List of usage examples for org.apache.shiro.authc UsernamePasswordToken UsernamePasswordToken
public UsernamePasswordToken(final String username, final String password, final boolean rememberMe, final String host)
From source file:cn.dreampie.shiro.ShiroAuthenticatingFilter.java
License:Apache License
protected UsernamePasswordToken createToken(String username, String password, boolean rememberMe, String host) { return new UsernamePasswordToken(username, password, rememberMe, host); }
From source file:com.infinities.skyport.vnc.impl.BasicHttpAuthenticationFilter.java
License:Apache License
protected AuthenticationToken createToken(String username, String password, boolean rememberMe, String host) { return new UsernamePasswordToken(username, password, rememberMe, host); }
From source file:com.kelson.keeku.security.MyFormAuthenticationFilter.java
License:Apache License
@Override protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception { String username = getUsername(request); String password = getPassword(request); boolean isAjaxLogin = StringUtils.equals(WebUtils.getCleanParam(request, "ajaxLogin"), "1"); boolean rememberMe = isRememberMe(request); String host = getHost(request); UsernamePasswordToken token = new UsernamePasswordToken(username, password, rememberMe, host); try {//from www. ja v a 2 s . c o m Subject subject = getSubject(request, response); subject.login(token); Session session = subject.getSession(); Integer userId = (Integer) session.getAttribute("userId"); LoggerUtil.operation(Operation.Login, String.valueOf(userId) + "has logined", (HttpServletRequest) request); if (isAjaxLogin) { if (StringUtils.equals(WebUtils.getCleanParam(request, "needRedirect"), "1")) {//when login successfully by ajax login and redirect to backurl SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(request); if (savedRequest != null && savedRequest.getMethod().equalsIgnoreCase(AccessControlFilter.GET_METHOD)) { request.setAttribute("backUrl", savedRequest.getRequestUrl()); } } return true; } else { return onLoginSuccess(token, subject, request, response); } } catch (AuthenticationException e) { if (SecurityUtils.getSubject().getSession(false) != null) { SecurityUtils.getSubject().getSession(false).removeAttribute("userId"); } return onLoginFailure(token, e, request, response); } }
From source file:com.stormpath.shiro.servlet.mvc.ShiroLoginController.java
License:Apache License
@Override protected ViewModel onValidSubmit(HttpServletRequest request, HttpServletResponse response, Form form) throws Exception { String usernameOrEmail = form.getFieldValue("login"); String password = form.getFieldValue("password"); String host = request.getRemoteHost(); AuthenticationToken token = new UsernamePasswordToken(usernameOrEmail, password, false, host); try {// ww w . ja v a 2 s . c o m Subject subject = SecurityUtils.getSubject(); subject.login(token); return new DefaultViewModel(getNextUri(request)).setRedirect(true); } catch (AuthenticationException e) { String msg = "Unable to authenticate account for submitted username [" + usernameOrEmail + "]."; throw new ServletException(msg, e); } }
From source file:com.vallourec.zebra.modules.sys.security.FormAuthenticationFilter.java
License:Open Source License
protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) { String username = getUsername(request); String password = getPassword(request); if (password == null) { password = ""; }/*from w ww . ja v a2s . c o m*/ boolean rememberMe = isRememberMe(request); String host = getHost(request); return new UsernamePasswordToken(username, password.toCharArray(), rememberMe, host); }
From source file:org.commonjava.routem.webctl.couch.ShiroBasicAuthenticationFilter.java
License:Apache License
@Override protected AuthenticationToken createToken(final String username, final String password, final boolean rememberMe, final String host) { return new UsernamePasswordToken(username, passwordManager.digestPassword(password), rememberMe, host); }
From source file:org.icgc.dcc.submission.shiro.ShiroPasswordAuthenticator.java
License:Open Source License
private void login(final String username, final char[] password, final String host, Subject subject) { // Build token from credentials val token = new UsernamePasswordToken(username, password, false, host); try {/*from www . j a va 2s . c o m*/ // Attempt to login user subject.login(token); } catch (UnknownAccountException uae) { removeSubject(); log.info("There is no user with username of '{}'", token.getPrincipal()); } catch (IncorrectCredentialsException ice) { removeSubject(); log.info("Password for user '{}' was incorrect!", token.getPrincipal()); } catch (LockedAccountException lae) { // TODO: look into this rather than using above hack? removeSubject(); log.info("The account for user '{}' is locked. Please contact your administrator to unlock it.", token.getPrincipal()); } catch (AuthenticationException ae) { // FIXME: it seems invalid credentials actually result in: // org.apache.shiro.authc.AuthenticationException: Authentication token of // type [class org.apache.shiro.authc.UsernamePasswordToken] could not be // authenticated by any configured realms. Please ensure that at least one // realm can authenticate these tokens. (not IncorrectCredentialsException) removeSubject(); log.error("Unknown error logging in user '{}'. Please contact your administrator.", token.getPrincipal()); } }