Examples with UsernamePasswordToken org.apache.shiro.authc.UsernamePasswordToken used on opensource projects

Example 86 with UsernamePasswordToken

use of org.apache.shiro.authc.UsernamePasswordToken in project shiro by apache.

the class SimpleAccountRealm method doGetAuthenticationInfo.

protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    UsernamePasswordToken upToken = (UsernamePasswordToken) token;
    SimpleAccount account = getUser(upToken.getUsername());
    if (account != null) {
        if (account.isLocked()) {
            throw new LockedAccountException("Account [" + account + "] is locked.");
        }
        if (account.isCredentialsExpired()) {
            String msg = "The credentials for account [" + account + "] are expired";
            throw new ExpiredCredentialsException(msg);
        }
    }
    return account;
}

Example 87 with UsernamePasswordToken

use of org.apache.shiro.authc.UsernamePasswordToken in project shiro by apache.

the class ActiveDirectoryRealm method queryForAuthenticationInfo.

/*--------------------------------------------
    |               M E T H O D S               |
    ============================================*/
/**
 * Builds an {@link AuthenticationInfo} object by querying the active directory LDAP context for the
 * specified username.  This method binds to the LDAP server using the provided username and password -
 * which if successful, indicates that the password is correct.
 * <p/>
 * This method can be overridden by subclasses to query the LDAP server in a more complex way.
 *
 * @param token              the authentication token provided by the user.
 * @param ldapContextFactory the factory used to build connections to the LDAP server.
 * @return an {@link AuthenticationInfo} instance containing information retrieved from LDAP.
 * @throws NamingException if any LDAP errors occur during the search.
 */
protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
    UsernamePasswordToken upToken = (UsernamePasswordToken) token;
    // Binds using the username and password provided by the user.
    LdapContext ctx = null;
    try {
        ctx = ldapContextFactory.getLdapContext(upToken.getUsername(), String.valueOf(upToken.getPassword()));
    } finally {
        LdapUtils.closeContext(ctx);
    }
    return buildAuthenticationInfo(upToken.getUsername(), upToken.getPassword());
}

Example 88 with UsernamePasswordToken

use of org.apache.shiro.authc.UsernamePasswordToken in project shiro by apache.

the class HashedCredentialsMatcherTest method testSaltedAuthenticationInfo.

/**
 * Test new Shiro 1.1 functionality, where the salt is obtained from the stored account information, as it
 * should be.  See <a href="https://issues.apache.org/jira/browse/SHIRO-186">SHIRO-186</a>
 */
@Test
public void testSaltedAuthenticationInfo() {
    // use SHA-1 hashing in this test:
    HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(Sha1Hash.ALGORITHM_NAME);
    // simulate a user account with a SHA-1 hashed and salted password:
    ByteSource salt = new SecureRandomNumberGenerator().nextBytes();
    Object hashedPassword = new Sha1Hash("password", salt);
    SimpleAuthenticationInfo account = new SimpleAuthenticationInfo("username", hashedPassword, salt, "realmName");
    // simulate a username/password (plaintext) token created in response to a login attempt:
    AuthenticationToken token = new UsernamePasswordToken("username", "password");
    // verify the hashed token matches what is in the account:
    assertTrue(matcher.doCredentialsMatch(token, account));
}

Example 89 with UsernamePasswordToken

use of org.apache.shiro.authc.UsernamePasswordToken in project shiro by apache.

the class HashedCredentialsMatcherTest method testBackwardsCompatibleSaltedAuthenticationInfo.

/**
 * Test backwards compatibility of salted credentials before
 * <a href="https://issues.apache.org/jira/browse/SHIRO-186">SHIRO-186</a> edits.
 */
@Test
public void testBackwardsCompatibleSaltedAuthenticationInfo() {
    HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(Sha1Hash.ALGORITHM_NAME);
    // enable this for Shiro 1.0 backwards compatibility:
    matcher.setHashSalted(true);
    // simulate an account with SHA-1 hashed password, using the username as the salt
    // (BAD IDEA, but backwards-compatible):
    final String username = "username";
    final String password = "password";
    final Object hashedPassword = new Sha1Hash(password, username).getBytes();
    AuthenticationInfo account = new AuthenticationInfo() {

        public PrincipalCollection getPrincipals() {
            return new SimplePrincipalCollection(username, "realmName");
        }

        public Object getCredentials() {
            return hashedPassword;
        }
    };
    // simulate a username/password (plaintext) token created in response to a login attempt:
    AuthenticationToken token = new UsernamePasswordToken("username", "password");
    // verify the hashed token matches what is in the account:
    assertTrue(matcher.doCredentialsMatch(token, account));
}

Example 90 with UsernamePasswordToken

use of org.apache.shiro.authc.UsernamePasswordToken in project shiro by apache.

the class DefaultLdapRealmTest method testGetAuthenticationInfoNamingAuthenticationException.

@Test(expected = AuthenticationException.class)
public void testGetAuthenticationInfoNamingAuthenticationException() throws NamingException {
    realm.setUserDnTemplate("uid={0},ou=users,dc=mycompany,dc=com");
    LdapContextFactory factory = createMock(LdapContextFactory.class);
    realm.setContextFactory(factory);
    expect(factory.getLdapContext(isA(Object.class), isA(Object.class))).andThrow(new javax.naming.AuthenticationException("LDAP Authentication failed."));
    replay(factory);
    realm.getAuthenticationInfo(new UsernamePasswordToken("jsmith", "secret"));
}