +-
....java => UserRegistrationServiceForSecman.java} | 71 +++++++++++-----------
5 files changed, 79 insertions(+), 61 deletions(-)
diff --git a/antora/components/refguide-index/modules/applib/pages/index/services/userreg/hooks/UserRegistrationService_010-implementation.adoc b/antora/components/refguide-index/modules/applib/pages/index/services/userreg/hooks/UserRegistrationService_010-implementation.adoc
index 66c8c0b..243bc20 100644
--- a/antora/components/refguide-index/modules/applib/pages/index/services/userreg/hooks/UserRegistrationService_010-implementation.adoc
+++ b/antora/components/refguide-index/modules/applib/pages/index/services/userreg/hooks/UserRegistrationService_010-implementation.adoc
@@ -10,28 +10,6 @@ Rather, the implementation will depend on the security mechanism being used.
=== SecMan
-If you have configured your app to use the xref:security:ROOT:about.adoc[SecMan extension] then note that it _does_ provide an abstract implementation (`SecurityModuleAppUserRegistrationServiceAbstract`) of the `UserRegistrationService`.
-You will need to extend that service and provide implementation for the two abstract methods: `getInitialRole()` and `getAdditionalInitialRoles()`.
-This is needed so that the self-registered users are assigned automatically to your application role(s) and be able to use the application.
-Without any role such user will be able only to see/use the logout link of the application.
-
-For example:
-
-[source,java]
-----
-@Service
-public class AppUserRegistrationService
- extends SecurityModuleAppUserRegistrationServiceAbstract {
-
- protected ApplicationRole getInitialRole() {
- return applicationRoles.findRoleByName("regular-user");
- }
- protected Set<ApplicationRole> getAdditionalInitialRoles() {
- return Collections.singleton(
- applicationRoles.findRoleByName("self-registered-user"));
- }
-
- @Inject ApplicationRoles applicationRoles;
-}
-----
+If you have configured your app to use the xref:security:ROOT:about.adoc[SecMan extension] then note that it _does_ provide an implementation (`UserRegistrationServiceForSecman`) of this `UserRegistrationService`.
+This can be configured to set up initial roles; see xref:security:secman:setting-up.adoc#user-registration-aka-sign-up[secman docs] for details.
diff --git a/core/config/src/main/java/org/apache/isis/core/config/IsisConfiguration.java b/core/config/src/main/java/org/apache/isis/core/config/IsisConfiguration.java
index 835280f..aab2e3a 100644
--- a/core/config/src/main/java/org/apache/isis/core/config/IsisConfiguration.java
+++ b/core/config/src/main/java/org/apache/isis/core/config/IsisConfiguration.java
@@ -2947,7 +2947,26 @@ public class IsisConfiguration {
}
}
+ private final Secman secman = new Secman();
+ @Data
+ public static class Secman {
+ private final UserRegistration userRegistration = new UserRegistration();
+ @Data
+ public static class UserRegistration {
+ /**
+ * The set of roles that users registering with the app are granted
+ * automatically.
+ *
+ * <p>
+ * If using the wicket viewer, also requires
+ * {@link Viewer.Wicket#isSuppressSignUp() isis.viewer.wicket.suppress-signup} to be set
+ * <code>false</code>, along with any other of its other prereqs.
+ * </p>
+ */
+ private final List<String> initialRoleNames = new ArrayList<>();
+ }
+ }
}
private static List<String> listOf(final String ...values) {
diff --git a/extensions/security/secman/adoc/modules/secman/pages/setting-up.adoc b/extensions/security/secman/adoc/modules/secman/pages/setting-up.adoc
index 02d7b1e..670ced5 100644
--- a/extensions/security/secman/adoc/modules/secman/pages/setting-up.adoc
+++ b/extensions/security/secman/adoc/modules/secman/pages/setting-up.adoc
@@ -371,4 +371,24 @@ isisModuleSecurityRealm.delegateAuthenticationRealm=$ldapRealm #<.
