use of org.apache.shiro.authc.UsernamePasswordToken in project shiro by apache.
the class JDBCRealmTest method testSaltColumnWrongPassword.
@Test
public void testSaltColumnWrongPassword() throws Exception {
String testMethodName = name.getMethodName();
JdbcRealm realm = realmMap.get(testMethodName);
createSaltColumnSchema(testMethodName);
realm.setSaltStyle(JdbcRealm.SaltStyle.COLUMN);
Subject.Builder builder = new Subject.Builder(securityManager);
Subject currentUser = builder.buildSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, "passwrd");
try {
currentUser.login(token);
} catch (IncorrectCredentialsException ex) {
// Expected
}
}
use of org.apache.shiro.authc.UsernamePasswordToken in project shiro by apache.
the class SignupController method showSignupForm.
@RequestMapping(value = "/signup", method = RequestMethod.POST)
public String showSignupForm(Model model, @ModelAttribute SignupCommand command, BindingResult errors) {
signupValidator.validate(command, errors);
if (errors.hasErrors()) {
return showSignupForm(model, command);
}
// Create the user
userService.createUser(command.getUsername(), command.getEmail(), command.getPassword());
// Login the newly created user
SecurityUtils.getSubject().login(new UsernamePasswordToken(command.getUsername(), command.getPassword()));
return "redirect:/s/home";
}
use of org.apache.shiro.authc.UsernamePasswordToken in project shiro by apache.
the class BasicHttpFilterAuthenticationTest method createTokenNoAuthorizationHeader.
@Test
public void createTokenNoAuthorizationHeader() throws Exception {
testFilter = new BasicHttpAuthenticationFilter();
HttpServletRequest request = createMock(HttpServletRequest.class);
expect(request.getHeader("Authorization")).andReturn(null);
expect(request.getRemoteHost()).andReturn("localhost");
HttpServletResponse response = createMock(HttpServletResponse.class);
replay(request);
replay(response);
AuthenticationToken token = testFilter.createToken(request, response);
assertNotNull(token);
assertTrue("Token is not a username and password token.", token instanceof UsernamePasswordToken);
assertEquals("", token.getPrincipal());
verify(request);
verify(response);
}
use of org.apache.shiro.authc.UsernamePasswordToken in project shiro by apache.
the class BasicHttpFilterAuthenticationTest method createTokenColonInPassword.
@Test
public void createTokenColonInPassword() throws Exception {
testFilter = new BasicHttpAuthenticationFilter();
HttpServletRequest request = createMock(HttpServletRequest.class);
expect(request.getHeader("Authorization")).andReturn(createAuthorizationHeader("pedro", "pass:word"));
expect(request.getRemoteHost()).andReturn("localhost");
HttpServletResponse response = createMock(HttpServletResponse.class);
replay(request);
replay(response);
AuthenticationToken token = testFilter.createToken(request, response);
assertNotNull(token);
assertTrue("Token is not a username and password token.", token instanceof UsernamePasswordToken);
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
assertEquals("pedro", upToken.getUsername());
assertEquals("pass:word", new String(upToken.getPassword()));
verify(request);
verify(response);
}
use of org.apache.shiro.authc.UsernamePasswordToken in project shiro by apache.
the class BasicHttpFilterAuthenticationTest method createTokenNoUsername.
@Test
public void createTokenNoUsername() throws Exception {
testFilter = new BasicHttpAuthenticationFilter();
HttpServletRequest request = createMock(HttpServletRequest.class);
expect(request.getHeader("Authorization")).andReturn(createAuthorizationHeader("", ""));
expect(request.getRemoteHost()).andReturn("localhost");
HttpServletResponse response = createMock(HttpServletResponse.class);
replay(request);
replay(response);
AuthenticationToken token = testFilter.createToken(request, response);
assertNotNull(token);
assertTrue("Token is not a username and password token.", token instanceof UsernamePasswordToken);
assertEquals("", token.getPrincipal());
verify(request);
verify(response);
}
Aggregations