Search in sources :

Example 61 with UsernamePasswordToken

use of org.apache.shiro.authc.UsernamePasswordToken in project bamboobsc by billchen198318.

the class BackgroundProgramUserUtils method login.

public static void login() throws Exception {
    if (factory == null || securityManager == null) {
        throw new Exception("Security manager is null!");
    }
    SecurityUtils.setSecurityManager(securityManager);
    Subject subject = SecurityUtils.getSubject();
    UsernamePasswordToken token = new UsernamePasswordToken(Constants.SYSTEM_BACKGROUND_USER, Constants.SYSTEM_BACKGROUND_PASSWORD);
    subject.login(token);
    subjectThreadLocal.set(subject);
}
Also used : Subject(org.apache.shiro.subject.Subject) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)

Example 62 with UsernamePasswordToken

use of org.apache.shiro.authc.UsernamePasswordToken in project bamboobsc by billchen198318.

the class SubjectBuilderForBackground method login.

public static void login() throws Exception {
    Factory<org.apache.shiro.mgt.SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
    org.apache.shiro.mgt.SecurityManager securityManager = (org.apache.shiro.mgt.SecurityManager) factory.getInstance();
    SecurityUtils.setSecurityManager(securityManager);
    Subject currentUser = SecurityUtils.getSubject();
    UsernamePasswordToken token = new UsernamePasswordToken(Constants.SYSTEM_BACKGROUND_USER, Constants.SYSTEM_BACKGROUND_PASSWORD);
    currentUser.login(token);
//System.out.println(currentUser.hasRole("admin"));
//System.out.println(currentUser.hasRole("*"));
}
Also used : IniSecurityManagerFactory(org.apache.shiro.config.IniSecurityManagerFactory) Subject(org.apache.shiro.subject.Subject) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)

Example 63 with UsernamePasswordToken

use of org.apache.shiro.authc.UsernamePasswordToken in project tesla by linking12.

the class AbstractAuthorizeHandler method createUsernamePasswordToken.

private UsernamePasswordToken createUsernamePasswordToken() {
    final HttpServletRequest request = oauthRequest.request();
    final String username = request.getParameter(REQUEST_USERNAME);
    String password = request.getParameter(REQUEST_PASSWORD);
    password = MD5Utils.encrypt(username, password);
    return new UsernamePasswordToken(username, password);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)

Example 64 with UsernamePasswordToken

use of org.apache.shiro.authc.UsernamePasswordToken in project testcases by coheigea.

the class ShiroUTValidator method validate.

public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
    if (credential == null || credential.getUsernametoken() == null) {
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCredential");
    }
    // Validate the UsernameToken
    UsernameToken usernameToken = credential.getUsernametoken();
    String pwType = usernameToken.getPasswordType();
    if (log.isDebugEnabled()) {
        log.debug("UsernameToken user " + usernameToken.getName());
        log.debug("UsernameToken password type " + pwType);
    }
    if (!WSConstants.PASSWORD_TEXT.equals(pwType)) {
        if (log.isDebugEnabled()) {
            log.debug("Authentication failed - digest passwords are not accepted");
        }
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
    }
    if (usernameToken.getPassword() == null) {
        if (log.isDebugEnabled()) {
            log.debug("Authentication failed - no password was provided");
        }
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
    }
    // Validate it via Shiro
    Subject currentUser = SecurityUtils.getSubject();
    UsernamePasswordToken token = new UsernamePasswordToken(usernameToken.getName(), usernameToken.getPassword());
    try {
        currentUser.login(token);
    } catch (AuthenticationException ex) {
        if (log.isDebugEnabled()) {
            log.debug(ex.getMessage(), ex);
        }
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
    }
    // Perform authorization check
    if (!requiredRoles.isEmpty() && !currentUser.hasAllRoles(requiredRoles)) {
        log.debug("Authorization failed for authenticated user");
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
    }
    return credential;
}
Also used : AuthenticationException(org.apache.shiro.authc.AuthenticationException) UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) Subject(org.apache.shiro.subject.Subject) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)

Example 65 with UsernamePasswordToken

use of org.apache.shiro.authc.UsernamePasswordToken in project vip by guangdada.

the class ShiroDbRealm method doGetAuthenticationInfo.

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
    IShiro shiroFactory = ShiroFactroy.me();
    UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
    User user = shiroFactory.user(token.getUsername());
    ShiroUser shiroUser = shiroFactory.shiroUser(user);
    SimpleAuthenticationInfo info = shiroFactory.info(shiroUser, user, super.getName());
    return info;
}
Also used : User(com.ikoori.vip.common.persistence.model.User) SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo) IShiro(com.ikoori.vip.server.core.shiro.factory.IShiro) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)

Aggregations

UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)118 Subject (org.apache.shiro.subject.Subject)52 Test (org.junit.Test)30 AuthenticationException (org.apache.shiro.authc.AuthenticationException)28 AuthenticationToken (org.apache.shiro.authc.AuthenticationToken)28 SimpleAuthenticationInfo (org.apache.shiro.authc.SimpleAuthenticationInfo)19 AuthenticationInfo (org.apache.shiro.authc.AuthenticationInfo)16 HttpServletRequest (javax.servlet.http.HttpServletRequest)11 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)11 Test (org.testng.annotations.Test)11 LockedAccountException (org.apache.shiro.authc.LockedAccountException)10 IncorrectCredentialsException (org.apache.shiro.authc.IncorrectCredentialsException)9 UnknownAccountException (org.apache.shiro.authc.UnknownAccountException)9 HttpServletResponse (javax.servlet.http.HttpServletResponse)8 DelegatingSubject (org.apache.shiro.subject.support.DelegatingSubject)7 Session (org.apache.shiro.session.Session)6 SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)6 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)6 DisabledAccountException (org.apache.shiro.authc.DisabledAccountException)4 AuthorizationInfo (org.apache.shiro.authz.AuthorizationInfo)4