Example usage for org.apache.shiro.authc AuthenticationInfo getCredentials

List of usage examples for org.apache.shiro.authc AuthenticationInfo getCredentials

  1. HOME
  2. Java
  3. org.apache.shiro
  4. org.apache.shiro.authc.*
  5. AuthenticationInfo
  6. getCredentials

Introduction

In this page you can find the example usage for org.apache.shiro.authc AuthenticationInfo getCredentials.

Prototype

Object getCredentials();

Source Link

Document

Returns the credentials associated with the corresponding Subject.

Usage

From source file:com.bennavetta.appsite.security.SCryptCredentialsMatcher.java

License:Apache License

@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
    UsernamePasswordToken login = (UsernamePasswordToken) token;
    String given = new String(login.getPassword());
    boolean result = SCryptUtil.check(given, info.getCredentials().toString());
    if (result) {
        log.trace("Credentials match for {}", token);
    } else {/*from   ww w.  java  2 s  .  c  o m*/
        log.trace("Credentials don't match for {}", token);
    }
    return result;
}

From source file:com.blazarquant.bfp.core.security.config.BcryptCredentialsMatcher.java

License:Apache License

@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
    final UsernamePasswordToken upToken = (UsernamePasswordToken) token;
    String storedBcryptPassword;/* ww  w . j  av a2  s  .c o m*/
    if (info.getCredentials() instanceof char[]) {
        storedBcryptPassword = new String((char[]) info.getCredentials());
    } else {
        storedBcryptPassword = info.getCredentials().toString();
    }
    final String assertedPlaintextPassword = new String(upToken.getPassword());
    return BCrypt.checkpw(assertedPlaintextPassword, storedBcryptPassword);
}

From source file:com.jeecms.core.security.BbsCredentialsMatcher.java

License:Apache License

/**
 * Returns a {@link Hash Hash} instance representing the already-hashed AuthenticationInfo credentials stored in the system.
 * <p/>// w w  w  .j  av  a 2 s  . co m
 * This method reconstructs a {@link Hash Hash} instance based on a {@code info.getCredentials} call,
 * but it does <em>not</em> hash that value - it is expected that method call will return an already-hashed value.
 * <p/>
 * This implementation's reconstruction effort functions as follows:
 * <ol>
 * <li>Convert {@code account.getCredentials()} to a byte array via the {@link #toBytes toBytes} method.
 * <li>If {@code account.getCredentials()} was originally a String or char[] before {@code toBytes} was
 * called, check for encoding:
 * <li>If {@link #storedCredentialsHexEncoded storedCredentialsHexEncoded}, Hex decode that byte array, otherwise
 * Base64 decode the byte array</li>
 * <li>Set the byte[] array directly on the {@code Hash} implementation and return it.</li>
 * </ol>
 *
 * @param info the AuthenticationInfo from which to retrieve the credentials which assumed to be in already-hashed form.
 * @return a {@link Hash Hash} instance representing the given AuthenticationInfo's stored credentials.
 */
protected Object getCredentials(AuthenticationInfo info) {
    Object credentials = info.getCredentials();
    return credentials;
}

From source file:com.sonatype.security.ldap.realms.EnterpriseLdapRealmTest.java

License:Open Source License

@Test
public void testSuccessfulAuthentication() throws Exception {
    final Realm realm = this.lookup(Realm.class, "LdapAuthenticatingRealm");
    final UsernamePasswordToken upToken = new UsernamePasswordToken("brianf", "brianf123");
    final AuthenticationInfo ai = realm.getAuthenticationInfo(upToken);
    assertEquals("brianf123".toCharArray(), ai.getCredentials());
}

From source file:com.webarch.common.shiro.authentication.CredentialsMatcher.java

License:Apache License

@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
    if (token.getCredentials() != null || info.getCredentials() != null) {
        String submitPWD = new String((char[]) token.getCredentials());
        String storePWD = (String) info.getCredentials();
        String md5PWD = DigestUtils.md5Hex(submitPWD);
        if (md5PWD.equals(storePWD)) {
            return true;
        }//from   w  ww .j  av  a 2  s. com
    }
    return false;
}

From source file:com.webarch.common.shiro.DrCredentialsMatcher.java

License:Apache License

/**
 * ?MD5/*from w  w w .  ja  va  2 s.  co  m*/
 * @param token
 * @param info
 * @return
 */
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
    UsernamePasswordToken loginToken = (UsernamePasswordToken) token;
    Object loginCredentials = loginToken.getCredentials();
    String loginPwd = new String((char[]) loginCredentials);
    loginPwd = loginPwd.trim();
    String md5LoginPwd = DigestUtils.md5Hex(loginPwd);
    String accountPwd = (String) info.getCredentials();
    boolean access = loginPwd.equals(accountPwd);
    boolean md5Access = md5LoginPwd.endsWith(accountPwd);
    return access || md5Access;
}

