List of usage examples for org.apache.shiro.authc AuthenticationToken getPrincipal
Object getPrincipal();
From source file:annis.security.ANNISUserRealm.java
License:Apache License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { Validate.isInstanceOf(String.class, token.getPrincipal()); String userName = (String) token.getPrincipal(); if (userName.equals(anonymousUser)) { // for anonymous users the user name equals the Password, so hash the user name Sha256Hash hash = new Sha256Hash(userName); return new SimpleAuthenticationInfo(userName, hash.getBytes(), ANNISUserRealm.class.getName()); }//w ww . j a v a 2s . co m User user = confManager.getUser(userName); if (user != null) { String passwordHash = user.getPasswordHash(); if (passwordHash != null) { if (passwordHash.startsWith("$")) { Shiro1CryptFormat fmt = new Shiro1CryptFormat(); Hash hashCredentials = fmt.parse(passwordHash); if (hashCredentials instanceof SimpleHash) { SimpleHash simpleHash = (SimpleHash) hashCredentials; Validate.isTrue(simpleHash.getIterations() == 1, "Hash iteration count must be 1 for every password hash!"); // actually set the information from the user file SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(userName, simpleHash.getBytes(), ANNISUserRealm.class.getName()); info.setCredentialsSalt(new SerializableByteSource(simpleHash.getSalt())); return info; } } else { // fallback unsalted hex hash SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(token.getPrincipal(), passwordHash, ANNISUserRealm.class.getName()); return info; } } } return null; }
From source file:be.atbash.ee.security.octopus.book.ex1.ApplicationSecurityData.java
License:Apache License
@Override public AuthenticationInfo getAuthenticationInfo(AuthenticationToken authenticationToken) { if (authenticationToken instanceof UsernamePasswordToken) { UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken; AuthenticationInfoBuilder authenticationInfoBuilder = new AuthenticationInfoBuilder(); authenticationInfoBuilder.principalId(principalId++) .name(authenticationToken.getPrincipal().toString()); // TODO: Change for production. Here we use username as password authenticationInfoBuilder.password(usernamePasswordToken.getUsername()); return authenticationInfoBuilder.build(); }/* w w w . java2 s .c o m*/ return null; }
From source file:be.atbash.ee.security.octopus.book.ex2.ApplicationSecurityData.java
License:Apache License
@Override public AuthenticationInfo getAuthenticationInfo(AuthenticationToken authenticationToken) { if (authenticationToken instanceof UsernamePasswordToken) { UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken; AuthenticationInfoBuilder authenticationInfoBuilder = new AuthenticationInfoBuilder(); authenticationInfoBuilder.principalId(principalId++) .name(authenticationToken.getPrincipal().toString()); authenticationInfoBuilder.userName(authenticationToken.getPrincipal().toString()); // TODO: Change for production. Here we use username as password authenticationInfoBuilder.password(usernamePasswordToken.getUsername()); return authenticationInfoBuilder.build(); }/*from ww w . j a va2 s. c o m*/ return null; }
From source file:be.atbash.ee.security.octopus.book.ex3.ApplicationSecurityData.java
License:Apache License
@Override public AuthenticationInfo getAuthenticationInfo(AuthenticationToken authenticationToken) { if (authenticationToken instanceof UsernamePasswordToken) { UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken; if (authenticationToken.getPrincipal().toString().length() > 2) { AuthenticationInfoBuilder authenticationInfoBuilder = new AuthenticationInfoBuilder(); authenticationInfoBuilder.principalId(principalId++) .name(authenticationToken.getPrincipal().toString()); authenticationInfoBuilder.userName(authenticationToken.getPrincipal().toString()); authenticationInfoBuilder.name(authenticationToken.getPrincipal().toString()); // TODO: Change for production. Here we use username as password authenticationInfoBuilder.password(usernamePasswordToken.getUsername()); return authenticationInfoBuilder.build(); }//ww w . j a va 2 s . c o m } return null; }
From source file:be.atbash.ee.security.octopus.book.ex7.ApplicationSecurityData.java
License:Apache License