<.> specify the LDAP realm as the delegate realm for SecMan's own realm.
+[#user-registration-aka-sign-up]
+== User registration (aka Sign-up)
+
+Secman provides an implementation of the xref:refguide:applib:index/services/userreg/UserRegistrationService.adoc[UserRegistrationService] SPI.
+This means, if the viewer supports it (eg the Wicket viewer's xref:vw::features/user-registration.adoc[sign-up support]), then end-users can sign-up to create an account via email.
+The Secman implementation sets up the user with appropriate initial roles.
+
+The exact roles to setup are specified using configuration property:
+
+[source,yaml]
+.application.yaml
+----
+isis:
+ extensions:
+ secman:
+ user-registration:
+ initial-roles:
+ - "self-registered-user-role"
+ - "regular-user-role"
+----
diff --git a/extensions/security/secman/model/src/main/java/org/apache/isis/extensions/secman/model/IsisModuleExtSecmanModel.java b/extensions/security/secman/model/src/main/java/org/apache/isis/extensions/secman/model/IsisModuleExtSecmanModel.java
index 23c9624..197836f 100644
--- a/extensions/security/secman/model/src/main/java/org/apache/isis/extensions/secman/model/IsisModuleExtSecmanModel.java
+++ b/extensions/security/secman/model/src/main/java/org/apache/isis/extensions/secman/model/IsisModuleExtSecmanModel.java
@@ -26,6 +26,7 @@ import org.apache.isis.extensions.secman.model.facets.TenantedAuthorizationPostP
import org.apache.isis.extensions.secman.model.seed.SeedSecurityModuleService;
import org.apache.isis.extensions.secman.model.spiimpl.ImpersonateMenuAdvisorForSecman;
import org.apache.isis.extensions.secman.model.spiimpl.TableColumnVisibilityServiceForSecman;
+import org.apache.isis.extensions.secman.model.userreg.UserRegistrationServiceForSecman;
/**
* @since 2.0 {@index}
@@ -35,10 +36,11 @@ import org.apache.isis.extensions.secman.model.spiimpl.TableColumnVisibilityServ
// Module
IsisModuleExtSecmanApi.class,
- // @Component
+ // @Component or @Service
TenantedAuthorizationPostProcessor.Register.class,
TableColumnVisibilityServiceForSecman.class,
ImpersonateMenuAdvisorForSecman.class, //not activated by default yet
+ UserRegistrationServiceForSecman.class,
SeedSecurityModuleService.class,
diff --git a/extensions/security/secman/model/src/main/java/org/apache/isis/extensions/secman/model/userreg/SecurityModuleAppUserRegistrationServiceAbstract.java b/extensions/security/secman/model/src/main/java/org/apache/isis/extensions/secman/model/userreg/UserRegistrationServiceForSecman.java
similarity index 58%
rename from extensions/security/secman/model/src/main/java/org/apache/isis/extensions/secman/model/userreg/SecurityModuleAppUserRegistrationServiceAbstract.java
rename to extensions/security/secman/model/src/main/java/org/apache/isis/extensions/secman/model/userreg/UserRegistrationServiceForSecman.java
index 7c38f95..a2cd8f0 100644
--- a/extensions/security/secman/model/src/main/java/org/apache/isis/extensions/secman/model/userreg/SecurityModuleAppUserRegistrationServiceAbstract.java
+++ b/extensions/security/secman/model/src/main/java/org/apache/isis/extensions/secman/model/userreg/UserRegistrationServiceForSecman.java
@@ -18,30 +18,46 @@
*/
package org.apache.isis.extensions.secman.model.userreg;
-import java.util.Set;
+import java.util.Optional;
import javax.inject.Inject;
+import javax.inject.Named;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Service;
+
+import org.apache.isis.applib.annotation.OrderPrecedence;
import org.apache.isis.applib.services.userreg.UserDetails;
import org.apache.isis.applib.services.userreg.UserRegistrationService;
import org.apache.isis.applib.value.Password;
import org.apache.isis.commons.internal.base._Strings;
-import org.apache.isis.extensions.secman.api.role.dom.ApplicationRole;
+import org.apache.isis.core.config.IsisConfiguration;
import org.apache.isis.extensions.secman.api.role.dom.ApplicationRoleRepository;
import org.apache.isis.extensions.secman.api.user.dom.ApplicationUser;
import org.apache.isis.extensions.secman.api.user.dom.ApplicationUserRepository;
import org.apache.isis.extensions.secman.api.user.dom.ApplicationUserStatus;
+import lombok.RequiredArgsConstructor;
+import lombok.val;
+
/**
- * An abstract implementation of {@link org.apache.isis.applib.services.userreg.UserRegistrationService}
- * with a single abstract method for the initial role of newly created local users
+ * An implementation of {@link org.apache.isis.applib.services.userreg.UserRegistrationService}
+ * to allow users to be automatically created with the configured initial
+ * role(s).
