shiro-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lhazlew...@apache.org
Subject svn commit: r892346 [1/2] - in /incubator/shiro/trunk: core/src/main/java/org/apache/shiro/authc/ core/src/main/java/org/apache/shiro/authz/ core/src/main/java/org/apache/shiro/mgt/ core/src/main/java/org/apache/shiro/session/ core/src/main/java/org/ap...
Date Fri, 18 Dec 2009 18:52:53 GMT
Author: lhazlewood
Date: Fri Dec 18 18:52:39 2009
New Revision: 892346

URL: http://svn.apache.org/viewvc?rev=892346&view=rev
Log:
SHIRO-121 - removed all references to java.net.InetAddress and replaced with Strings.  All tests pass.

Added:
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/HostAuthenticationToken.java
Removed:
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/InetAuthenticationToken.java
Modified:
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/AuthenticationToken.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/UsernamePasswordToken.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authz/HostUnauthorizedException.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSubjectFactory.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SessionsSecurityManager.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SubjectFactory.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/ProxiedSession.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/Session.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractSessionManager.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionManager.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DelegatingSession.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionFactory.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionManager.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSession.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSessionFactory.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/DelegatingSubject.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/Subject.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/SubjectThreadState.java
    incubator/shiro/trunk/core/src/main/java/org/apache/shiro/util/ThreadContext.java
    incubator/shiro/trunk/core/src/test/java/org/apache/shiro/realm/AuthorizingRealmTest.java
    incubator/shiro/trunk/core/src/test/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealmTest.java
    incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DefaultSessionManagerTest.java
    incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DelegatingSessionTest.java
    incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationExecutor.java
    incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactory.java
    incubator/shiro/trunk/support/spring/src/test/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactoryTest.java
    incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/WebUtils.java
    incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/filter/authc/AuthenticatingFilter.java
    incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/mgt/DefaultWebSubjectFactory.java
    incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/session/DelegatingWebSessionManager.java
    incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/session/ServletContainerSessionManager.java
    incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/session/WebSession.java
    incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/subject/WebDelegatingSubject.java
    incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/subject/support/WebSubjectThreadState.java
    incubator/shiro/trunk/web/src/test/java/org/apache/shiro/web/DelegatingWebSecurityManagerTest.java

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/AuthenticationToken.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/AuthenticationToken.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/AuthenticationToken.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/AuthenticationToken.java Fri Dec 18 18:52:39 2009
@@ -23,29 +23,29 @@
 /**
  * <p>An <tt>AuthenticationToken</tt> is a consolidation of an account's principals and supporting
  * credentials submitted by a user during an authentication attempt.
- *
+ * <p/>
  * <p>The token is submitted to an {@link Authenticator Authenticator} via the
  * {@link Authenticator#authenticate(AuthenticationToken) authenticate(token)} method.  The
  * Authenticator then executes the authentication/log-in process.
- *
+ * <p/>
  * <p>Common implementations of an <tt>AuthenticationToken</tt> would have username/password
  * pairs, X.509 Certificate, PGP key, or anything else you can think of.  The token can be
  * anything needed by an {@link Authenticator} to authenticate properly.
- *
+ * <p/>
  * <p>Because applications represent user data and credentials in different ways, implementations
  * of this interface are application-specific.  You are free to acquire a user's principals and
  * credentials however you wish (e.g. web form, Swing form, fingerprint identification, etc) and
  * then submit them to the Shiro framework in the form of an implementation of this
  * interface.
- *
+ * <p/>
  * <p>If your application's authentication process is  username/password based
  * (like most), instead of implementing this interface yourself, take a look at the
  * {@link UsernamePasswordToken UsernamePasswordToken} class, as it is probably sufficient for your needs.
- *
+ * <p/>
  * <p>RememberMe services are enabled for a token if they implement a sub-interface of this one, called
  * {@link RememberMeAuthenticationToken RememberMeAuthenticationToken}.  Implement that interfac if you need
  * RememberMe services (the <tt>UsernamePasswordToken</tt> already implements this interface).
- *
+ * <p/>
  * <p>If you are familiar with JAAS, an <tt>AuthenticationToken</tt> replaces the concept of a
  * {@link javax.security.auth.callback.Callback}, and  defines meaningful behavior
  * (<tt>Callback</tt> is just a marker interface, and of little use).  We
@@ -54,7 +54,7 @@
  *
  * @author Les Hazlewood
  * @see RememberMeAuthenticationToken
- * @see InetAuthenticationToken
+ * @see HostAuthenticationToken
  * @see UsernamePasswordToken
  * @since 0.1
  */
@@ -62,12 +62,12 @@
 
     /**
      * Returns the account identity submitted during the authentication process.
-     *
+     * <p/>
      * <p>Most application authentications are username/password based and have this
      * object represent a username.  If this is the case for your application,
      * take a look at the {@link UsernamePasswordToken UsernamePasswordToken}, as it is probably
      * sufficient for your use.
-     *
+     * <p/>
      * <p>Ultimately, the object returned is application specific and can represent
      * any account identity (user id, X.509 certificate, etc).
      *
@@ -79,12 +79,12 @@
     /**
      * Returns the credentials submitted by the user during the authentication process that verifies
      * the submitted {@link #getPrincipal() account identity}.
-     *
+     * <p/>
      * <p>Most application authentications are username/password based and have this object
      * represent a submitted password.  If this is the case for your application,
      * take a look at the {@link UsernamePasswordToken UsernamePasswordToken}, as it is probably
      * sufficient for your use.
-     *
+     * <p/>
      * <p>Ultimately, the credentials Object returned is application specific and can represent
      * any credential mechanism.
      *

Added: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/HostAuthenticationToken.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/HostAuthenticationToken.java?rev=892346&view=auto
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/HostAuthenticationToken.java (added)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/HostAuthenticationToken.java Fri Dec 18 18:52:39 2009
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.shiro.authc;
+
+/**
+ * A {@code HostAuthenticationToken} retains the host information from where
+ * an authentication attempt originates.
+ *
+ * @author The Apache Shiro Project (shiro-dev@incubator.apache.org)
+ * @since 1.0
+ */
+public interface HostAuthenticationToken {
+
+    /**
+     * Returns the host name of the client from where the
+     * authentication attempt originates or if the Shiro environment cannot or
+     * chooses not to resolve the hostname to improve performance, this method
+     * returns the String representation of the client's IP address.
+     * <p/>
+     * When used in web environments, this value is usually the same as the
+     * {@code ServletRequest.getRemoteHost()} value.
+     *
+     * @return the fully qualified name of the client from where the
+     *         authentication attempt originates or the String representation
+     *         of the client's IP address is hostname resolution is not
+     *         available or disabled.
+     */
+    String getHost();
+}

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/UsernamePasswordToken.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/UsernamePasswordToken.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/UsernamePasswordToken.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authc/UsernamePasswordToken.java Fri Dec 18 18:52:39 2009
@@ -18,28 +18,25 @@
  */
 package org.apache.shiro.authc;
 
-import java.net.InetAddress;
-
-
 /**
  * <p>A simple username/password authentication token to support the most widely-used authentication mechanism.  This
  * class also implements the {@link RememberMeAuthenticationToken RememberMeAuthenticationToken} interface to support
  * &quot;Remember Me&quot; services across user sessions as well as the
- * {@link org.apache.shiro.authc.InetAuthenticationToken InetAuthenticationToken} interface to retain the IP address location from where the
- * authentication attempt is occuring.</p>
- *
+ * {@link org.apache.shiro.authc.HostAuthenticationToken HostAuthenticationToken} interface to retain the host name
+ * or IP address location from where the authentication attempt is occuring.</p>
+ * <p/>
  * <p>&quot;Remember Me&quot; authentications are disabled by default, but if the application developer wishes to allow
  * it for a login attempt, all that is necessary is to call {@link #setRememberMe setRememberMe(true)}.  If the underlying
  * <tt>SecurityManager</tt> implementation also supports <tt>RememberMe</tt> services, the user's identity will be
  * remembered across sessions.
- *
+ * <p/>
  * <p>Note that this class stores a password as a char[] instead of a String
  * (which may seem more logical).  This is because Strings are immutable and their
  * internal value cannot be overwritten - meaning even a nulled String instance might be accessible in memory at a later
  * time (e.g. memory dump).  This is not good for sensitive information such as passwords. For more information, see the
  * <a href="http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide.html#PBEEx">
  * Java Cryptography Extension Reference Guide</a>.</p>
- *
+ * <p/>
  * <p>To avoid this possibility of later memory access, the application developer should always call
  * {@link #clear() clear()} after using the token to perform a login attempt.</p>
  *
@@ -47,7 +44,7 @@
  * @author Les Hazlewood
  * @since 0.1
  */
-public class UsernamePasswordToken implements InetAuthenticationToken, RememberMeAuthenticationToken {
+public class UsernamePasswordToken implements HostAuthenticationToken, RememberMeAuthenticationToken {
 
