List of usage examples for org.apache.shiro.authc.credential DefaultPasswordService DefaultPasswordService
public DefaultPasswordService()
From source file:br.com.criativasoft.opendevice.middleware.persistence.dao.jpa.UserJPA.java
License:Open Source License
@Override public User createUser(Account account, String username, String password) { User user = new User(); user.setUsername(username);//from ww w. j ava2 s . c o m user.setPassword(password); //Encrypt DefaultPasswordService service = new DefaultPasswordService(); DefaultHashService hashService = (DefaultHashService) service.getHashService(); hashService.setHashIterations(1); user.setPassword(service.encryptPassword(user.getPassword())); UserAccount userAccount = new UserAccount(); userAccount.setOwner(account); account.getUserAccounts().add(userAccount); if (account.getId() <= 0) userAccount.setType(AccountType.ACCOUNT_MANAGER); else userAccount.setType(AccountType.USER); userAccount.setUser(user); ApiKey key = new ApiKey(); key.setKey(account.getUuid()); key.setAppName("ApplicationID"); key.setAccount(userAccount); userAccount.getKeys().add(key); user.getAccounts().add(userAccount); persist(user); return user; }
From source file:br.com.criativasoft.opendevice.middleware.test.PopulateDatabase.java
License:Open Source License
private static Account saveUser(String u, String p, AccountType type, String key) { HashingPasswordService service = new DefaultPasswordService(); System.out.println("Saving user: " + u); User user = new User(); user.setUsername(u);/* w w w .jav a 2s .co m*/ user.setPassword(service.encryptPassword(p)); em.persist(user); Account account = new Account(); account.setUuid(key); em.persist(account); UserAccount uaccount = new UserAccount(); uaccount.setType(type); uaccount.setUser(user); uaccount.setOwner(account); em.persist(uaccount); ApiKey apiKey = new ApiKey(); apiKey.setAccount(uaccount); apiKey.setAppName("ApplicationID"); apiKey.setKey(account.getUuid()); uaccount.getKeys().add(apiKey); em.persist(apiKey); em.persist(account); System.out.println("AccountUID :" + account.getUuid()); return account; }
From source file:br.com.criativasoft.opendevice.middleware.test.PopulateInitialData.java
License:Open Source License
private Account saveUser(String u, String p, AccountType type, String key) { HashingPasswordService service = new DefaultPasswordService(); log.info("Saving user: " + u); User user = new User(); user.setUsername(u);/* w w w . j a va 2s . c o m*/ user.setPassword(service.encryptPassword(p)); em.persist(user); Account account = new Account(); account.setUuid(key); em.persist(account); UserAccount uaccount = new UserAccount(); uaccount.setType(type); uaccount.setUser(user); uaccount.setOwner(account); em.persist(uaccount); ApiKey apiKey = new ApiKey(); apiKey.setAccount(uaccount); apiKey.setAppName("ApplicationID"); apiKey.setKey(account.getUuid()); uaccount.getKeys().add(apiKey); em.persist(apiKey); em.persist(account); log.info("AccountUID :" + account.getUuid()); return account; }
From source file:br.com.criativasoft.opendevice.restapi.resources.AccountRest.java
License:Open Source License
@POST @Path("users") @RequiresRoles(AccountType.ROLES.ACCOUNT_MANAGER) public User addUser(User user) { AccountPrincipal principal = (AccountPrincipal) getSubject().getPrincipal(); Account account = dao.getAccountByUID(principal.getAccountUUID()); HashingPasswordService service = new DefaultPasswordService(); user.setPassword(service.encryptPassword(user.getPassword())); // Editing// www . ja v a 2s .c o m if (user.getId() > 0) { boolean contains = dao.existUser(account, user); if (!contains) throw new AuthorizationException("This user does not belong to your account"); userDao.update(user); } else { UserAccount userAccount = new UserAccount(); userAccount.setType(AccountType.USER); userAccount.setOwner(account); userAccount.setUser(user); user.getAccounts().add(userAccount); userDao.persist(user); } return user; }
From source file:br.com.criativasoft.opendevice.wsrest.resource.AuthRest.java
License:Open Source License
private Response doLogin(Subject currentUser, String username, String password, boolean isApiKey) { LOG.debug("Using ApiKey (" + isApiKey + "), username : " + username); Account account = null;//from www.j av a 2 s . com String authtoken = null; boolean logged = false; // Login using: ApiKey if (isApiKey) { account = accountDao.getAccountByApiKey(username); // Generate and cache the 'AuthToken', this will be used in AuthenticationFilter // This token will be used in BearerTokenRealm // TODO: Need configure expire using EhCache if (account != null) { // NOTE(RR): To simplify the development of clients, AuthToken and API Key will be the AccountUUID. // This can be changed in the future (issues #57) // authtoken = UUID.randomUUID().toString(); authtoken = account.getUuid(); // Add token to cache (thid will be used in BearerTokenRealm) DefaultSecurityManager securityManager = (DefaultSecurityManager) SecurityUtils .getSecurityManager(); Cache<Object, Object> cache = securityManager.getCacheManager().getCache(TOKEN_CACHE); cache.put(authtoken, username); // username (is Api_Key in this case) logged = true; } // login using: Form } else if (!currentUser.isAuthenticated()) { try { User user = userDao.getUser(username); if (user == null) throw new AuthenticationException("Incorrect username"); // ckeck plain version (loaded from database) boolean passwordsMatch = password.equals(user.getPassword()); // Check encryption version (provided by user) if (!passwordsMatch) { HashingPasswordService service = new DefaultPasswordService(); passwordsMatch = service.passwordsMatch(password, user.getPassword()); } if (!passwordsMatch) throw new AuthenticationException("Incorrect password"); Set<UserAccount> uaccounts = user.getAccounts(); // Filter normal accounts uaccounts = uaccounts.stream().filter(accountx -> accountx.getType() != AccountType.DEVICE) .collect(Collectors.toSet()); if (uaccounts.isEmpty()) throw new AuthenticationException("No accounts for user"); if (uaccounts.size() > 1) { // TODO: Need return list and redirect to annother page... return ErrorResponse.status(Status.FORBIDDEN, "Multiple Accounts not supported for now !! (open ticket !)"); } AccountAuth token = new AccountAuth(uaccounts.iterator().next().getId(), user.getId()); //token.setRememberMe(false); // to be remembered across sessions currentUser.login(token); // currentUser.getSession(true).setTimeout(xxxxx); if (currentUser.isAuthenticated()) { AccountPrincipal principal = (AccountPrincipal) currentUser.getPrincipal(); logged = true; authtoken = principal.getAccountUUID(); user.setLastLogin(new Date()); } } catch (UnknownAccountException e) { return ErrorResponse.UNAUTHORIZED("Unknown Account"); } catch (IncorrectCredentialsException e) { return ErrorResponse.status(Status.FORBIDDEN, "Incorrect Credentials"); } catch (AuthenticationException e) { return ErrorResponse.UNAUTHORIZED(e.getMessage()); } } if (logged) { return noCache(Response.status(Status.OK).entity("{\"token\":\"" + authtoken + "\"}")); } else { return ErrorResponse.UNAUTHORIZED("Authentication Fail"); } }
From source file:ch.reboundsoft.shinobi.authstore.realm.JdbcRealmFactory.java
@Inject public JdbcRealmFactory(NinjaProperties ninjaProperties, RealmDataSource ds) { realm = new JdbcRealm(); realm.setDataSource(ds.getDataSource()); realm.setAuthenticationQuery(ninjaProperties.get("shinobi.db.authenticationQuery")); realm.setUserRolesQuery(ninjaProperties.get("shinobi.db.userRolesQuery")); realm.setPermissionsQuery(ninjaProperties.get("shinobi.db.permissionsQuery")); realm.setPermissionsLookupEnabled(true); PasswordMatcher pm = new PasswordMatcher(); pm.setPasswordService(new DefaultPasswordService()); realm.setCredentialsMatcher(pm);//w ww .j av a 2 s . c o m }
From source file:com.github.pires.example.ShiroConfiguration.java
License:Apache License
@Bean(name = "passwordService") public DefaultPasswordService passwordService() { return new DefaultPasswordService(); }
From source file:com.josue.shiro.cdi.custom.CustomEnvironmentLoaderListener.java
@Override protected WebEnvironment createEnvironment(ServletContext pServletContext) { WebEnvironment environment = super.createEnvironment(pServletContext); RealmSecurityManager rsm = (RealmSecurityManager) environment.getSecurityManager(); PasswordService passwordService = new DefaultPasswordService(); PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(passwordService); jpaRealm.setCredentialsMatcher(passwordMatcher); rsm.setRealm(jpaRealm);//from w ww. j a v a 2s. c o m ((DefaultWebEnvironment) environment).setSecurityManager(rsm); return environment; }
From source file:com.kalix.framework.webapp.shiro.SecurityProducer.java
License:Apache License
@Produces @ShiroIni @Named public PasswordService passwordService() { return new DefaultPasswordService(); }
From source file:com.lzs.core.support.ShiroDbRealm.java
License:Apache License
/** * ?,./*from ww w . ja v a 2 s . c o m*/ */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException { try { UsernamePasswordToken token = (UsernamePasswordToken) authcToken; String userName = token.getUsername(); String plainPassword = String.valueOf(token.getPassword()); if (userName != null && !"".equals(userName)) { User user = userService.findUniqueBy("username", token.getUsername()); if (user == null || user.getDeleted() == 1) { throw new NoResultException("??"); } PasswordService passwordService = new DefaultPasswordService(); if (passwordService.passwordsMatch(plainPassword, user.getPassword())) { return new SimpleAuthenticationInfo(new ShiroUser(user.getId(), user.getUsername()), plainPassword, getName()); } } } catch (NoResultException e) { RuntimeException re = new RuntimeException("??", e); logger.error(re.getMessage(), re); throw re; } catch (NonUniqueResultException e) { RuntimeException re = new RuntimeException("????", e); logger.error(re.getMessage(), re); throw re; } catch (Exception e) { logger.error("", e); } throw new RuntimeException("??"); }