*
* @since 2.0 {@index}
*/
-public abstract class SecurityModuleAppUserRegistrationServiceAbstract implements UserRegistrationService {
+@Service
+@Named("isis.ext.secman.UserRegistrationServiceForSecman")
+@Order(OrderPrecedence.MIDPOINT)
+@Qualifier("SecMan")
+@RequiredArgsConstructor(onConstructor_ = {@Inject})
+public class UserRegistrationServiceForSecman implements UserRegistrationService {
- @Inject private ApplicationUserRepository applicationUserRepository;
- @Inject private ApplicationRoleRepository applicationRoleRepository;
+ private final ApplicationUserRepository applicationUserRepository;
+ private final ApplicationRoleRepository applicationRoleRepository;
+ private final IsisConfiguration isisConfiguration;
@Override
public boolean usernameExists(final String username) {
@@ -53,27 +69,21 @@ public abstract class SecurityModuleAppUserRegistrationServiceAbstract implement
final UserDetails userDetails) {
final Password password = new Password(userDetails.getPassword());
- final ApplicationRole initialRole = getInitialRole();
final String username = userDetails.getUsername();
final String emailAddress = userDetails.getEmailAddress();
- final ApplicationUser applicationUser = (ApplicationUser) applicationUserRepository
+ final ApplicationUser applicationUser = applicationUserRepository
.newLocalUser(username, password, ApplicationUserStatus.UNLOCKED);
if(_Strings.isNotEmpty(emailAddress)) {
applicationUser.setEmailAddress(emailAddress);
}
- if(initialRole!=null) {
- applicationRoleRepository.addRoleToUser(initialRole, applicationUser);
- }
-
- final Set<ApplicationRole> additionalRoles = getAdditionalInitialRoles();
- if(additionalRoles != null) {
- for (final ApplicationRole additionalRole : additionalRoles) {
- applicationRoleRepository.addRoleToUser(additionalRole, applicationUser);
- }
- }
+ isisConfiguration.getExtensions().getSecman().getUserRegistration().getInitialRoleNames().stream()
+ .map(applicationRoleRepository::findByName)
+ .filter(Optional::isPresent)
+ .map(Optional::get)
+ .forEach(role -> applicationRoleRepository.addRoleToUser(role, applicationUser));
}
@Override
@@ -83,23 +93,12 @@ public abstract class SecurityModuleAppUserRegistrationServiceAbstract implement
@Override
public boolean updatePasswordByEmail(final String emailAddress, final String password) {
- boolean passwordUpdated = false;
- final ApplicationUser user = applicationUserRepository.findByEmailAddress(emailAddress)
- .orElse(null);
- if (user != null) {
- passwordUpdated = applicationUserRepository.updatePassword(user, password);;
- }
- return passwordUpdated;
+ return applicationUserRepository.findByEmailAddress(emailAddress)
+ .map(user -> {
+ val passwordWasUpdated = applicationUserRepository.updatePassword(user, password);
+ return passwordWasUpdated;
+ })
+ .orElse(false);
}
- /**
- * @return The role to use for newly created local users
- */
- protected abstract ApplicationRole getInitialRole();
-
- /**
- * @return Additional roles for newly created local users
- */
- protected abstract Set<ApplicationRole> getAdditionalInitialRoles();
-
}
[isis] 02/03: ISIS-2694: deletes SecurityRealm and a bunch of other