     /*--------------------------------------------
     |             C O N S T A N T S             |
@@ -56,22 +53,27 @@
     /*--------------------------------------------
     |    I N S T A N C E   V A R I A B L E S    |
     ============================================*/
-    /** The username */
+    /**
+     * The username
+     */
     private String username;
 
-    /** The password, in char[] format */
+    /**
+     * The password, in char[] format
+     */
     private char[] password;
 
     /**
      * Whether or not 'rememberMe' should be enabled for the corresponding login attempt;
-     * default is <code>false</code> */
+     * default is <code>false</code>
+     */
     private boolean rememberMe = false;
 
     /**
      * The location from where the login attempt occurs, or <code>null</code> if not known or explicitly
      * omitted.
      */
-    private InetAddress inetAddress;
+    private String host;
 
     /*--------------------------------------------
     |         C O N S T R U C T O R S           |
@@ -85,7 +87,7 @@
 
     /**
      * Constructs a new UsernamePasswordToken encapsulating the username and password submitted
-     * during an authentication attempt, with a <tt>null</tt> {@link #getInetAddress() inetAddress} and a
+     * during an authentication attempt, with a <tt>null</tt> {@link #getHost() host} and a
      * <tt>rememberMe</tt> default of <tt>false</tt>.
      *
      * @param username the username submitted for authentication
@@ -97,9 +99,9 @@
 
     /**
      * Constructs a new UsernamePasswordToken encapsulating the username and password submitted
-     * during an authentication attempt, with a <tt>null</tt> {@link #getInetAddress() inetAddress} and
+     * during an authentication attempt, with a <tt>null</tt> {@link #getHost() host} and
      * a <tt>rememberMe</tt> default of <tt>false</tt>
-     *
+     * <p/>
      * <p>This is a convience constructor and maintains the password internally via a character
      * array, i.e. <tt>password.toCharArray();</tt>.  Note that storing a password as a String
      * in your code could have possible security implications as noted in the class JavaDoc.</p>
@@ -115,30 +117,30 @@
      * Constructs a new UsernamePasswordToken encapsulating the username and password submitted, the
      * inetAddress from where the attempt is occurring, and a default <tt>rememberMe</tt> value of <tt>false</tt>
      *
-     * @param username    the username submitted for authentication
-     * @param password    the password string submitted for authentication
-     * @param inetAddress the inetAddress from where the attempt is occuring
+     * @param username the username submitted for authentication
+     * @param password the password string submitted for authentication
+     * @param host     the host name or IP string from where the attempt is occuring
      * @since 0.2
      */
-    public UsernamePasswordToken(final String username, final char[] password, final InetAddress inetAddress) {
-        this(username, password, false, inetAddress);
+    public UsernamePasswordToken(final String username, final char[] password, final String host) {
+        this(username, password, false, host);
     }
 
     /**
      * Constructs a new UsernamePasswordToken encapsulating the username and password submitted, the
      * inetAddress from where the attempt is occurring, and a default <tt>rememberMe</tt> value of <tt>false</tt>
-     *
+     * <p/>
      * <p>This is a convience constructor and maintains the password internally via a character
      * array, i.e. <tt>password.toCharArray();</tt>.  Note that storing a password as a String
      * in your code could have possible security implications as noted in the class JavaDoc.</p>
      *
-     * @param username    the username submitted for authentication
-     * @param password    the password string submitted for authentication
-     * @param inetAddress the inetAddress from where the attempt is occuring
-     * @since 0.2
+     * @param username the username submitted for authentication
+     * @param password the password string submitted for authentication
+     * @param host     the host name or IP string from where the attempt is occuring
+     * @since 1.0
      */
-    public UsernamePasswordToken(final String username, final String password, final InetAddress inetAddress) {
-        this(username, password != null ? password.toCharArray() : null, false, inetAddress);
+    public UsernamePasswordToken(final String username, final String password, final String host) {
+        this(username, password != null ? password.toCharArray() : null, false, host);
     }
 
     /**
@@ -157,7 +159,7 @@
     /**
      * Constructs a new UsernamePasswordToken encapsulating the username and password submitted, as well as if the user
      * wishes their identity to be remembered across sessions.
-     *
+     * <p/>
      * <p>This is a convience constructor and maintains the password internally via a character
      * array, i.e. <tt>password.toCharArray();</tt>.  Note that storing a password as a String
      * in your code could have possible security implications as noted in the class JavaDoc.</p>
@@ -175,39 +177,39 @@
      * Constructs a new UsernamePasswordToken encapsulating the username and password submitted, if the user
      * wishes their identity to be remembered across sessions, and the inetAddress from where the attempt is ocurring.
      *
-     * @param username    the username submitted for authentication
-     * @param password    the password character array submitted for authentication
-     * @param rememberMe  if the user wishes their identity to be remembered across sessions
-     * @param inetAddress the inetAddress from where the attempt is occuring
-     * @since 0.9
+     * @param username   the username submitted for authentication
+     * @param password   the password character array submitted for authentication
+     * @param rememberMe if the user wishes their identity to be remembered across sessions
+     * @param host       the host name or IP string from where the attempt is occuring
+     * @since 1.0
      */
     public UsernamePasswordToken(final String username, final char[] password,
-                                 final boolean rememberMe, final InetAddress inetAddress) {
+                                 final boolean rememberMe, final String host) {
 
         this.username = username;
         this.password = password;
         this.rememberMe = rememberMe;
-        this.inetAddress = inetAddress;
+        this.host = host;
     }
 
 
     /**
      * Constructs a new UsernamePasswordToken encapsulating the username and password submitted, if the user
      * wishes their identity to be remembered across sessions, and the inetAddress from where the attempt is ocurring.
-     *
+     * <p/>
      * <p>This is a convience constructor and maintains the password internally via a character
      * array, i.e. <tt>password.toCharArray();</tt>.  Note that storing a password as a String
      * in your code could have possible security implications as noted in the class JavaDoc.</p>
      *
-     * @param username    the username submitted for authentication
-     * @param password    the password string submitted for authentication
-     * @param rememberMe  if the user wishes their identity to be remembered across sessions
-     * @param inetAddress the inetAddress from where the attempt is occuring
-     * @since 0.9
+     * @param username   the username submitted for authentication
+     * @param password   the password string submitted for authentication
+     * @param rememberMe if the user wishes their identity to be remembered across sessions
+     * @param host       the host name or IP string from where the attempt is occuring
+     * @since 1.0
      */
     public UsernamePasswordToken(final String username, final String password,
-                                 final boolean rememberMe, final InetAddress inetAddress) {
-        this(username, password != null ? password.toCharArray() : null, rememberMe, inetAddress);
+                                 final boolean rememberMe, final String host) {
+        this(username, password != null ? password.toCharArray() : null, rememberMe, host);
     }
 
     /*--------------------------------------------
@@ -272,33 +274,32 @@
     }
 
     /**
-     * Returns the inetAddress from where the authentication attempt occurs.  May be <tt>null</tt> if the inetAddress
-     * is unknown or explicitly omitted.  It is up to the Authenticator implementation processing this token if
-     * an authentication attempt without an inetAddress is valid or not.
-     *
-     * <p>(Shiro's default Authenticator
-     * allows <tt>null</tt> IPs to support localhost and proxy server environments).</p>
+     * Returns the host name or IP string from where the authentication attempt occurs.  May be <tt>null</tt> if the
+     * host name/IP is unknown or explicitly omitted.  It is up to the Authenticator implementation processing this
+     * token if an authentication attempt without a host is valid or not.
+     * <p/>
+     * <p>(Shiro's default Authenticator allows <tt>null</tt> hosts to support localhost and proxy server environments).</p>
      *
-     * @return the inetAddress from where the authentication attempt occurs, or <tt>null</tt> if it is unknown or
+     * @return the host from where the authentication attempt occurs, or <tt>null</tt> if it is unknown or
      *         explicitly omitted.
-     * @since 0.2
+     * @since 1.0
      */
-    public InetAddress getInetAddress() {
-        return inetAddress;
+    public String getHost() {
+        return host;
     }
 
