List of usage examples for org.apache.shiro.authc UsernamePasswordToken getPassword
public char[] getPassword()
From source file:be.rubus.octopus.jsr375.demo.AppAuthentication.java
License:Apache License
@Override public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) { if (token instanceof UsernamePasswordToken) { UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token; AuthenticationInfoBuilder authenticationInfoBuilder = new AuthenticationInfoBuilder(); authenticationInfoBuilder.principalId(principalId++).name(token.getPrincipal().toString()); authenticationInfoBuilder.password(usernamePasswordToken.getPassword()); authenticationInfoBuilder.externalPasswordCheck(); return authenticationInfoBuilder.build(); }/*from w w w .j av a 2 s. c o m*/ return null; }
From source file:be.rubus.octopus.jsr375.demo.jsr375.IdentityStoreMatcher.java
License:Apache License
@Override public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { UsernamePasswordToken credentials = (UsernamePasswordToken) token; Password password = new Password(credentials.getPassword()); UsernamePasswordCredential credential = new UsernamePasswordCredential(credentials.getUsername(), password); CredentialValidationResult validationResult = identityStore.validate(credential); boolean result = validationResult.getStatus().equals(CredentialValidationResult.Status.VALID); if (result) { ExternalPasswordAuthenticationInfo authenticationInfo = (ExternalPasswordAuthenticationInfo) info; authenticationInfo.addUserInfo(CALLER_GROUPS, createUserInfo(validationResult.getCallerGroups())); authenticationInfo.addUserInfo(CALLER_ROLES, createUserInfo(validationResult.getCallerRoles())); }/*from w w w .j a v a 2 s.co m*/ return result; }
From source file:biz.neustar.nexus.plugins.gitlab.GitlabAuthenticatingRealm.java
License:Open Source License
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { if (!(authenticationToken instanceof UsernamePasswordToken)) { throw new UnsupportedTokenException("Token of type " + authenticationToken.getClass().getName() + " is not supported. A " + UsernamePasswordToken.class.getName() + " is required."); }//from w w w . ja v a 2 s . c om UsernamePasswordToken userPass = (UsernamePasswordToken) authenticationToken; String token = new String(userPass.getPassword()); String username = userPass.getUsername(); if (token.isEmpty()) { LOGGER.debug(GITLAB_MSG + "token for {} is empty", username); return null; } try { LOGGER.debug(GITLAB_MSG + "authenticating {}", username); LOGGER.debug(GITLAB_MSG + "null? " + (gitlab == null)); LOGGER.debug(GITLAB_MSG + "null? " + (gitlab.getRestClient() == null)); GitlabUser gitlabUser = gitlab.getRestClient().getUser(username, token); User user = gitlabUser.toUser(); if (user.getStatus() != UserStatus.active) { LOGGER.debug(GITLAB_MSG + "authentication failed {}", user); throw new AuthenticationException(DISABLED_USER_MESSAGE + " for " + username); } if (user.getUserId() == null || user.getUserId().isEmpty()) { LOGGER.debug(GITLAB_MSG + "authentication failed {}", user); throw new AuthenticationException(DEFAULT_MESSAGE + " for " + username); } LOGGER.debug(GITLAB_MSG + "successfully authenticated {}", username); return new SimpleAuthenticationInfo(gitlabUser, userPass.getCredentials(), getName()); } catch (Exception e) { LOGGER.debug(GITLAB_MSG + "authentication failed {}", username); throw new AuthenticationException(DEFAULT_MESSAGE, e); } }
From source file:cn.com.qiqi.order.web.system.security.ShiroDbRealm.java
License:Apache License
/** * ?,.//from www .j a v a2s . c o m */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException { UsernamePasswordToken token = (UsernamePasswordToken) authcToken; User user = userService.findUserByUserName(token.getUsername()); if (user != null) { if (user.getStatus() != 1) { Subject subject = SecurityUtils.getSubject(); subject.getSession().setAttribute(Constants.CURRENT_USER_NAME, user.getUserName()); throw new DisabledAccountException(); } String md5 = Encodes.encodeHex( Digests.md5(String.valueOf(token.getPassword()).getBytes(), user.getUserName().getBytes(), 1)); if (!user.getPassword().equals(md5)) { throw new IncorrectCredentialsException(); } sysLogService.log("", "", user.getUserName(), SysLog.INFO, token.getHost(), SysLog.USER); Subject subject = SecurityUtils.getSubject(); subject.getSession().setAttribute(Constants.CURRENT_USER_NAME, user.getUserName()); return new SimpleAuthenticationInfo(new ShiroUser(user.getId(), user.getUserName(), user.getRealName()), user.getPassword(), ByteSource.Util.bytes(user.getUserName()), getName()); } else { throw new UnknownAccountException(); } }
From source file:cn.ilongfei.shiro.util.ShiroRealmImpl.java
License:Apache License