classes
Posted by da...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch ISIS-2697
in repository https://gitbox.apache.org/repos/asf/isis.git
commit 9ed6497b8ddbe9ac24fffb2631c28f376e6d419d
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Tue May 25 18:14:36 2021 +0100
ISIS-2694: deletes SecurityRealm and a bunch of other classes
... no longer required
---
.../app/mixins/ApplicationUserManager_newDelegateUser.java | 12 ------------
.../secman/shiro/IsisModuleExtSecmanRealmShiro.java | 3 ---
.../secman/shiro/IsisModuleExtSecmanShiroRealm.java | 12 +-----------
3 files changed, 1 insertion(+), 26 deletions(-)
diff --git a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/app/mixins/ApplicationUserManager_newDelegateUser.java b/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/app/mixins/ApplicationUserManager_newDelegateUser.java
index 2c448eb..b17338d 100644
--- a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/app/mixins/ApplicationUserManager_newDelegateUser.java
+++ b/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/app/mixins/ApplicationUserManager_newDelegateUser.java
@@ -29,8 +29,6 @@ import org.apache.isis.applib.annotation.ParameterLayout;
import org.apache.isis.applib.services.repository.RepositoryService;
import org.apache.isis.extensions.secman.api.IsisModuleExtSecmanApi;
import org.apache.isis.extensions.secman.api.SecmanConfiguration;
-import org.apache.isis.extensions.secman.api.SecurityRealmCharacteristic;
-import org.apache.isis.extensions.secman.api.SecurityRealmService;
import org.apache.isis.extensions.secman.api.role.dom.ApplicationRole;
import org.apache.isis.extensions.secman.api.role.dom.ApplicationRoleRepository;
import org.apache.isis.extensions.secman.api.user.app.ApplicationUserManager;
@@ -40,7 +38,6 @@ import org.apache.isis.extensions.secman.api.user.dom.ApplicationUserRepository;
import org.apache.isis.extensions.secman.api.user.dom.ApplicationUserStatus;
import lombok.RequiredArgsConstructor;
-import lombok.val;
@Action(
domainEvent = DomainEvent.class
@@ -59,7 +56,6 @@ public class ApplicationUserManager_newDelegateUser {
@Inject private ApplicationUserRepository applicationUserRepository;
@Inject private SecmanConfiguration configBean;
@Inject private RepositoryService repository;
- @Inject private SecurityRealmService securityRealmService;
private final ApplicationUserManager target;
@@ -98,13 +94,5 @@ public class ApplicationUserManager_newDelegateUser {
}
- // -- HELPER
-
- private boolean hasNoDelegateAuthenticationRealm() {
- val realm = securityRealmService.getCurrentRealm();
- return realm == null
- || !realm.getCharacteristics()
- .contains(SecurityRealmCharacteristic.DELEGATING);
- }
}
diff --git a/extensions/security/secman/shiro-realm/src/main/java/org/apache/isis/extensions/secman/shiro/IsisModuleExtSecmanRealmShiro.java b/extensions/security/secman/shiro-realm/src/main/java/org/apache/isis/extensions/secman/shiro/IsisModuleExtSecmanRealmShiro.java
index f4f796b..05166ad 100644
--- a/extensions/security/secman/shiro-realm/src/main/java/org/apache/isis/extensions/secman/shiro/IsisModuleExtSecmanRealmShiro.java
