Examples with SimpleAuthenticationInfo org.apache.shiro.authc.SimpleAuthenticationInfo used on opensource projects

Example 6 with SimpleAuthenticationInfo

use of org.apache.shiro.authc.SimpleAuthenticationInfo in project vip by guangdada.

the class ShiroFactroy method info.

@Override
public SimpleAuthenticationInfo info(ShiroUser shiroUser, User user, String realmName) {
    String credentials = user.getPassword();
    // 密码加盐处理
    String source = user.getSalt();
    ByteSource credentialsSalt = new Md5Hash(source);
    return new SimpleAuthenticationInfo(shiroUser, credentials, credentialsSalt, realmName);
}

Example 7 with SimpleAuthenticationInfo

use of org.apache.shiro.authc.SimpleAuthenticationInfo in project Spring-Family by Sierou-Java.

the class MyShiroRealm method doGetAuthenticationInfo.

// ////////////////////////////////////////////////////////身份认证 START //////////////////////////////////////////////////////
/**
 * 认证信息.(身份验证)
 * :
 * Authentication 是用来验证用户身份
 * @param token
 * @return
 * @throws AuthenticationException
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    System.out.println("MyShiroRealm.doGetAuthenticationInfo()");
    // 获取用户的输入的账号.
    String username = (String) token.getPrincipal();
    System.out.println(token.getCredentials());
    // 通过username从数据库中查找 User对象，如果找到，没找到.
    // 实际项目中，这里可以根据实际情况做缓存，如果不做，Shiro自己也是有时间间隔机制，2分钟内不会重复执行该方法
    UserInfo userInfo = userInfoService.findByUsername(username);
    System.out.println("MyShiroRealm.doGetAuthenticationInfo():----->>userInfo=" + userInfo);
    if (userInfo == null) {
        return null;
    }
    /*
		 * 获取权限信息:这里没有进行实现，
		 * 请自行根据UserInfo,Role,Permission进行实现；
		 * 获取之后可以在前端for循环显示所有链接;
		 */
    // userInfo.setPermissions(userService.findPermissions(user));
    // 账号判断;
    // 加密方式;
    // 交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配，如果觉得人家的不好可以自定义实现
    SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(// 用户名
    userInfo, // 密码
    userInfo.getPassword(), // salt=username+salt
    ByteSource.Util.bytes(userInfo.getCredentialsSalt()), // realm name
    getName());
    return authenticationInfo;
}

Example 8 with SimpleAuthenticationInfo

use of org.apache.shiro.authc.SimpleAuthenticationInfo in project shiro by apache.

the class JdbcRealm method doGetAuthenticationInfo.

/*--------------------------------------------
    |               M E T H O D S               |
    ============================================*/
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    UsernamePasswordToken upToken = (UsernamePasswordToken) token;
    String username = upToken.getUsername();
    // Null username is invalid
    if (username == null) {
        throw new AccountException("Null usernames are not allowed by this realm.");
    }
    Connection conn = null;
    SimpleAuthenticationInfo info = null;
    try {
        conn = dataSource.getConnection();
        String password = null;
        String salt = null;
        switch(saltStyle) {
            case NO_SALT:
                password = getPasswordForUser(conn, username)[0];
                break;
            case CRYPT:
                // TODO: separate password and hash from getPasswordForUser[0]
                throw new ConfigurationException("Not implemented yet");
            // break;
            case COLUMN:
                String[] queryResults = getPasswordForUser(conn, username);
                password = queryResults[0];
                salt = queryResults[1];
                break;
            case EXTERNAL:
                password = getPasswordForUser(conn, username)[0];
                salt = getSaltForUser(username);
        }
        if (password == null) {
            throw new UnknownAccountException("No account found for user [" + username + "]");
        }
        info = new SimpleAuthenticationInfo(username, password.toCharArray(), getName());
        if (salt != null) {
            info.setCredentialsSalt(ByteSource.Util.bytes(salt));
        }
    } catch (SQLException e) {
        final String message = "There was a SQL error while authenticating user [" + username + "]";
        if (log.isErrorEnabled()) {
            log.error(message, e);
        }
        // Rethrow any SQL errors as an authentication exception
        throw new AuthenticationException(message, e);
    } finally {
        JdbcUtils.closeConnection(conn);
    }
    return info;
}

Example 9 with SimpleAuthenticationInfo

use of org.apache.shiro.authc.SimpleAuthenticationInfo in project shiro by apache.

the class AbstractHashedCredentialsMatcherTest method testBasic.

@Test
public void testBasic() {
    CredentialsMatcher matcher = (CredentialsMatcher) ClassUtils.newInstance(getMatcherClass());
    byte[] hashed = hash("password").getBytes();
    AuthenticationInfo account = new SimpleAuthenticationInfo("username", hashed, "realmName");
    AuthenticationToken token = new UsernamePasswordToken("username", "password");
    assertTrue(matcher.doCredentialsMatch(token, account));
}

Example 10 with SimpleAuthenticationInfo

use of org.apache.shiro.authc.SimpleAuthenticationInfo in project shiro by apache.

the class CookieRememberMeManagerTest method onSuccessfulLogin.

@Test
public void onSuccessfulLogin() {
    HttpServletRequest mockRequest = createNiceMock(HttpServletRequest.class);
    HttpServletResponse mockResponse = createNiceMock(HttpServletResponse.class);
    WebSubject mockSubject = createNiceMock(WebSubject.class);
    expect(mockSubject.getServletRequest()).andReturn(mockRequest).anyTimes();
    expect(mockSubject.getServletResponse()).andReturn(mockResponse).anyTimes();
    CookieRememberMeManager mgr = new CookieRememberMeManager();
    org.apache.shiro.web.servlet.Cookie cookie = createMock(org.apache.shiro.web.servlet.Cookie.class);
    mgr.setCookie(cookie);
    // first remove any previous cookie
    cookie.removeFrom(isA(HttpServletRequest.class), isA(HttpServletResponse.class));
    // then ensure a new cookie is created by reading the template's attributes:
    expect(cookie.getName()).andReturn("rememberMe");
    expect(cookie.getValue()).andReturn(null);
    expect(cookie.getComment()).andReturn(null);
    expect(cookie.getDomain()).andReturn(null);
    expect(cookie.getPath()).andReturn(null);
    expect(cookie.getMaxAge()).andReturn(SimpleCookie.DEFAULT_MAX_AGE);
    expect(cookie.getVersion()).andReturn(SimpleCookie.DEFAULT_VERSION);
    expect(cookie.isSecure()).andReturn(false);
    expect(cookie.isHttpOnly()).andReturn(true);
    UsernamePasswordToken token = new UsernamePasswordToken("user", "secret");
    token.setRememberMe(true);
    AuthenticationInfo account = new SimpleAuthenticationInfo("user", "secret", "test");
    replay(mockSubject);
    replay(mockRequest);
    replay(cookie);
    mgr.onSuccessfulLogin(mockSubject, token, account);
    verify(mockRequest);
    verify(mockSubject);
    verify(cookie);
}