/** * AuthenticationInfo represents a Subject's (aka user's) stored account * information relevant to the authentication/log-in process only. *//* w ww. j av a 2 s . c om*/ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { /** * Constructor that takes in a single 'primary' principal of the * account, its corresponding hashed credentials, the salt used to hash * the credentials, and the name of the realm to associate with the * principals. This is a convenience constructor and will construct a * PrincipalCollection based on the principal and realmName argument. * * * Parameters: * * principal - the 'primary' principal associated with the specified * realm. hashedCredentials - the hashed credentials that verify the * given principal. credentialsSalt - the salt used when hashing the * given hashedCredentials realmName - the realm from where the * principal and credentials were acquired. */ UsernamePasswordToken usernamePasswordToke = (UsernamePasswordToken) token; String username = usernamePasswordToke.getUsername(); String encodedPassword = new Sha256Hash(usernamePasswordToke.getPassword()).toBase64(); System.out.println("====================? begin =========================="); System.out.println("username: " + username); System.out.println("password: " + encodedPassword); System.out.println("principal: " + usernamePasswordToke.getPrincipal()); System.out.println("======================? end ========================"); return new SimpleAuthenticationInfo(new ShiroUser("admin", "00011", ""), String.valueOf(usernamePasswordToke.getPassword()), ByteSource.Util.bytes("admin"), getName()); }
From source file:com.attendance.manage.security.AuthenticationRealm.java
License:Open Source License
/** * ???/* w w w.j a v a 2 s . co m*/ * * @param token * * @return ?? */ @Override protected AuthenticationInfo doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token) { System.out.println("in aut"); UsernamePasswordToken authenticationToken = (UsernamePasswordToken) token; String username = authenticationToken.getUsername(); String password = new String(authenticationToken.getPassword()); if (username != null && password != null) { Stuff admin = stuffServiceImpl.findByUsername(username); if (admin == null) { throw new UnknownAccountException(); } if (!password.equals(admin.getPassword())) { int loginFailureCount = admin.getLoginFailureCount() + 1; admin.setLoginFailureCount(loginFailureCount); stuffServiceImpl.updateByPrimaryKey(admin); throw new IncorrectCredentialsException(); } // md5 // if (!DigestUtils.md5Hex(password).equals(admin.getPassword())) { // int loginFailureCount = admin.getLoginFailureCount() + 1; // admin.setLoginFailureCount(loginFailureCount); // adminService.updateByPrimaryKey(admin); // throw new IncorrectCredentialsException(); // } admin.setLoginDate(new Date()); admin.setLoginFailureCount(0); stuffServiceImpl.updateByPrimaryKey(admin); return new SimpleAuthenticationInfo(username, password, getName()); } throw new UnknownAccountException(); }
From source file:com.bennavetta.appsite.security.SCryptCredentialsMatcher.java
License:Apache License
@Override public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { UsernamePasswordToken login = (UsernamePasswordToken) token; String given = new String(login.getPassword()); boolean result = SCryptUtil.check(given, info.getCredentials().toString()); if (result) { log.trace("Credentials match for {}", token); } else {//from ww w . j av a 2s . c o m log.trace("Credentials don't match for {}", token); } return result; }
From source file:com.blazarquant.bfp.core.security.config.BcryptCredentialsMatcher.java
License:Apache License
@Override public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { final UsernamePasswordToken upToken = (UsernamePasswordToken) token; String storedBcryptPassword;/* w w w.jav a 2s . c o m*/ if (info.getCredentials() instanceof char[]) { storedBcryptPassword = new String((char[]) info.getCredentials()); } else { storedBcryptPassword = info.getCredentials().toString(); } final String assertedPlaintextPassword = new String(upToken.getPassword()); return BCrypt.checkpw(assertedPlaintextPassword, storedBcryptPassword); }
From source file:com.citylife.backend.shiro.ShiroDbRealm.java
License:Apache License
/** * ?,./* w w w . j a v a2 s. co m*/ */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { //token???? UsernamePasswordToken upToken = (UsernamePasswordToken) token; //??? String tel = upToken.getUsername(); String password = String.valueOf(upToken.getPassword()); //TODO ?????info?AuthenticationException SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(tel, password.toCharArray(), getName()); System.out.println("?,."); return info; }
From source file:com.digitalplay.network.ireader.shiro.ShiroDbRealm.java
License:Apache License
/** * ?,./*w ww . j a v a 2s .c o m*/ */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) authcToken; String username = upToken.getUsername().trim(); String password = ""; if (upToken.getPassword() != null) { password = new String(upToken.getPassword()); } User user = null; try { user = userService.login(username, password); } catch (UserNotExistsException e) { throw new UnknownAccountException(e.getMessage(), e); } catch (UserPasswordNotMatchException e) { throw new AuthenticationException(e.getMessage(), e); } catch (UserPasswordRetryLimitExceedException e) { throw new ExcessiveAttemptsException(e.getMessage(), e); } catch (UserBlockedException e) { throw new LockedAccountException(e.getMessage(), e); } catch (Exception e) { throw new AuthenticationException(new UserException("user.unknown.error", null)); } SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user.getUsername(), password.toCharArray(), getName()); return info; }