Example 6 with UsernamePasswordToken
use of org.apache.shiro.authc.UsernamePasswordToken in project production_ssm by megagao.
the class LoginController method ajaxLogin.
/**
* shiro ajax登录
*/
@RequestMapping(value = "/ajaxLogin")
@ResponseBody
public Map<String, Object> ajaxLogin(@RequestParam String username, @RequestParam String password, @RequestParam(required = false) String randomcode, HttpSession session) throws Exception {
Map<String, Object> map = CollectionsFactory.newHashMap();
if (randomcode != null && !randomcode.equals("")) {
// 取出session的验证码(正确的验证码)
String validateCode = (String) session.getAttribute(VALIDATE_CODE);
// 页面中输入的验证和session中的验证进行对比
if (validateCode != null && !randomcode.equals(validateCode)) {
// 如果校验失败,将验证码错误失败信息放入map中
map.put("msg", "randomcode_error");
// 直接返回,不再校验账号和密码
return map;
}
}
Subject currentUser = SecurityUtils.getSubject();
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
try {
currentUser.login(token);
} catch (UnknownAccountException ex) {
map.put("msg", "account_error");
} catch (IncorrectCredentialsException ex) {
map.put("msg", "password_error");
} catch (AuthenticationException ex) {
map.put("msg", "authentication_error");
}
}
// 返回json数据
return map;
}
Also used :
IncorrectCredentialsException(org.apache.shiro.authc.IncorrectCredentialsException)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
UnknownAccountException(org.apache.shiro.authc.UnknownAccountException)
Subject(org.apache.shiro.subject.Subject)
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 7 with UsernamePasswordToken
use of org.apache.shiro.authc.UsernamePasswordToken in project ART-TIME by Artezio.
the class LoginBean method login.
public String login() {
if (loggedEmployee == null) {
UsernamePasswordToken token = new UsernamePasswordToken(username, password, rememberMe);
SecurityUtils.getSubject().login(token);
}
return calculateOutcom();
}
Also used :
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
Example 8 with UsernamePasswordToken
use of org.apache.shiro.authc.UsernamePasswordToken in project ART-TIME by Artezio.
the class LoginBeanTest method testLogin.
@Test
public void testLogin() throws Exception {
Subject subject = createMock(Subject.class);
setField(loginBean, "username", "admin");
setField(loginBean, "password", "qwerty");
setField(loginBean, "rememberMe", true);
setField(loginBean, "loggedEmployee", null);
setField(loginBean, "externalContext", externalContext);
UsernamePasswordToken token = PowerMock.createMock(UsernamePasswordToken.class);
PowerMock.expectNew(UsernamePasswordToken.class, "admin", "qwerty", true).andReturn(token);
PowerMock.mockStatic(SecurityUtils.class);
expect(SecurityUtils.getSubject()).andReturn(subject);
expect(externalContext.isUserInRole(anyString())).andReturn(true).anyTimes();
subject.login(token);
PowerMock.replayAll(externalContext);
loginBean.login();
PowerMock.verifyAll();
}
Also used :
Subject(org.apache.shiro.subject.Subject)
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
Test(org.junit.Test)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
Example 9 with UsernamePasswordToken
use of org.apache.shiro.authc.UsernamePasswordToken in project ART-TIME by Artezio.
the class AdminRealmTest method testdoGetAuthenticationInfo.
@Test
public void testdoGetAuthenticationInfo() {
Settings settings = new Settings(new EnumMap<>(Setting.Name.class));
settings.setAdminUsername("admin");
AuthenticationToken token = new UsernamePasswordToken("admin", new char[] {});
PowerMock.mockStatic(CDIUtils.class);
expect(CDIUtils.getBean(SettingsService.class)).andReturn(settingsService);
expect(settingsService.getSettings()).andReturn(settings);
PowerMock.replayAll(CDIUtils.class, settingsService);
AuthenticationInfo actual = adminRealm.doGetAuthenticationInfo(token);
PowerMock.verifyAll();
assertNotNull(actual);
assertTrue(actual instanceof SimpleAccount);
}
Also used :
SimpleAccount(org.apache.shiro.authc.SimpleAccount)
AuthenticationToken(org.apache.shiro.authc.AuthenticationToken)
Settings(com.artezio.arttime.config.Settings)
AuthenticationInfo(org.apache.shiro.authc.AuthenticationInfo)
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
Test(org.junit.Test)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
Example 10 with UsernamePasswordToken
use of org.apache.shiro.authc.UsernamePasswordToken in project tesla by linking12.
the class TeslaUserRealm method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String username = upToken.getUsername();
if (username == null) {
throw new AccountException("Null usernames are not allowed by this realm.");
}
Users user = userDao.findByUserNamed(username);
Long userId = user.userId();
String password = user.password();
int status = user.status();
if (password == null) {
throw new UnknownAccountException("No account found for " + username);
}
if (!password.equals(new String((char[]) token.getCredentials()))) {
throw new IncorrectCredentialsException("Password is not right for " + username);
}
if (status == 0) {
throw new LockedAccountException("account is locked for user " + username);
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(userId, password.toCharArray(), username);
info.setCredentialsSalt(ByteSource.Util.bytes(username));
return info;
}
Also used :
IncorrectCredentialsException(org.apache.shiro.authc.IncorrectCredentialsException)
AccountException(org.apache.shiro.authc.AccountException)
LockedAccountException(org.apache.shiro.authc.LockedAccountException)
UnknownAccountException(org.apache.shiro.authc.UnknownAccountException)
SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo)
UnknownAccountException(org.apache.shiro.authc.UnknownAccountException)
Users(io.github.tesla.authz.domain.Users)
LockedAccountException(org.apache.shiro.authc.LockedAccountException)
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
Aggregations
UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)114
Subject (org.apache.shiro.subject.Subject)50
Test (org.junit.Test)30
AuthenticationException (org.apache.shiro.authc.AuthenticationException)28
AuthenticationToken (org.apache.shiro.authc.AuthenticationToken)27
SimpleAuthenticationInfo (org.apache.shiro.authc.SimpleAuthenticationInfo)17
AuthenticationInfo (org.apache.shiro.authc.AuthenticationInfo)15
HttpServletRequest (javax.servlet.http.HttpServletRequest)11
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)11
Test (org.testng.annotations.Test)11
LockedAccountException (org.apache.shiro.authc.LockedAccountException)10
IncorrectCredentialsException (org.apache.shiro.authc.IncorrectCredentialsException)9
HttpServletResponse (javax.servlet.http.HttpServletResponse)8
UnknownAccountException (org.apache.shiro.authc.UnknownAccountException)7
DelegatingSubject (org.apache.shiro.subject.support.DelegatingSubject)7
Session (org.apache.shiro.session.Session)6
SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)6
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)6
AuthorizationInfo (org.apache.shiro.authz.AuthorizationInfo)4
AbstractQi4jTest (org.qi4j.test.AbstractQi4jTest)4