+++ b/extensions/security/secman/shiro-realm/src/main/java/org/apache/isis/extensions/secman/shiro/IsisModuleExtSecmanRealmShiro.java
@@ -21,14 +21,11 @@ package org.apache.isis.extensions.secman.shiro;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
-import org.apache.isis.extensions.secman.shiro.services.SecurityRealmServiceUsingShiro;
-
/**
* @since 2.0 {@index}
*/
@Configuration
@Import({
- SecurityRealmServiceUsingShiro.class
})
public class IsisModuleExtSecmanRealmShiro {
diff --git a/extensions/security/secman/shiro-realm/src/main/java/org/apache/isis/extensions/secman/shiro/IsisModuleExtSecmanShiroRealm.java b/extensions/security/secman/shiro-realm/src/main/java/org/apache/isis/extensions/secman/shiro/IsisModuleExtSecmanShiroRealm.java
index f38c94a..66d2817 100644
--- a/extensions/security/secman/shiro-realm/src/main/java/org/apache/isis/extensions/secman/shiro/IsisModuleExtSecmanShiroRealm.java
+++ b/extensions/security/secman/shiro-realm/src/main/java/org/apache/isis/extensions/secman/shiro/IsisModuleExtSecmanShiroRealm.java
@@ -18,7 +18,6 @@
*/
package org.apache.isis.extensions.secman.shiro;
-import java.util.EnumSet;
import java.util.concurrent.Callable;
import java.util.function.Supplier;
@@ -46,8 +45,6 @@ import org.apache.isis.core.config.IsisConfiguration;
import org.apache.isis.core.interaction.session.InteractionFactory;
import org.apache.isis.core.security.authorization.Authorizor;
import org.apache.isis.extensions.secman.api.SecmanConfiguration;
-import org.apache.isis.extensions.secman.api.SecurityRealm;
-import org.apache.isis.extensions.secman.api.SecurityRealmCharacteristic;
import org.apache.isis.extensions.secman.api.encryption.PasswordEncryptionService;
import org.apache.isis.extensions.secman.api.user.dom.AccountType;
import org.apache.isis.extensions.secman.api.user.dom.ApplicationUserRepository;
@@ -60,7 +57,7 @@ import lombok.val;
/**
* @since 2.0 {@index}
*/
-public class IsisModuleExtSecmanShiroRealm extends AuthorizingRealm implements SecurityRealm {
+public class IsisModuleExtSecmanShiroRealm extends AuthorizingRealm {
private static final String SECMAN_UNLOCK_DELEGATED_USERS = "isis.ext.secman.unlockDelegatedUsers";
@Inject protected ServiceInjector serviceInjector;
@@ -164,13 +161,6 @@ public class IsisModuleExtSecmanShiroRealm extends AuthorizingRealm implements S
return principals.oneByType(PrincipalForApplicationUser.class);
}
- @Override
- public EnumSet<SecurityRealmCharacteristic> getCharacteristics() {
- if(hasDelegateAuthenticationRealm()) {
- return EnumSet.of(SecurityRealmCharacteristic.DELEGATING);
- }
- return EnumSet.noneOf(SecurityRealmCharacteristic.class);
- }
// -- HELPER
[isis] 01/03: ISIS-2694: removes guard to hide newDelegateUser
Posted by da...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch ISIS-2697
in repository https://gitbox.apache.org/repos/asf/isis.git
commit ce188b51830ba17848aaae5aaab3c6152fe382b8
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Tue May 25 18:08:16 2021 +0100
ISIS-2694: removes guard to hide newDelegateUser
so, even if the realm (eg shiro) isn't configured for delegates, we don't care anymore.
