Example usage for org.apache.shiro.authc SimpleAccount setCredentialsSalt

List of usage examples for org.apache.shiro.authc SimpleAccount setCredentialsSalt

  1. HOME
  2. Java
  3. org.apache.shiro
  4. org.apache.shiro.authc.*
  5. SimpleAccount
  6. setCredentialsSalt

Introduction

In this page you can find the example usage for org.apache.shiro.authc SimpleAccount setCredentialsSalt.

Prototype

public void setCredentialsSalt(ByteSource salt)

Source Link

Document

Sets the salt to use to hash this Account's credentials (eg for password hashing), or null if no salt is used or credentials are not hashed at all.

Usage

From source file:com.enioka.jqm.webui.shiro.JpaRealm.java

License:Open Source License

private SimpleAccount getUser(String login) {
    EntityManager em = null;/*from   www  . j a  va  2s .com*/
    try {
        em = Helpers.getEm();
        RUser user = em.createQuery("SELECT u FROM RUser u WHERE UPPER(u.login) = UPPER(:l)", RUser.class)
                .setParameter("l", login).getSingleResult();

        // Credential is a password - in token, it is as a char array
        SimpleAccount res = new SimpleAccount(user.getLogin(), user.getPassword(), getName());

        if (user.getExpirationDate() != null) {
            res.setCredentialsExpired(user.getExpirationDate().before(Calendar.getInstance()));
        } else {
            // No limit = never expires
            res.setCredentialsExpired(false);
        }
        if (user.getHashSalt() != null) {
            res.setCredentialsSalt(ByteSource.Util.bytes(Hex.decode(user.getHashSalt())));
        } else {
            res.setCredentialsSalt(null);
        }
        res.setLocked(user.getLocked());

        // Roles
        for (RRole r : user.getRoles()) {
            res.addRole(r.getName());
            for (RPermission p : r.getPermissions()) {
                res.addStringPermission(p.getName());
            }
        }
        return res;
    } catch (NoResultException e) {
        // No such user in realm
        return null;
    } catch (RuntimeException e) {
        e.printStackTrace();
        throw e;
    } finally {
        em.close();
    }
}

From source file:me.buom.shiro.realm.text.HmacIniRealm.java

License:Apache License

protected void beforeAssertCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
    SimpleAccount account = (SimpleAccount) info;
    if (account != null) {
        // only set credentials salt on the first time!!!
        ByteSource credentialsSalt = (ByteSource) account.getCredentialsSalt();
        if (credentialsSalt == null) {
            Object credentials = account.getCredentials();
            credentialsSalt = ByteSource.Util.bytes(credentials);
            account.setCredentialsSalt(credentialsSalt);
            account.setCredentials(null);
        }/*from  w w w .ja v  a 2s.co m*/

        Object oldCredentials = account.getCredentials();
        Object stringToSign = hmacBuilder.buildStringToSign((HmacToken) token);
        account.setCredentials(stringToSign);

        if (log.isDebugEnabled()) {
            log.debug("oldCredentials: {}", oldCredentials);
            log.debug("curCredentials: {}", account.getCredentials());
            log.debug("credentialsSalt: {}", account.getCredentialsSalt().toHex());
        }
    }
}