     /**
-     * Sets the inetAddress from where the authentication attempt occurs.  It is up to the Authenticator
-     * implementation processing this token if an authentication attempt without an inetAddress is valid or not.
-     *
+     * Sets the host name or IP string from where the authentication attempt occurs.  It is up to the Authenticator
+     * implementation processing this token if an authentication attempt without a host is valid or not.
+     * <p/>
      * <p>(Shiro's default Authenticator
-     * allows <tt>null</tt> IPs to allow localhost and proxy server environments).</p>
+     * allows <tt>null</tt> hosts to allow localhost and proxy server environments).</p>
      *
-     * @param inetAddress the inetAddress from where the authentication attempt occurs.
-     * @since 0.2
+     * @param host the host name or IP string from where the attempt is occuring
+     * @since 1.0
      */
-    public void setInetAddress(InetAddress inetAddress) {
-        this.inetAddress = inetAddress;
+    public void setHost(String host) {
+        this.host = host;
     }
 
     /**
@@ -335,7 +336,7 @@
      */
     public void clear() {
         this.username = null;
-        this.inetAddress = null;
+        this.host = null;
         this.rememberMe = false;
 
         if (this.password != null) {
@@ -361,8 +362,8 @@
         sb.append(" - ");
         sb.append(username);
         sb.append(", rememberMe=").append(rememberMe);
-        if (inetAddress != null) {
-            sb.append(" (").append(inetAddress).append(")");
+        if (host != null) {
+            sb.append(" (").append(host).append(")");
         }
         return sb.toString();
     }

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authz/HostUnauthorizedException.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authz/HostUnauthorizedException.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authz/HostUnauthorizedException.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/authz/HostUnauthorizedException.java Fri Dec 18 18:52:39 2009
@@ -18,20 +18,18 @@
  */
 package org.apache.shiro.authz;
 
-import java.net.InetAddress;
-
 /**
  * Thrown when a particular client (that is, host address) has not been enabled to access the system
  * or if the client has been enabled access but is not permitted to perform a particluar operation
  * or access a particular resource.
  *
  * @author Les Hazlewood
- * @see org.apache.shiro.session.mgt.SessionManager#start(java.net.InetAddress)
+ * @see org.apache.shiro.session.mgt.SessionManager#start(String)
  * @since 0.1
  */
 public class HostUnauthorizedException extends UnauthorizedException {
 
-    private InetAddress hostAddress;
+    private String host;
 
     /**
      * Creates a new HostUnauthorizedException.
@@ -69,31 +67,20 @@
     }
 
     /**
-     * Constructs a new HostUnauthorizedException associated with the given host address.
-     *
-     * @param hostAddress the address of the host unauthorized to perform a particular action or
-     *                    access a particular resource.
-     */
-    public HostUnauthorizedException(InetAddress hostAddress) {
-        this("The system is not cofigured to allow access for host [" +
-                hostAddress.getHostAddress() + "]");
-    }
-
-    /**
-     * Returns the host address associated with this exception.
+     * Returns the host associated with this exception.
      *
-     * @return the host address associated with this exception.
+     * @return the host associated with this exception.
      */
-    public InetAddress getHostAddress() {
-        return this.hostAddress;
+    public String getHost() {
+        return this.host;
     }
 
     /**
-     * Sets the host address associated with this exception.
+     * Sets the host associated with this exception.
      *
-     * @param hostAddress the host address associated with this exception.
+     * @param host the host associated with this exception.
      */
-    public void setHostAddress(InetAddress hostAddress) {
-        this.hostAddress = hostAddress;
+    public void setHostAddress(String host) {
+        this.host = host;
     }
 }

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSubjectFactory.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSubjectFactory.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSubjectFactory.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSubjectFactory.java Fri Dec 18 18:52:39 2009
@@ -20,14 +20,12 @@
 
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.authc.InetAuthenticationToken;
+import org.apache.shiro.authc.HostAuthenticationToken;
 import org.apache.shiro.session.Session;
 import org.apache.shiro.subject.DelegatingSubject;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.apache.shiro.subject.Subject;
-import org.apache.shiro.util.ThreadContext;
 
-import java.net.InetAddress;
 import java.util.Map;
 
 
@@ -119,29 +117,24 @@
         return session;
     }
 
-    protected InetAddress getInetAddress(Map context, Session session) {
-        InetAddress inet = getTypedValue(context, SubjectFactory.INET_ADDRESS, InetAddress.class);
+    protected String getHost(Map context, Session session) {
+        String host = getTypedValue(context, SubjectFactory.HOST, String.class);
 
-        if (inet == null) {
+        if (host == null) {
             //check to see if there is an AuthenticationToken from which to retrieve it:
             AuthenticationToken token = getTypedValue(context, SubjectFactory.AUTHENTICATION_TOKEN, AuthenticationToken.class);
-            if (token instanceof InetAuthenticationToken) {
-                inet = ((InetAuthenticationToken) token).getInetAddress();
+            if (token instanceof HostAuthenticationToken) {
+                host = ((HostAuthenticationToken) token).getHost();
             }
         }
 
-        if (inet == null) {
+        if (host == null) {
             if (session != null) {
-                inet = session.getHostAddress();
+                host = session.getHost();
             }
         }
 
-        if (inet == null) {
-            //fall back to the thread local if it exists:
-            inet = ThreadContext.getInetAddress();
-        }
-
-        return inet;
+        return host;
     }
 
     protected boolean isAuthenticated(Map context, Session session) {
@@ -166,12 +159,12 @@
         Session session = getSession(context);
         PrincipalCollection principals = getPrincipals(context, session);
         boolean authenticated = isAuthenticated(context, session);
-        InetAddress inet = getInetAddress(context, session);
-        return newSubjectInstance(principals, authenticated, inet, session, getSecurityManager());
+        String host = getHost(context, session);
+        return newSubjectInstance(principals, authenticated, host, session, getSecurityManager());
     }
 
-    protected Subject newSubjectInstance(PrincipalCollection principals, boolean authenticated, InetAddress inet,
+    protected Subject newSubjectInstance(PrincipalCollection principals, boolean authenticated, String host,
                                          Session session, SecurityManager securityManager) {
-        return new DelegatingSubject(principals, authenticated, inet, session, securityManager);
+        return new DelegatingSubject(principals, authenticated, host, session, securityManager);
     }
 }

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SessionsSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SessionsSecurityManager.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SessionsSecurityManager.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SessionsSecurityManager.java Fri Dec 18 18:52:39 2009
@@ -30,7 +30,6 @@
 import org.apache.shiro.util.LifecycleUtils;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 import java.util.Collection;
 import java.util.Date;
 import java.util.Map;
@@ -75,11 +74,11 @@
      * Sets the underlying delegate {@link SessionManager} instance that will be used to support this implementation's
      * <tt>SessionManager</tt> method calls.
      * <p/>
-     * <p>This <tt>SecurityManager</tt> implementation does not provide logic to support the inherited
+     * This <tt>SecurityManager</tt> implementation does not provide logic to support the inherited
      * <tt>SessionManager</tt> interface, but instead delegates these calls to an internal
      * <tt>SessionManager</tt> instance.
      * <p/>
-     * <p>If a <tt>SessionManager</tt> instance is not set, a default one will be automatically created and
+     * If a <tt>SessionManager</tt> instance is not set, a default one will be automatically created and
      * initialized appropriately for the the existing runtime environment.
      *
      * @param sessionManager delegate instance to use to support this manager's <tt>SessionManager</tt> method calls.
@@ -160,11 +159,11 @@
      * This is a convenience method that allows registration of SessionListeners with the underlying delegate
      * SessionManager at startup.
      * <p/>
-     * <p>This is more convenient than having to configure your own SessionManager instance, inject the listeners on
+     * This is more convenient than having to configure your own SessionManager instance, inject the listeners on
      * it, and then set that SessionManager instance as an attribute of this class.  Instead, you can just rely
      * on the <tt>SecurityManager</tt> to apply these <tt>SessionListener</tt>s on your behalf.
      * <p/>
-     * <p>One notice however: The underlying SessionManager delegate must implement the
+     * One notice however: The underlying SessionManager delegate must implement the
      * {@link SessionListenerRegistrar SessionListenerRegistrar} interface in order for these listeners to
      * be applied.  If it does not implement this interface, it is considered a configuration error and an exception
      * will be thrown.
@@ -270,8 +269,8 @@
                 ((SessionListenerRegistrar) this.sessionManager).remove(listener);
     }
 