This will allow us to delete a bunch of code
---
.../isis/extensions/secman/api/SecurityRealm.java | 30 ------------
.../secman/api/SecurityRealmCharacteristic.java | 26 -----------
.../secman/api/SecurityRealmService.java | 28 -----------
.../ApplicationUserManager_newDelegateUser.java | 5 --
.../services/SecurityRealmServiceUsingShiro.java | 54 ----------------------
5 files changed, 143 deletions(-)
diff --git a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/SecurityRealm.java b/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/SecurityRealm.java
deleted file mode 100644
index 767ddc7..0000000
--- a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/SecurityRealm.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.isis.extensions.secman.api;
-
-import java.util.EnumSet;
-
-/**
- * @since 2.0 {@index}
- */
-public interface SecurityRealm {
-
- EnumSet<SecurityRealmCharacteristic> getCharacteristics();
-
-}
diff --git a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/SecurityRealmCharacteristic.java b/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/SecurityRealmCharacteristic.java
deleted file mode 100644
index 331a4e8..0000000
--- a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/SecurityRealmCharacteristic.java
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.isis.extensions.secman.api;
-
-/**
- * @since 2.0 {@index}
- */
-public enum SecurityRealmCharacteristic {
- DELEGATING
-}
diff --git a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/SecurityRealmService.java b/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/SecurityRealmService.java
deleted file mode 100644
index 6f45001..0000000
--- a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/SecurityRealmService.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.isis.extensions.secman.api;
-
-/**
- * @since 2.0 {@index}
- */
-public interface SecurityRealmService {
-
- SecurityRealm getCurrentRealm();
-
-}
diff --git a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/app/mixins/ApplicationUserManager_newDelegateUser.java b/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/app/mixins/ApplicationUserManager_newDelegateUser.java
index 6bb3f4f..2c448eb 100644
--- a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/app/mixins/ApplicationUserManager_newDelegateUser.java
+++ b/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/app/mixins/ApplicationUserManager_newDelegateUser.java
@@ -91,11 +91,6 @@ public class ApplicationUserManager_newDelegateUser {
}
@MemberSupport
- public boolean hideAct() {
- return hasNoDelegateAuthenticationRealm();
- }
-
- @MemberSupport
public ApplicationRole default1Act() {
return applicationRoleRepository
.findByNameCached(configBean.getRegularUserRoleName())
diff --git a/extensions/security/secman/shiro-realm/src/main/java/org/apache/isis/extensions/secman/shiro/services/SecurityRealmServiceUsingShiro.java b/extensions/security/secman/shiro-realm/src/main/java/org/apache/isis/extensions/secman/shiro/services/SecurityRealmServiceUsingShiro.java
deleted file mode 100644
index 40fc0d2..0000000
--- a/extensions/security/secman/shiro-realm/src/main/java/org/apache/isis/extensions/secman/shiro/services/SecurityRealmServiceUsingShiro.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.isis.extensions.secman.shiro.services;
-
-import javax.inject.Inject;
-import javax.inject.Named;
-
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.core.annotation.Order;
-import org.springframework.stereotype.Service;
-
-import org.apache.isis.applib.annotation.OrderPrecedence;
-import org.apache.isis.applib.services.inject.ServiceInjector;
-import org.apache.isis.extensions.secman.api.SecurityRealm;
-import org.apache.isis.extensions.secman.api.SecurityRealmService;
-import org.apache.isis.extensions.secman.shiro.util.ShiroUtils;
-
-import lombok.val;
-
-/**
- * @since 2.0 {@index}
- */
-@Service
-@Named("isis.ext.secman.SecurityRealmServiceUsingShiro")
-@Order(OrderPrecedence.MIDPOINT)
-@Qualifier("Shiro")
-public class SecurityRealmServiceUsingShiro implements SecurityRealmService {
-
- @Inject private ServiceInjector serviceInjector;
-
- @Override
- public SecurityRealm getCurrentRealm() {
- val realm = ShiroUtils.getIsisModuleSecurityRealm();
- serviceInjector.injectServicesInto(realm);
- return realm;
- }
-
-}