@Override public AuthenticationInfo getAuthenticationInfo(AuthenticationToken authenticationToken) { if (authenticationToken instanceof UsernamePasswordToken) { UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken; AuthenticationInfoBuilder authenticationInfoBuilder = new AuthenticationInfoBuilder(); authenticationInfoBuilder.principalId(principalId++) .name(authenticationToken.getPrincipal().toString()); // TODO: Change for production. Here we use username as password authenticationInfoBuilder.password(usernamePasswordToken.getUsername()); return authenticationInfoBuilder.build(); }//from w ww . j a va 2s . co m return null; }
From source file:be.atbash.ee.security.octopus.demo.scs.security.ApplicationSecurityData.java
License:Apache License
@Override public AuthenticationInfo getAuthenticationInfo(AuthenticationToken authenticationToken) { if (authenticationToken instanceof UsernamePasswordToken) { UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken; AuthenticationInfoBuilder authenticationInfoBuilder = new AuthenticationInfoBuilder(); authenticationInfoBuilder.principalId(principalId++) .name(authenticationToken.getPrincipal().toString()); authenticationInfoBuilder.userName(authenticationToken.getPrincipal().toString()); authenticationInfoBuilder.name(authenticationToken.getPrincipal().toString()); // TODO: Change for production. Here we use username as password authenticationInfoBuilder.password(usernamePasswordToken.getUsername()); return authenticationInfoBuilder.build(); }/*w w w. j a va 2 s . c om*/ return null; }
From source file:be.rubus.octopus.jsr375.demo.AppAuthentication.java
License:Apache License
@Override public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) { if (token instanceof UsernamePasswordToken) { UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token; AuthenticationInfoBuilder authenticationInfoBuilder = new AuthenticationInfoBuilder(); authenticationInfoBuilder.principalId(principalId++).name(token.getPrincipal().toString()); authenticationInfoBuilder.password(usernamePasswordToken.getPassword()); authenticationInfoBuilder.externalPasswordCheck(); return authenticationInfoBuilder.build(); }/*w ww . jav a 2s.co m*/ return null; }
From source file:cn.evilcoder.fantasyblog4j.shiro.ShiroDbRealm.java
License:Apache License
/** * ?,./*from w w w . j a va2 s .c o m*/ */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { String username = String.valueOf(token.getPrincipal()); String password = new String((char[]) token.getCredentials()); User user = userService.selectByUsername(username); if (user == null) { throw new AuthenticationException("???."); } if (!userService.checkPassword(user, password)) { throw new AuthenticationException("???."); } return new SimpleAuthenticationInfo(username, password, getName()); }
From source file:cn.mypandora.shiro.credentials.RetryLimitHashedCredentialsMatcher.java
License:Apache License
@Override public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { String username = (String) token.getPrincipal(); //retry count + 1 AtomicInteger retryCount = passwordRetryCache.get(username); if (retryCount == null) { retryCount = new AtomicInteger(0); passwordRetryCache.put(username, retryCount); }// w w w .j ava2s .c o m if (retryCount.incrementAndGet() > 5) { //if retry count > 5 throw throw new ExcessiveAttemptsException(); } boolean matches = super.doCredentialsMatch(token, info); if (matches) { //clear retry count passwordRetryCache.remove(username); } return matches; }
From source file:com.appleframework.pay.permission.shiro.credentials.RetryLimitHashedCredentialsMatcher.java
License:Apache License
@Override /**/*from w w w .j av a2 s . co m*/ * ??? */ public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { String username = (String) token.getPrincipal(); // retry count + 1 AtomicInteger retryCount = passwordRetryCache.get(username); if (retryCount == null) { retryCount = new AtomicInteger(0); passwordRetryCache.put(username, retryCount); } if (retryCount.incrementAndGet() > 5) { // if retry count > 5 throw throw new ExcessiveAttemptsException(); } boolean matches = super.doCredentialsMatch(token, info); if (matches) { // clear retry count passwordRetryCache.remove(username); // ???? PmsOperator operator = pmsOperatorService.findOperatorByLoginName(username); Subject subject = SecurityUtils.getSubject(); Session session = subject.getSession(); session.setAttribute("PmsOperator", operator); } return matches; }