Java tutorial
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ package ApacheShiro; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.LockedAccountException; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.config.Ini; import org.apache.shiro.crypto.hash.Md5Hash; import org.apache.shiro.crypto.hash.Sha512Hash; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.realm.text.IniRealm; import org.apache.shiro.subject.Subject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; /** * * @author Josafat */ public class ShiroMVC { private static final transient Logger log = LoggerFactory.getLogger(ShiroMVC.class); DefaultSecurityManager defaultSecurityManager; Ini.Section usuarios; Ini.Section roles; Ini ini; Subject currentUser; public ShiroMVC() { } public void CrearIni() { defaultSecurityManager = new DefaultSecurityManager(); ini = new Ini(); usuarios = ini.addSection(IniRealm.USERS_SECTION_NAME); roles = ini.addSection(IniRealm.ROLES_SECTION_NAME); // defaultSecurityManager.setRealm(new IniRealm(ini)); // SecurityUtils.setSecurityManager(defaultSecurityManager); } public void AgregarUsuario(String nombreUsuario, String Contrasea, String Rol) { String ContraseaEncriptada = Contrasea;//EncriptarContrasea(Contrasea); usuarios.put(nombreUsuario, ContraseaEncriptada + ", " + Rol); defaultSecurityManager.setRealm(new IniRealm(ini)); SecurityUtils.setSecurityManager(defaultSecurityManager); System.out.println("contrasea encriptada de " + nombreUsuario + ": " + ContraseaEncriptada); } public void AgregarRol(String nombreRol, String Permisos) { roles.put(nombreRol, Permisos); defaultSecurityManager.setRealm(new IniRealm(ini)); SecurityUtils.setSecurityManager(defaultSecurityManager); } public String EncriptarContrasea(String password) { String encodedPassword = new Md5Hash(password).toBase64(); return encodedPassword; } public boolean AutentificarUsuario(String usuario, String ContraseaEncriptada) { currentUser = SecurityUtils.getSubject(); boolean controlAutenticar = false; if (!currentUser.isAuthenticated()) { UsernamePasswordToken token = new UsernamePasswordToken(usuario, ContraseaEncriptada); token.setRememberMe(true); try { currentUser.login(token); controlAutenticar = true; } catch (UnknownAccountException uae) { log.info("There is no user with username of " + token.getPrincipal()); } catch (IncorrectCredentialsException ice) { log.info("Password for account " + token.getPrincipal() + " was incorrect!"); } catch (LockedAccountException lae) { log.info("The account for username " + token.getPrincipal() + " is locked. " + "Please contact your administrator to unlock it."); } // ... catch more exceptions here (maybe custom ones specific to your application? catch (AuthenticationException ae) { //unexpected condition? error? } } log.info("User [" + currentUser.getPrincipal() + "] logged in successfully."); return controlAutenticar; } public boolean AutentificarRol(String Rol) { currentUser = SecurityUtils.getSubject(); boolean autentificarRol; if (currentUser.hasRole(Rol)) { log.info("eres " + Rol); autentificarRol = true; } else { log.info("no eres " + Rol); autentificarRol = false; } return autentificarRol; } public boolean AutentificarPermisos(String permiso) { currentUser = SecurityUtils.getSubject(); boolean autentificarPermiso; if (currentUser.isPermitted(permiso)) { log.info("Tienes permsiso para: " + permiso); autentificarPermiso = true; } else { log.info("Sorry, no tienes permiso para: " + permiso); autentificarPermiso = false; } return autentificarPermiso; } public void SalirCuenta() { currentUser.logout(); log.info("Salida con exito"); } public void vaciarUsuarios() { usuarios.clear(); } }