-    public Serializable start(InetAddress originatingHost) throws AuthorizationException {
-        return this.sessionManager.start(originatingHost);
+    public Serializable start(String host) throws AuthorizationException {
+        return this.sessionManager.start(host);
     }
 
     public Serializable start(Map initData) throws AuthorizationException {
@@ -306,8 +305,8 @@
         this.sessionManager.touch(sessionId);
     }
 
-    public InetAddress getHostAddress(Serializable sessionId) {
-        return this.sessionManager.getHostAddress(sessionId);
+    public String getHost(Serializable sessionId) {
+        return this.sessionManager.getHost(sessionId);
     }
 
     public void stop(Serializable sessionId) throws InvalidSessionException {

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SubjectFactory.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SubjectFactory.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SubjectFactory.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SubjectFactory.java Fri Dec 18 18:52:39 2009
@@ -44,6 +44,8 @@
 
     public static final String AUTHENTICATED = SubjectFactory.class.getName() + ".AUTHENTICATED";
 
+    public static final String HOST = SubjectFactory.class.getName() + ".HOST";
+
     public static final String INET_ADDRESS = SubjectFactory.class.getName() + ".INET_ADDRESS";
 
     public static final String SERVLET_REQUEST = SubjectFactory.class.getName() + ".SERVLET_REQUEST";

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/ProxiedSession.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/ProxiedSession.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/ProxiedSession.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/ProxiedSession.java Fri Dec 18 18:52:39 2009
@@ -19,7 +19,6 @@
 package org.apache.shiro.session;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 import java.util.Collection;
 import java.util.Date;
 
@@ -91,8 +90,8 @@
     /**
      * Immediately delegates to the underlying proxied session.
      */
-    public InetAddress getHostAddress() {
-        return delegate.getHostAddress();
+    public String getHost() {
+        return delegate.getHost();
     }
 
     /**

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/Session.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/Session.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/Session.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/Session.java Fri Dec 18 18:52:39 2009
@@ -19,7 +19,6 @@
 package org.apache.shiro.session;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 import java.util.Collection;
 import java.util.Date;
 
@@ -102,14 +101,14 @@
     void setTimeout(long maxIdleTimeInMillis) throws InvalidSessionException;
 
     /**
-     * Returns the {@code InetAddress} of the host that originated this session, or {@code null}
-     * if the host address is unknown.
+     * Returns the host name or IP string of the host that originated this session, or {@code null}
+     * if the host is unknown.
      *
-     * @return the {@code InetAddress} of the host that originated this session, or {@code null}
+     * @return the host name or IP string of the host that originated this session, or {@code null}
      *         if the host address is unknown.
-     * @see org.apache.shiro.session.mgt.SessionManager#start(java.net.InetAddress)
+     * @see org.apache.shiro.session.mgt.SessionManager#start(String)
      */
-    InetAddress getHostAddress();
+    String getHost();
 
     /**
      * Explicitly updates the {@link #getLastAccessTime() lastAccessTime} of this session to the current time when

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractSessionManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractSessionManager.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractSessionManager.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractSessionManager.java Fri Dec 18 18:52:39 2009
@@ -21,11 +21,11 @@
 import org.apache.shiro.authz.AuthorizationException;
 import org.apache.shiro.authz.HostUnauthorizedException;
 import org.apache.shiro.session.*;
+import org.apache.shiro.util.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 import java.util.*;
 
 
@@ -102,11 +102,11 @@
         return this.listeners.remove(listener);
     }
 
-    public Serializable start(InetAddress originatingHost) throws AuthorizationException {
-        Map<String, InetAddress> initData = null;
-        if (originatingHost != null) {
-            initData = new HashMap<String, InetAddress>();
-            initData.put(SessionFactory.ORIGINATING_HOST_KEY, originatingHost);
+    public Serializable start(String host) throws AuthorizationException {
+        Map<String, String> initData = null;
+        if (StringUtils.hasText(host)) {
+            initData = new HashMap<String, String>();
+            initData.put(SessionFactory.HOST_KEY, host);
         }
         return start(initData);
     }
@@ -190,8 +190,8 @@
         onChange(s);
     }
 
-    public InetAddress getHostAddress(Serializable sessionId) {
-        return getSession(sessionId).getHostAddress();
+    public String getHost(Serializable sessionId) {
+        return getSession(sessionId).getHost();
     }
 
     public void stop(Serializable sessionId) throws InvalidSessionException {

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionManager.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionManager.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionManager.java Fri Dec 18 18:52:39 2009
@@ -136,7 +136,7 @@
     protected Session doCreateSession(Map initData) {
         Session s = newSessionInstance(initData);
         if (log.isTraceEnabled()) {
-            log.trace("Creating session for host {}", s.getHostAddress());
+            log.trace("Creating session for host {}", s.getHost());
         }
         create(s);
         return s;

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DelegatingSession.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DelegatingSession.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DelegatingSession.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DelegatingSession.java Fri Dec 18 18:52:39 2009
@@ -22,7 +22,6 @@
 import org.apache.shiro.session.Session;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 import java.util.Collection;
 import java.util.Date;
 
@@ -51,7 +50,7 @@
 
     //cached fields to avoid a server-side method call if out-of-process:
     private Date startTimestamp = null;
-    private InetAddress hostAddress = null;
+    private String host = null;
 
     /**
      * Handle to a server-side SessionManager.  See {@link #setSessionManager} for details.
@@ -73,9 +72,9 @@
         this.id = id;
     }
 
-    public DelegatingSession(SessionManager sessionManager, Serializable id, InetAddress hostAddress) {
+    public DelegatingSession(SessionManager sessionManager, Serializable id, String host) {
         this(sessionManager, id);
-        this.hostAddress = hostAddress;
+        this.host = host;
     }
 
     /**
@@ -153,14 +152,11 @@
         sessionManager.setTimeout(id, maxIdleTimeInMillis);
     }
 
-    /**
-     * @see org.apache.shiro.session.Session#getHostAddress()
-     */
-    public InetAddress getHostAddress() {
-        if (hostAddress == null) {
-            hostAddress = sessionManager.getHostAddress(id);
+    public String getHost() {
+        if (host == null) {
+            host = sessionManager.getHost(id);
         }
-        return hostAddress;
+        return host;
     }
 
     /**

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionFactory.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionFactory.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionFactory.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionFactory.java Fri Dec 18 18:52:39 2009
@@ -20,7 +20,6 @@
 
 import org.apache.shiro.session.Session;
 
-import java.net.InetAddress;
 import java.util.Map;
 
 /**
@@ -36,15 +35,17 @@
 public interface SessionFactory {
 
     /**
-     * The key under which an originating host's {@link InetAddress InetAddress} may be found in the
+     * The key under which an originating host's host name or IP (as a String) may be found in the
      * {@code initData} {@code Map} argument passed to the {@link #createSession(java.util.Map) createSession} method.
+     *
+     * @since 1.0
      */
-    public static final String ORIGINATING_HOST_KEY = SessionFactory.class.getName() + ".originatingHost";
+    public static final String HOST_KEY = SessionFactory.class.getName() + ".HOST_KEY";
 
     /**
      * Creates a new {@code Session} instance based on the specified initialization data.  The originating host's
-     * IP (InetAddress}, if available, should be accessible in the {@code Map} under the
-     * {@link #ORIGINATING_HOST_KEY} key.  If not available, no value will be returned for that key ({@code null}).
+     * host name or IP (String), if available, should be accessible in the {@code Map} under the
+     * {@link #HOST_KEY} key.  If not available, no value will be returned for that key ({@code null}).
      *
      * @param initData the initialization data to be used during {@link Session} instantiation.
      * @return a new {@code Session} instance.