From source file:com.whale.eos.service.org.ShiroDbRealm.java

License:Apache License

public void assertCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
        throws AuthenticationException {
    if (PropertyUtil.getBoolean("encrypt")) {
        super.assertCredentialsMatch(token, info);
    } else {/*from   www.j  a  va 2s  . com*/
        if (token != null && info != null) {
            CaptchaUsernamePasswordToken tk = (CaptchaUsernamePasswordToken) token;
            if (!(String.valueOf(tk.getPassword())).equals((String) info.getCredentials())) {
                // not successful - throw an exception to indicate this:
                String msg = "Submitted credentials for token [" + tk
                        + "] did not match the expected credentials.";
                throw new IncorrectCredentialsException(msg);
            }
        } else {
            throw new AuthenticationException("A CredentialsMatcher must be configured in order to verify "
                    + "credentials during authentication.  If you do not wish for credentials to be examined, you "
                    + "can configure an " + AllowAllCredentialsMatcher.class.getName() + " instance.");
        }
    }
}

From source file:ddf.security.realm.sts.StsRealmTest.java

License:Open Source License

@Ignore
@Test/*from www. jav a  2s  .co  m*/
public void testDoGetAuthenticationInfoSAML() throws ParserConfigurationException, SAXException, IOException {
    StsRealm realm = new StsRealm() {
        protected SecurityToken renewSecurityToken(SecurityToken securityToken) {
            return securityToken;
        }

        protected STSClient configureStsClient() {
            return null;
        }
    };
    Element issuedAssertion = this.readDocument("/saml.xml").getDocumentElement();
    String assertionId = issuedAssertion.getAttributeNodeNS(null, "ID").getNodeValue();
    SecurityToken token = new SecurityToken(assertionId, issuedAssertion, null);
    AuthenticationToken authenticationToken = mock(SAMLAuthenticationToken.class);
    when(authenticationToken.getCredentials()).thenReturn(token);

    AuthenticationInfo authenticationInfo = realm.doGetAuthenticationInfo(authenticationToken);
    assertNotNull(authenticationInfo.getCredentials());
    assertNotNull(authenticationInfo.getPrincipals());
}

From source file:ddf.security.realm.sts.StsRealmTest.java

License:Open Source License

@Ignore
@Test/*from   w  w  w .j  a  va 2  s.  c  om*/
public void testDoGetAuthenticationInfoBase() throws ParserConfigurationException, SAXException, IOException {
    Element issuedAssertion = this.readDocument("/saml.xml").getDocumentElement();
    String assertionId = issuedAssertion.getAttributeNodeNS(null, "ID").getNodeValue();
    final SecurityToken token = new SecurityToken(assertionId, issuedAssertion, null);
    StsRealm realm = new StsRealm() {
        protected SecurityToken requestSecurityToken(Object obj) {
            return token;
        }

        protected STSClient configureStsClient() {
            return null;
        }
    };

    STSAuthenticationToken authenticationToken = mock(STSAuthenticationToken.class);
    when(authenticationToken.getCredentialsAsString()).thenReturn("creds");

    AuthenticationInfo authenticationInfo = realm.doGetAuthenticationInfo(authenticationToken);

    assertNotNull(authenticationInfo.getCredentials());
    assertNotNull(authenticationInfo.getPrincipals());
}

From source file:ddf.security.realm.sts.TestStsRealm.java

License:Open Source License

@Ignore
@Test//ww  w.j a va 2 s  .co m
public void testDoGetAuthenticationInfo_SAML() throws ParserConfigurationException, SAXException, IOException {
    StsRealm realm = new StsRealm() {
        protected SecurityToken renewSecurityToken(SecurityToken securityToken) {
            return securityToken;
        }

        protected void configureStsClient() {
        }
    };
    Element issuedAssertion = this.readDocument("/saml.xml").getDocumentElement();
    String assertionId = issuedAssertion.getAttributeNodeNS(null, "ID").getNodeValue();
    SecurityToken token = new SecurityToken(assertionId, issuedAssertion, null);
    AuthenticationToken authenticationToken = mock(SAMLAuthenticationToken.class);
    when(authenticationToken.getCredentials()).thenReturn(token);

    AuthenticationInfo authenticationInfo = realm.doGetAuthenticationInfo(authenticationToken);
    assertNotNull(authenticationInfo.getCredentials());
    assertNotNull(authenticationInfo.getPrincipals());
}