List of usage examples for org.apache.shiro.authc.credential CredentialsMatcher doCredentialsMatch
boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info);
From source file:no.priv.bang.ukelonn.db.derbytest.UkelonnDatabaseProviderTest.java
License:Apache License
/** * Not a real unit test, just a way to hash cleartext passwords for * the test database and generate salt./*from w ww. j a v a2 s.c om*/ */ @Test public void testCreateHashedPasswords() { String[] usernames = { "on", "kn", "jad", "jod" }; String[] unhashedPasswords = { "ola12", "KaRi", "1ad", "johnnyBoi" }; RandomNumberGenerator randomNumberGenerator = new SecureRandomNumberGenerator(); System.out.println("username, password, salt"); for (int i = 0; i < usernames.length; ++i) { // First hash the password String username = usernames[i]; String password = unhashedPasswords[i]; String salt = randomNumberGenerator.nextBytes().toBase64(); Object decodedSaltUsedWhenHashing = Util.bytes(Base64.getDecoder().decode(salt)); String hashedPassword = new Sha256Hash(password, decodedSaltUsedWhenHashing, 1024).toBase64(); // Check the cleartext password against the hashed password UsernamePasswordToken usenamePasswordToken = new UsernamePasswordToken(username, password.toCharArray()); SimpleAuthenticationInfo saltedAuthenticationInfo = createAuthenticationInfo(usernames[i], hashedPassword, salt); CredentialsMatcher credentialsMatcher = createSha256HashMatcher(1024); assertTrue(credentialsMatcher.doCredentialsMatch(usenamePasswordToken, saltedAuthenticationInfo)); // Print out the username, hashed password, and salt System.out.println(String.format("'%s', '%s', '%s'", username, hashedPassword, salt)); } }
From source file:org.sonatype.nexus.security.internal.AuthenticatingRealmImpl.java
License:Open Source License
/** * Checks to see if the credentials in token match the credentials stored on user * * @param token the username/password token containing the credentials to verify * @param user object containing the stored credentials * @return true if credentials match, false otherwise *///w ww . j av a2 s . co m private boolean isValidCredentials(final UsernamePasswordToken token, final CUser user) { boolean credentialsValid = false; AuthenticationInfo info = createAuthenticationInfo(user); CredentialsMatcher matcher = getCredentialsMatcher(); if (matcher != null) { if (matcher.doCredentialsMatch(token, info)) { credentialsValid = true; } } return credentialsValid; }
From source file:org.sonatype.security.realms.AuthenticatingRealmImpl.java
License:Open Source License
/** * Checks to see if the credentials in token match the credentials stored on user * * @param token the username/password token containing the credentials to verify * @param user object containing the stored credentials * @return true if credentials match, false otherwise */// w w w. j a v a 2s . com private boolean isValidCredentials(UsernamePasswordToken token, CUser user) { boolean credentialsValid = false; AuthenticationInfo info = this.createAuthenticationInfo(user); CredentialsMatcher matcher = this.getCredentialsMatcher(); if (matcher != null) { if (matcher.doCredentialsMatch(token, info)) { credentialsValid = true; } } return credentialsValid; }
From source file:org.sonatype.security.realms.XmlAuthenticatingRealm.java
License:Open Source License
private boolean isValidCredentials(UsernamePasswordToken token, CUser user) { boolean credentialsValid = false; AuthenticationInfo info = this.createAuthenticationInfo(user); CredentialsMatcher matcher = this.getCredentialsMatcher(); if (matcher != null) { if (matcher.doCredentialsMatch(token, info)) { credentialsValid = true;//from w ww. j ava 2s.c o m } } return credentialsValid; }