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionManager.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionManager.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionManager.java Fri Dec 18 18:52:39 2009
@@ -23,7 +23,6 @@
 import org.apache.shiro.session.InvalidSessionException;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 import java.util.Collection;
 import java.util.Date;
 import java.util.Map;
@@ -38,44 +37,45 @@
 public interface SessionManager {
 
     /**
-     * Starts a new session within the system for the host with the specified originating IP address.
+     * Starts a new session within the system for the host with the specified originating host or IP address string.
      * <p/>
      * An implementation of this interface may be configured to allow a {@code null} argument,
-     * thereby indicating the originating IP is either unknown or has been
+     * thereby indicating the originating host or IP is either unknown or has been
      * explicitly omitted by the caller.  However, if the implementation is configured to require
-     * a valid {@code hostAddress} and the argument is {@code null}, an
+     * a valid {@code host} and the argument is {@code null}, an
      * {@link IllegalArgumentException IllegalArgumentException} will be thrown.
      * <p/>
-     * In web-based systems, this InetAddress can be inferred from the incoming request, e.g.
-     * {@code javax.servlet.ServletRequest#getRemoteAddr()}
-     * method, or in socket-based systems, it can be obtained via inspecting the socket
+     * In web-based systems, this host can be inferred from the incoming request, e.g.
+     * {@code javax.servlet.ServletRequest#getRemoteAddr()} or {@code javax.servlet.ServletRequest#getRemoteHost()}
+     * methods, or in socket-based systems, it can be obtained via inspecting the socket
      * initiator's host IP.
      * <p/>
      * Most secure environments <em>should</em> require that a valid, non-{@code null}
-     * {@code hostAddress} be specified, since knowing the {@code hostAddress} allows for more
-     * flexibility when securing a system: by requiring an InetAddress, access control policies
+     * {@code host} be specified, since knowing the {@code host} allows for more
+     * flexibility when securing a system: by requiring an host, access control policies
      * can also ensure access is restricted to specific client <em>locations</em> in
      * addition to user principals, if so desired.
      * <p/>
      * <b>Caveat</b> - if clients to your system are on a
      * public network (as would be the case for a public web site), odds are high the clients can be
      * behind a NAT (Network Address Translation) router or HTTP proxy server.  If so, all clients
-     * accessing your system behind that router or proxy will have the same originating IP address.
-     * If your system is configured to allow only one session per IP, then the next request from a
+     * accessing your system behind that router or proxy will have the same originating host.
+     * If your system is configured to allow only one session per host, then the next request from a
      * different NAT or proxy client will fail and access will be deny for that client.  Just be
-     * aware that ip-based security policies are best utilized in LAN or private WAN environments
+     * aware that host-based security policies are best utilized in LAN or private WAN environments
      * when you can be ensure clients will not share IPs or be behind such NAT routers or
      * proxy servers.
      *
-     * @param originatingHost the originating host InetAddress of the external party
-     *                        (user, 3rd party product, etc) that is attempting to interact with the system.
+     * @param host the originating host or IP of the external party
+     *             (user, 3rd party product, etc) that is attempting to interact with the system.
      * @return a handle to the newly created session.
      * @throws HostUnauthorizedException if the system access control policy restricts access based
      *                                   on client location/IP and the specified hostAddress hasn't been enabled.
      * @throws AuthorizationException    if the system access control policy does not allow the currently executing
      *                                   caller to start sessions.
+     * @since 1.0
      */
-    Serializable start(InetAddress originatingHost) throws AuthorizationException;
+    Serializable start(String host) throws AuthorizationException;
 
     /**
      * Starts a new session based on the specified initialization data, which can be used by the underlying
@@ -87,8 +87,8 @@
      * logic by simply injecting a {@code SessionFactory} into the {@code SecurityManager or SessionManager} instance.
      * <p/>
      * For example, Shiro's default implementation of the
-     * {@link #start(InetAddress) start(InetAddress)} method merely adds the InetAddress to a Map instance and passes
-     * that Map into this method for delegation to an underlying {@link SessionFactory}.
+     * {@link #start(String) start(String)} method merely adds the client host name or IP string to a Map instance
+     * and passes that Map into this method for delegation to an underlying {@link SessionFactory}.
      *
      * @param initData the initialization data that can be used by the implementation or underlying
      *                 {@link SessionFactory} when instantiating the internal {@code Session} instance.
@@ -187,15 +187,16 @@
     void touch(Serializable sessionId) throws InvalidSessionException;
 
     /**
-     * Returns the IP address of the host where the session was started, if known.  If
-     * no IP was specified when starting the session, this method returns {@code null}
+     * Returns the host name or IP string of the host where the session was started, if known.  If
+     * no host name or IP was specified when starting the session, this method returns {@code null}
      *
      * @param sessionId the id of the session to query.
-     * @return the ip address of the host where the session originated, if known.  If unknown,
+     * @return the host name or ip address of the host where the session originated, if known.  If unknown,
      *         this method returns {@code null}.
-     * @see #start(InetAddress originatingHost) init( InetAddress originatingHost )
+     * @see #start(String host) init( String host )
+     * @since 1.0
      */
-    InetAddress getHostAddress(Serializable sessionId);
+    String getHost(Serializable sessionId);
 
     /**
      * Explicitly stops the session identified by {@code sessionId}, thereby releasing all

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSession.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSession.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSession.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSession.java Fri Dec 18 18:52:39 2009
@@ -25,7 +25,6 @@
 import org.slf4j.LoggerFactory;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 import java.text.DateFormat;
 import java.util.*;
 
@@ -53,7 +52,7 @@
     private Date lastAccessTime = null;
     private long timeout = DefaultSessionManager.DEFAULT_GLOBAL_SESSION_TIMEOUT;
     private boolean expired = false;
-    private InetAddress hostAddress = null;
+    private String host = null;
 
     private Map<Object, Object> attributes = null;
 
@@ -62,9 +61,9 @@
         this.lastAccessTime = this.startTimestamp;
     }
 
-    public SimpleSession(InetAddress hostAddress) {
+    public SimpleSession(String host) {
         this();
-        this.hostAddress = hostAddress;
+        this.host = host;
     }
 
     public Serializable getId() {
@@ -138,12 +137,12 @@
         this.timeout = timeout;
     }
 
-    public InetAddress getHostAddress() {
-        return hostAddress;
+    public String getHost() {
+        return host;
     }
 
-    public void setHostAddress(InetAddress hostAddress) {
-        this.hostAddress = hostAddress;
+    public void setHost(String host) {
+        this.host = host;
     }
 
     public Map<Object, Object> getAttributes() {
@@ -347,7 +346,7 @@
                 (getLastAccessTime() != null ? getLastAccessTime().equals(ss.getLastAccessTime()) : ss.getLastAccessTime() == null) &&
                 (getTimeout() == ss.getTimeout()) &&
                 (isExpired() == ss.isExpired()) &&
-                (getHostAddress() != null ? getHostAddress().equals(ss.getHostAddress()) : ss.getHostAddress() == null) &&
+                (getHost() != null ? getHost().equals(ss.getHost()) : ss.getHost() == null) &&
                 (getAttributes() != null ? getAttributes().equals(ss.getAttributes()) : ss.getAttributes() == null);
     }
 
@@ -371,7 +370,7 @@
         hashCode = 31 * hashCode + (getLastAccessTime() != null ? getLastAccessTime().hashCode() : 0);
         hashCode = 31 * hashCode + Long.valueOf(Math.max(getTimeout(), 0)).hashCode();
         hashCode = 31 * hashCode + Boolean.valueOf(isExpired()).hashCode();
-        hashCode = 31 * hashCode + (getHostAddress() != null ? getHostAddress().hashCode() : 0);
+        hashCode = 31 * hashCode + (getHost() != null ? getHost().hashCode() : 0);
         hashCode = 31 * hashCode + (getAttributes() != null ? getAttributes().hashCode() : 0);
         return hashCode;
     }

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSessionFactory.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSessionFactory.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSessionFactory.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSessionFactory.java Fri Dec 18 18:52:39 2009
@@ -20,7 +20,6 @@
 
 import org.apache.shiro.session.Session;
 
-import java.net.InetAddress;
 import java.util.Map;
 
