use of org.apache.shiro.authc.UsernamePasswordToken in project tesla by linking12.
the class AbstractAuthorizeHandler method submitLogin.
protected boolean submitLogin() throws ServletException, IOException {
if (isSubmitLogin()) {
try {
UsernamePasswordToken token = createUsernamePasswordToken();
SecurityUtils.getSubject().login(token);
LOG.debug("Submit login successful");
this.userFirstLogged = true;
return false;
} catch (Exception ex) {
LOG.debug("Login failed, back to login page too", ex);
final HttpServletRequest request = oauthRequest.request();
request.setAttribute("oauth_login_error", ex.getMessage());
RequestDispatcher dispatcher = request.getRequestDispatcher(OAUTH_LOGIN_VIEW);
dispatcher.forward(request, response);
return true;
}
}
return false;
}
use of org.apache.shiro.authc.UsernamePasswordToken in project tesla by linking12.
the class AbstractOauthTokenValidator method invalidUsernamePassword.
protected boolean invalidUsernamePassword() {
final String username = tokenRequest.getUsername();
String password = tokenRequest.getPassword();
password = MD5Utils.encrypt(username, password);
try {
SecurityUtils.getSubject().login(new UsernamePasswordToken(username, password));
} catch (Exception e) {
LOG.debug("Login failed by username: " + username, e);
return true;
}
return false;
}
use of org.apache.shiro.authc.UsernamePasswordToken in project tesla by linking12.
the class LoginController method ajaxLogin.
@Log("登录")
@PostMapping("/login")
@ResponseBody
CommonResponse ajaxLogin(String username, String password) {
password = MD5Utils.encrypt(username, password);
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
Subject subject = SecurityUtils.getSubject();
try {
subject.login(token);
return CommonResponse.ok();
} catch (AuthenticationException e) {
return CommonResponse.error("用户或密码错误");
}
}
use of org.apache.shiro.authc.UsernamePasswordToken in project mica2 by obiba.
the class SessionsResource method createSession.
@POST
@Path("/sessions")
public Response createSession(@SuppressWarnings("TypeMayBeWeakened") @Context HttpServletRequest servletRequest, @FormParam("username") String username, @FormParam("password") String password) {
try {
authenticationExecutor.login(new UsernamePasswordToken(username, password));
String sessionId = SecurityUtils.getSubject().getSession().getId().toString();
log.info("Successful session creation for user '{}' session ID is '{}'.", username, sessionId);
return Response.created(UriBuilder.fromPath(JerseyConfiguration.WS_ROOT).path(SessionResource.class).build(sessionId)).build();
} catch (AuthenticationException e) {
log.info("Authentication failure of user '{}' at ip: '{}': {}", username, servletRequest.getRemoteAddr(), e.getMessage());
// When a request contains credentials and they are invalid, the a 403 (Forbidden) should be returned.
return Response.status(Response.Status.FORBIDDEN).cookie().build();
}
}
use of org.apache.shiro.authc.UsernamePasswordToken in project knox by apache.
the class KnoxPamRealmTest method testDoGetAuthenticationInfo.
@Test
public void testDoGetAuthenticationInfo() {
KnoxPamRealm realm = new KnoxPamRealm();
// pam settings being used: /etc/pam.d/sshd
realm.setService("sshd");
// use environment variables and skip the test if not set.
String pamuser = System.getenv("PAMUSER");
String pampass = System.getenv("PAMPASS");
assumeTrue(pamuser != null);
assumeTrue(pampass != null);
// mock shiro auth token
UsernamePasswordToken authToken = createMock(UsernamePasswordToken.class);
expect(authToken.getUsername()).andReturn(pamuser);
expect(authToken.getPassword()).andReturn(pampass.toCharArray());
expect(authToken.getCredentials()).andReturn(pampass);
replay(authToken);
// login
AuthenticationInfo authInfo = realm.doGetAuthenticationInfo(authToken);
// verify success
assertTrue(authInfo.getCredentials() != null);
}
Aggregations