Example usage for org.apache.shiro.authc SimpleAccount getCredentialsSalt

List of usage examples for org.apache.shiro.authc SimpleAccount getCredentialsSalt

  1. HOME
  2. Java
  3. org.apache.shiro
  4. org.apache.shiro.authc.*
  5. SimpleAccount
  6. getCredentialsSalt

Introduction

In this page you can find the example usage for org.apache.shiro.authc SimpleAccount getCredentialsSalt.

Prototype

public ByteSource getCredentialsSalt()

Source Link

Document

Returns the salt used to hash this Account's credentials (eg for password hashing), or null if no salt was used or credentials were not hashed at all.

Usage

From source file:me.buom.shiro.realm.text.HmacIniRealm.java

License:Apache License

protected void beforeAssertCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
    SimpleAccount account = (SimpleAccount) info;
    if (account != null) {
        // only set credentials salt on the first time!!!
        ByteSource credentialsSalt = (ByteSource) account.getCredentialsSalt();
        if (credentialsSalt == null) {
            Object credentials = account.getCredentials();
            credentialsSalt = ByteSource.Util.bytes(credentials);
            account.setCredentialsSalt(credentialsSalt);
            account.setCredentials(null);
        }/*from www. j  a  v a  2s  .  c  om*/

        Object oldCredentials = account.getCredentials();
        Object stringToSign = hmacBuilder.buildStringToSign((HmacToken) token);
        account.setCredentials(stringToSign);

        if (log.isDebugEnabled()) {
            log.debug("oldCredentials: {}", oldCredentials);
            log.debug("curCredentials: {}", account.getCredentials());
            log.debug("credentialsSalt: {}", account.getCredentialsSalt().toHex());
        }
    }
}