 /**
@@ -33,20 +32,20 @@
 
     /**
      * This default implementation merely returns
-     * <pre>new {@link SimpleSession#SimpleSession(java.net.InetAddress) SimpleSession}({@link InetAddress originatingHost});</pre>
+     * <pre>new {@link SimpleSession#SimpleSession(String) SimpleSession(host)};</pre>
      *
-     * @param originatingHost the originating host InetAddress of the external party
-     *                        (user, 3rd party product, etc) that is attempting to initiate the session, or
-     *                        {@code null} if not known.
+     * @param host the originating host name or IP string of the external party
+     *             (user, 3rd party product, etc) that is attempting to initiate the session, or
+     *             {@code null} if not known.
      * @return a new session instance.
      */
-    public Session createSession(InetAddress originatingHost) {
-        return new SimpleSession(originatingHost);
+    public Session createSession(String host) {
+        return new SimpleSession(host);
     }
 
     public Session createSession(Map initData) {
-        if (initData != null && initData.containsKey(SessionFactory.ORIGINATING_HOST_KEY)) {
-            InetAddress host = (InetAddress) initData.get(SessionFactory.ORIGINATING_HOST_KEY);
+        if (initData != null && initData.containsKey(SessionFactory.HOST_KEY)) {
+            String host = (String) initData.get(SessionFactory.HOST_KEY);
             return new SimpleSession(host);
         }
         return new SimpleSession();

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/DelegatingSubject.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/DelegatingSubject.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/DelegatingSubject.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/DelegatingSubject.java Fri Dec 18 18:52:39 2009
@@ -20,7 +20,7 @@
 
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.authc.InetAuthenticationToken;
+import org.apache.shiro.authc.HostAuthenticationToken;
 import org.apache.shiro.authz.AuthorizationException;
 import org.apache.shiro.authz.Permission;
 import org.apache.shiro.authz.UnauthenticatedException;
@@ -37,7 +37,6 @@
 import org.slf4j.LoggerFactory;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
@@ -79,7 +78,7 @@
 
     protected PrincipalCollection principals;
     protected boolean authenticated;
-    protected InetAddress inetAddress;
+    protected String host;
     protected Session session;
     private List<PrincipalCollection> assumedIdentities; //supports assumed identities (aka 'run as')
 
@@ -89,7 +88,7 @@
         this(null, false, null, null, securityManager);
     }
 
-    public DelegatingSubject(PrincipalCollection principals, boolean authenticated, InetAddress inetAddress,
+    public DelegatingSubject(PrincipalCollection principals, boolean authenticated, String host,
                              Session session, SecurityManager securityManager) {
         if (securityManager == null) {
             throw new IllegalArgumentException("SecurityManager argument cannot be null.");
@@ -97,7 +96,7 @@
         this.securityManager = securityManager;
         this.principals = principals;
         this.authenticated = authenticated;
-        this.inetAddress = inetAddress;
+        this.host = host;
         if (session != null) {
             this.session = decorate(session);
             this.assumedIdentities = getAssumedIdentities(this.session);
@@ -128,12 +127,12 @@
     }
 
     /**
-     * Returns the InetAddress associated with the client who created/is interacting with this Subject.
+     * Returns the host name or IP associated with the client who created/is interacting with this Subject.
      *
-     * @return the InetAddress associated with the client who created/is interacting with this Subject.
+     * @return the host name or IP associated with the client who created/is interacting with this Subject.
      */
-    public InetAddress getInetAddress() {
-        return this.inetAddress;
+    public String getHost() {
+        return this.host;
     }
 
     protected Object getPrimaryPrincipal(PrincipalCollection principals) {
@@ -251,13 +250,13 @@
 
         PrincipalCollection principals;
 
-        InetAddress inetAddress = null;
+        String host = null;
 
         if (subject instanceof DelegatingSubject) {
             DelegatingSubject delegating = (DelegatingSubject) subject;
             //we have to do this in case there are assumed identities - we don't want to lose the 'real' principals:
             principals = delegating.principals;
-            inetAddress = delegating.inetAddress;
+            host = delegating.host;
         } else {
             principals = subject.getPrincipals();
         }
@@ -269,11 +268,11 @@
         }
         this.principals = principals;
         this.authenticated = true;
-        if (token instanceof InetAuthenticationToken) {
-            inetAddress = ((InetAuthenticationToken) token).getInetAddress();
+        if (token instanceof HostAuthenticationToken) {
+            host = ((HostAuthenticationToken) token).getHost();
         }
-        if (inetAddress != null) {
-            this.inetAddress = inetAddress;
+        if (host != null) {
+            this.host = host;
         }
         Session session = subject.getSession(false);
         if (session != null) {
@@ -304,7 +303,7 @@
         }
 
         if (this.session == null && create) {
-            InetAddress host = getInetAddress();
+            String host = getHost();
             log.trace("Starting session for host {}", host);
             Serializable sessionId = this.securityManager.start(host);
             this.session = decorateSession(sessionId);
@@ -319,7 +318,6 @@
             this.session = null;
             this.principals = null;
             this.authenticated = false;
-            this.inetAddress = null;
             this.assumedIdentities = null;
             //Don't set securityManager to null here - the Subject can still be
             //used, it is just considered anonymous at this point.  The SecurityManager instance is

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/Subject.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/Subject.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/Subject.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/Subject.java Fri Dec 18 18:52:39 2009
@@ -26,9 +26,9 @@
 import org.apache.shiro.mgt.SecurityManager;
 import org.apache.shiro.mgt.SubjectFactory;
 import org.apache.shiro.session.Session;
+import org.apache.shiro.util.StringUtils;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 import java.util.Collection;
 import java.util.HashMap;
 import java.util.List;
@@ -624,14 +624,15 @@
         }
 
         /**
-         * Ensures the {@code Subject} being built will reflect the specified host address as its originating address.
+         * Ensures the {@code Subject} being built will reflect the specified host name or IP as its originating
+         * location.
          *
-         * @param originatingHost the host address to use as the {@code Subject}'s originating address.
+         * @param host the host name or IP address to use as the {@code Subject}'s originating location.
          * @return this {@code Builder} instance for method chaining.
          */
-        public Builder inetAddress(InetAddress originatingHost) {
-            if (originatingHost != null) {
-                this.subjectContext.put(SubjectFactory.INET_ADDRESS, originatingHost);
+        public Builder host(String host) {
+            if (StringUtils.hasText(host)) {
+                this.subjectContext.put(SubjectFactory.HOST, host);
             }
             return this;
         }

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/SubjectThreadState.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/SubjectThreadState.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/SubjectThreadState.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/SubjectThreadState.java Fri Dec 18 18:52:39 2009
@@ -26,7 +26,6 @@
 import org.apache.shiro.util.ThreadState;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 
 /**
  * @since 1.0
@@ -34,20 +33,14 @@
 public class SubjectThreadState implements ThreadState {
 
     private Subject originalSubject;
-    private InetAddress originalInetAddress;
     private Serializable originalSessionId;
     private transient SecurityManager originalSecurityManager;
 
-    private final InetAddress inetAddress;
     private final Serializable sessionId;
     private final Subject subject;
     private final transient SecurityManager securityManager;
 
     public SubjectThreadState(Subject subject) {
-        this(subject, ThreadContext.getInetAddress());
-    }
-
-    protected SubjectThreadState(Subject subject, InetAddress inetAddressFallback) {
         if (subject == null) {
             throw new IllegalArgumentException("Subject argument cannot be null.");
         }
@@ -63,16 +56,7 @@
             this.securityManager = this.originalSecurityManager;
         }
 
-        this.originalInetAddress = ThreadContext.getInetAddress();
         Session session = this.subject.getSession(false);
-        InetAddress inet = null;
-        if (session != null) {
-            inet = session.getHostAddress();
-        }
-        if (inet == null) {
-            inet = inetAddressFallback;
-        }
-        this.inetAddress = inet;
 
         this.originalSessionId = ThreadContext.getSessionId();
         if (session != null) {
@@ -87,16 +71,10 @@
     }
 
     public void bind() {
-        this.originalInetAddress = ThreadContext.getInetAddress();
         this.originalSessionId = ThreadContext.getSessionId();
         this.originalSubject = ThreadContext.getSubject();
         this.originalSecurityManager = ThreadContext.getSecurityManager();
 
-        if (inetAddress == null) {
-            ThreadContext.unbindInetAddress();
-        } else {
-            ThreadContext.bind(inetAddress);
-        }
         if (sessionId == null) {
             ThreadContext.unbindSessionId();
         } else {
@@ -111,11 +89,6 @@
     }
 
     public void restore() {
-        if (originalInetAddress == null) {
-            ThreadContext.unbindInetAddress();
-        } else {
-            ThreadContext.bind(originalInetAddress);
-        }
         if (originalSessionId == null) {
             ThreadContext.unbindSessionId();
         } else {

Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/util/ThreadContext.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/util/ThreadContext.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/util/ThreadContext.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/util/ThreadContext.java Fri Dec 18 18:52:39 2009
@@ -24,7 +24,6 @@
 import org.slf4j.LoggerFactory;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -56,7 +55,7 @@
     public static final String SECURITY_MANAGER_KEY = ThreadContext.class.getName() + "_SECURITY_MANAGER_KEY";
     public static final String SUBJECT_KEY = ThreadContext.class.getName() + "_SUBJECT_KEY";
     public static final String SESSION_ID_KEY = ThreadContext.class.getName() + "_SESSION_ID_KEY";
-    public static final String INET_ADDRESS_KEY = ThreadContext.class.getName() + "_INET_ADDRESS_KEY";
+    public static final String HOST_KEY = ThreadContext.class.getName() + "_INET_ADDRESS_KEY";
 
     protected static ThreadLocal<Map<Object, Object>> resources =
             new InheritableThreadLocal<Map<Object, Object>>() {
@@ -316,62 +315,6 @@
         return (Subject) remove(SUBJECT_KEY);
     }
 
-    /**
-     * Convenience method that simplifies retrieval of a thread-bound InetAddress.  If there is no
-     * InetAddress bound to the thread, this method returns <tt>null</tt>.  It is merely a convenient wrapper
-     * for the following:
-     * <p/>
-     * <code>return (InetAddress)get( INET_ADDRESS_KEY );</code>
-     * <p/>
-     * This method only returns the bound value if it exists - it does not remove it
-     * from the thread.  To remove it, one must call {@link #unbindInetAddress() unbindInetAddress} instead.
-     *
-     * @return the InetAddress object bound to the thread, or <tt>null</tt> if there isn't one bound.
-     * @since 0.2
-     */
-    public static InetAddress getInetAddress() {
-        return (InetAddress) get(INET_ADDRESS_KEY);
-    }
-
-    /**
-     * Convenience method that simplifies binding an InetAddress to the ThreadContext.
-     * <p/>
-     * <p>The method's existence is to help reduce casting in your own code and to simplify remembering of
-     * ThreadContext key names.  The implementation is simple in that, if the inetAddress is not <tt>null</tt>,
-     * it binds it to the thread, i.e.:
-     * <p/>
-     * <pre>
-     * if (inetAddress != null) {
-     *     put( INET_ADDRESS_KEY, inetAddress );
-     * }</pre>
-     *
-     * @param inetAddress the InetAddress to bind to the thread.  If the argument is null, nothing will be done.
-     * @since 0.2
-     */
-    public static void bind(InetAddress inetAddress) {
-        if (inetAddress != null) {
-            put(INET_ADDRESS_KEY, inetAddress);
-        }
-    }
-
-    /**
-     * Convenience method that simplifies removal of a thread-local InetAddress from the thread.
-     * <p/>
-     * The implementation just helps reduce casting and remembering of the ThreadContext key name, i.e it is
-     * merely a conveient wrapper for the following:
-     * <p/>
-     * <code>return (InetAddress)remove( INET_ADDRESS_KEY );</code>
-     * <p/>
-     * If you wish to just retrieve the object from the thread without removing it (so it can be retrieved later during
-     * thread execution), you should use the {@link #getInetAddress() getInetAddress()} method for that purpose.
-     *
-     * @return the InetAddress object previously bound to the thread, or <tt>null</tt> if there was none bound.
-     * @since 0.2
-     */
-    public static InetAddress unbindInetAddress() {
-        return (InetAddress) remove(INET_ADDRESS_KEY);
-    }
-
     //TODO - complete JavaDoc
 
     public static Serializable getSessionId() {

Modified: incubator/shiro/trunk/core/src/test/java/org/apache/shiro/realm/AuthorizingRealmTest.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/test/java/org/apache/shiro/realm/AuthorizingRealmTest.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/test/java/org/apache/shiro/realm/AuthorizingRealmTest.java (original)
+++ incubator/shiro/trunk/core/src/test/java/org/apache/shiro/realm/AuthorizingRealmTest.java Fri Dec 18 18:52:39 2009
@@ -32,8 +32,6 @@
 import org.junit.Before;
 import org.junit.Test;
 
-import java.net.InetAddress;
-import java.net.UnknownHostException;
 import java.security.Principal;
 import java.util.*;
 
@@ -51,15 +49,7 @@
     private static final String PASSWORD = "password";
     private static final int USER_ID = 12345;
     private static final String ROLE = "admin";
-    private InetAddress localhost;
-
-    {
-        try {
-            localhost = InetAddress.getLocalHost();
-        } catch (UnknownHostException e) {
-            fail("Error creating localhost");
-        }
-    }
+    private String localhost = "localhost";
 
     @Before
     public void setup() {
@@ -74,13 +64,6 @@
 
     @Test
     public void testDefaultConfig() {
-        InetAddress localhost = null;
-        try {
-            localhost = InetAddress.getLocalHost();
-        } catch (UnknownHostException e) {
-            e.printStackTrace();
-        }
-
         AuthenticationInfo info = realm.getAuthenticationInfo(new UsernamePasswordToken(USERNAME, PASSWORD, localhost));
 
         assertNotNull(info);

Modified: incubator/shiro/trunk/core/src/test/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealmTest.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/test/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealmTest.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/test/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealmTest.java (original)
+++ incubator/shiro/trunk/core/src/test/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealmTest.java Fri Dec 18 18:52:39 2009
@@ -38,8 +38,6 @@
 import org.junit.Test;
 
 import javax.naming.NamingException;
-import java.net.InetAddress;
-import java.net.UnknownHostException;
 import java.util.HashSet;
 import java.util.Set;
 
@@ -81,12 +79,7 @@
 
     @Test
     public void testDefaultConfig() {
-        InetAddress localhost = null;
-        try {
-            localhost = InetAddress.getLocalHost();
-        } catch (UnknownHostException e) {
-            e.printStackTrace();
-        }
+        String localhost = "localhost";
         Subject subject = SecurityUtils.getSubject();
         subject.login(new UsernamePasswordToken(USERNAME, PASSWORD, localhost));
         assertTrue(subject.isAuthenticated());

Modified: incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DefaultSessionManagerTest.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DefaultSessionManagerTest.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DefaultSessionManagerTest.java (original)
+++ incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DefaultSessionManagerTest.java Fri Dec 18 18:52:39 2009
@@ -30,7 +30,6 @@
 import org.junit.Test;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 import java.util.Map;
 import java.util.UUID;
 
@@ -82,7 +81,7 @@
         sm.setSessionDAO(mockDAO);
 
         sm.setGlobalSessionTimeout(timeout);
-        sm.start((InetAddress) null);
+        sm.start((String) null);
 
         verify(mockDAO);
     }
@@ -157,7 +156,7 @@
         sessionDAO.update(eq(session1));
         expectLastCall().anyTimes();
         replay(sessionDAO);
-        Serializable id = sm.start((InetAddress) null);
+        Serializable id = sm.start((String) null);
         assertNotNull(id);
         verify(sessionDAO);
         reset(sessionDAO);

Modified: incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DelegatingSessionTest.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DelegatingSessionTest.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DelegatingSessionTest.java (original)
+++ incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DelegatingSessionTest.java Fri Dec 18 18:52:39 2009
@@ -27,7 +27,6 @@
 import org.junit.Test;
 
 import java.io.Serializable;
-import java.net.InetAddress;
 
 /**
  * Unit test for the {@link DelegatingSession} class.
@@ -41,7 +40,7 @@
     public void setup() {
         ThreadContext.clear();
         sm = new DefaultSessionManager();
-        Serializable sessionId = sm.start((InetAddress) null);
+        Serializable sessionId = sm.start((String) null);
         this.session = new DelegatingSession(sm, sessionId);
     }
 

Modified: incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationExecutor.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationExecutor.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationExecutor.java (original)
+++ incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationExecutor.java Fri Dec 18 18:52:39 2009
@@ -29,7 +29,6 @@
 
 import java.io.Serializable;
 import java.lang.reflect.InvocationTargetException;
-import java.net.InetAddress;
 import java.util.concurrent.Callable;
 
 
@@ -87,9 +86,9 @@
 
             Subject.Builder builder = new Subject.Builder(securityManager);
 
-            InetAddress inet = (InetAddress) invocation.getAttribute(SecureRemoteInvocationFactory.INET_ADDRESS_KEY);
-            if (inet != null) {
-                builder.inetAddress(inet);
+            String host = (String) invocation.getAttribute(SecureRemoteInvocationFactory.HOST_KEY);
+            if (host != null) {
+                builder.host(host);
             }
 
             Serializable sessionId = invocation.getAttribute(SecureRemoteInvocationFactory.SESSION_ID_KEY);

Modified: incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactory.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactory.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactory.java (original)
+++ incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactory.java Fri Dec 18 18:52:39 2009
@@ -23,7 +23,6 @@
 import org.apache.shiro.session.Session;
 import org.apache.shiro.session.mgt.SessionManager;
 import org.apache.shiro.subject.Subject;
-import org.apache.shiro.util.ThreadContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.remoting.support.DefaultRemoteInvocationFactory;
@@ -31,9 +30,6 @@
 import org.springframework.remoting.support.RemoteInvocationFactory;
 
 import java.io.Serializable;
-import java.net.InetAddress;
-import java.util.Map;
-
 
 /**
  * A {@link RemoteInvocationFactory} that passes the session ID to the server via a
@@ -51,8 +47,8 @@
 
     private static final Logger log = LoggerFactory.getLogger(SecureRemoteInvocationFactory.class);
 
-    public static final String SESSION_ID_KEY = Session.class.getName() + "_ID_KEY";
-    public static final String INET_ADDRESS_KEY = InetAddress.class.getName() + "_KEY";
+    public static final String SESSION_ID_KEY = SecureRemoteInvocationFactory.class.getName() + ".SESSION_ID_KEY";
+    public static final String HOST_KEY = SecureRemoteInvocationFactory.class.getName() + ".HOST_KEY";
 
     private static final String SESSION_ID_SYSTEM_PROPERTY_NAME = "shiro.session.id";
 
@@ -66,18 +62,17 @@
     public RemoteInvocation createRemoteInvocation(MethodInvocation mi) {
 
         Serializable sessionId = null;
-        InetAddress inet = null;
+        String host = null;
         boolean sessionManagerMethodInvocation = false;
 
         //If the calling MI is for a remoting SessionManager delegate, we need to acquire the session ID from the method
         //argument and NOT interact with SecurityUtils/subject.getSession to avoid a stack overflow
         if (SessionManager.class.equals(mi.getMethod().getDeclaringClass())) {
             sessionManagerMethodInvocation = true;
-            //for SessionManager calls, all method calls require the session id as the first argument, with
-            //the exception of 'start' that takes in an InetAddress or a Map.  So, ignore those two cases:
-            Object firstArg = mi.getArguments()[0];
-            if (!(firstArg instanceof InetAddress || firstArg instanceof Map)) {
-                sessionId = (Serializable) firstArg;
+            //for SessionManager calls, all method calls except the 'start' methods require the session id
+            // as the first argument, so just get it from there:
+            if (!mi.getMethod().getName().equals("start")) {
+                sessionId = (Serializable) mi.getArguments()[0];
             }
         }
 
@@ -86,8 +81,8 @@
             Subject subject = SecurityUtils.getSubject();
             Session session = subject.getSession(false);
             if (session != null) {
-                inet = session.getHostAddress();
                 sessionId = session.getId();
+                host = session.getHost();
             }
         }
 
@@ -105,17 +100,12 @@
             }
         }
 
-        if (inet == null) {
-            //try thread context:
-            inet = ThreadContext.getInetAddress();
-        }
-
         RemoteInvocation ri = new RemoteInvocation(mi);
         if (sessionId != null) {
             ri.addAttribute(SESSION_ID_KEY, sessionId);
         }
-        if (inet != null) {
-            ri.addAttribute(INET_ADDRESS_KEY, inet);
+        if (host != null) {
+            ri.addAttribute(HOST_KEY, host);
         }
 
         return ri;

Modified: incubator/shiro/trunk/support/spring/src/test/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactoryTest.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/support/spring/src/test/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactoryTest.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/support/spring/src/test/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactoryTest.java (original)
+++ incubator/shiro/trunk/support/spring/src/test/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactoryTest.java Fri Dec 18 18:52:39 2009
@@ -6,13 +6,13 @@
 import org.apache.shiro.util.ThreadContext;
 import static org.easymock.EasyMock.*;
 import org.junit.After;
-import static org.junit.Assert.*;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
 import org.junit.Before;
 import org.junit.Test;
 import org.springframework.remoting.support.RemoteInvocation;
 
 import java.lang.reflect.Method;
-import java.net.InetAddress;
 import java.util.UUID;
 
 /**
@@ -28,7 +28,7 @@
         ThreadContext.clear();
     }
 
-    protected void bind( Subject subject ) {
+    protected void bind(Subject subject) {
         ThreadContext.bind(subject);
     }
 
@@ -39,12 +39,12 @@
 
     protected Method getMethod(String name, Class clazz) {
         Method[] methods = clazz.getMethods();
-        for( Method method : methods ) {
-            if ( method.getName().equals(name) ) {
+        for (Method method : methods) {
+            if (method.getName().equals(name)) {
                 return method;
             }
         }
-        throw new IllegalStateException( "'" + name + "' method should exist." );
+        throw new IllegalStateException("'" + name + "' method should exist.");
     }
 
     @Test
@@ -55,8 +55,8 @@
         MethodInvocation mi = createMock(MethodInvocation.class);
         Method startMethod = getMethod("start", SessionManager.class);
         expect(mi.getMethod()).andReturn(startMethod).anyTimes();
-        
-        Object[] args = {InetAddress.getLocalHost()};
+
+        Object[] args = {"localhost"};
         expect(mi.getArguments()).andReturn(args).anyTimes();
 
         replay(mi);

Modified: incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/WebUtils.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/WebUtils.java?rev=892346&r1=892345&r2=892346&view=diff
==============================================================================
--- incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/WebUtils.java (original)
+++ incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/WebUtils.java Fri Dec 18 18:52:39 2009
@@ -33,9 +33,7 @@
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
-import java.net.InetAddress;
 import java.net.URLDecoder;
-import java.net.UnknownHostException;
 import java.util.Map;
 
 /**
@@ -234,35 +232,6 @@
     }
 
     /**
-     * Returns the <code>InetAddress</code> associated with the current request, or <code>null</code> if the
-     * address cannot be resolved/determined.
-     * <p/>
-     * This implementation returns the InetAddress resolved from the request's
-     * {@link javax.servlet.ServletRequest#getRemoteHost() remoteHost} value.  The returned <code>String</code>
-     * is resolved to an InetAddress by calling
-     * {@link InetAddress#getByName(String) InetAddress.getByName(remoteHost)}. If the remote host is <code>null</code>
-     * or <code>getByName(remoteHost)</code> throws an exception, <code>null</code> is returned.
-     *
-     * @param request the incoming ServletRequest
-     * @return the <code>InetAddress</code> associated with the current request, or <code>null</code> if the
-     *         address cannot be resolved/determined.
-     */
-    public static InetAddress getInetAddress(ServletRequest request) {
-        InetAddress clientAddress = null;
-        //get the Host/IP the client is coming from:
-        String addrString = request.getRemoteHost();
-        try {
-            clientAddress = InetAddress.getByName(addrString);
-        } catch (UnknownHostException e) {
-            if (log.isInfoEnabled()) {
-                log.info("Unable to acquire InetAddress from ServletRequest", e);
-            }
-        }
-
-        return clientAddress;
-    }
-
-    /**
      * A convenience method that merely casts the incoming <code>ServletRequest</code> to an
      * <code>HttpServletRequest</code>:
      * <p/>
@@ -294,17 +263,6 @@
         return (HttpServletResponse) response;
     }
 
-    public static void bindInetAddressToThread(ServletRequest request) {
-        InetAddress ip = getInetAddress(request);
-        if (ip != null) {
-            ThreadContext.bind(ip);
-        }
-    }
-
-    public static void unbindInetAddressFromThread() {
-        ThreadContext.unbindInetAddress();
-    }
-
     /**
      * Returns the current thread-bound {@code ServletRequest} or {@code null} if there is not one bound.
      * <p/>



Mime
View raw message