Examples with Hash org.apache.shiro.crypto.hash.Hash used on opensource projects

Search in sources :

Example 6 with Hash

use of org.apache.shiro.crypto.hash.Hash in project SSM by Intel-bigdata.

the class LdapRealm method createAuthenticationInfo.

@Override
protected AuthenticationInfo createAuthenticationInfo(AuthenticationToken token, Object ldapPrincipal, Object ldapCredentials, LdapContext ldapContext) throws NamingException {
    HashRequest.Builder builder = new HashRequest.Builder();
    Hash credentialsHash = hashService.computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
    return new SimpleAuthenticationInfo(token.getPrincipal(), credentialsHash.toHex(), credentialsHash.getSalt(), getName());
}
Also used : HashRequest(org.apache.shiro.crypto.hash.HashRequest) SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo) Hash(org.apache.shiro.crypto.hash.Hash)

Example 7 with Hash

use of org.apache.shiro.crypto.hash.Hash in project ANNIS by korpling.

the class ANNISUserRealm method doGetAuthenticationInfo.

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    Validate.isInstanceOf(String.class, token.getPrincipal());
    String userName = (String) token.getPrincipal();
    if (userName.equals(anonymousUser)) {
        // for anonymous users the user name equals the Password, so hash the user name
        Sha256Hash hash = new Sha256Hash(userName);
        return new SimpleAuthenticationInfo(userName, hash.getBytes(), ANNISUserRealm.class.getName());
    }
    User user = confManager.getUser(userName);
    if (user != null) {
        String passwordHash = user.getPasswordHash();
        if (passwordHash != null) {
            if (passwordHash.startsWith("$")) {
                Shiro1CryptFormat fmt = new Shiro1CryptFormat();
                Hash hashCredentials = fmt.parse(passwordHash);
                if (hashCredentials instanceof SimpleHash) {
                    SimpleHash simpleHash = (SimpleHash) hashCredentials;
                    Validate.isTrue(simpleHash.getIterations() == 1, "Hash iteration count must be 1 for every password hash!");
                    // actually set the information from the user file
                    SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(userName, simpleHash.getBytes(), ANNISUserRealm.class.getName());
                    info.setCredentialsSalt(new SerializableByteSource(simpleHash.getSalt()));
                    return info;
                }
            } else {
                // fallback unsalted hex hash
                SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(token.getPrincipal(), passwordHash, ANNISUserRealm.class.getName());
                return info;
            }
        }
    }
    return null;
}
Also used : SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo) Sha256Hash(org.apache.shiro.crypto.hash.Sha256Hash) SimpleHash(org.apache.shiro.crypto.hash.SimpleHash) Sha256Hash(org.apache.shiro.crypto.hash.Sha256Hash) Hash(org.apache.shiro.crypto.hash.Hash) SimpleHash(org.apache.shiro.crypto.hash.SimpleHash) Shiro1CryptFormat(org.apache.shiro.crypto.hash.format.Shiro1CryptFormat)

Example 8 with Hash

use of org.apache.shiro.crypto.hash.Hash in project shiro by apache.

the class DefaultPasswordService method passwordsMatch.

public boolean passwordsMatch(Object submittedPlaintext, String saved) {
    ByteSource plaintextBytes = createByteSource(submittedPlaintext);
    if (saved == null || saved.length() == 0) {
        return plaintextBytes == null || plaintextBytes.isEmpty();
    } else {
        if (plaintextBytes == null || plaintextBytes.isEmpty()) {
            return false;
        }
    }
    // First check to see if we can reconstitute the original hash - this allows us to
    // perform password hash comparisons even for previously saved passwords that don't
    // match the current HashService configuration values.  This is a very nice feature
    // for password comparisons because it ensures backwards compatibility even after
    // configuration changes.
    HashFormat discoveredFormat = this.hashFormatFactory.getInstance(saved);
    if (discoveredFormat != null && discoveredFormat instanceof ParsableHashFormat) {
        ParsableHashFormat parsableHashFormat = (ParsableHashFormat) discoveredFormat;
        Hash savedHash = parsableHashFormat.parse(saved);
        return passwordsMatch(submittedPlaintext, savedHash);
    }
    // If we're at this point in the method's execution, We couldn't reconstitute the original hash.
    // So, we need to hash the submittedPlaintext using current HashService configuration and then
    // compare the formatted output with the saved string.  This will correctly compare passwords,
    // but does not allow changing the HashService configuration without breaking previously saved
    // passwords:
    // The saved text value can't be reconstituted into a Hash instance.  We need to format the
    // submittedPlaintext and then compare this formatted value with the saved value:
    HashRequest request = createHashRequest(plaintextBytes);
    Hash computed = this.hashService.computeHash(request);
    String formatted = this.hashFormat.format(computed);
    return saved.equals(formatted);
}
Also used : HashRequest(org.apache.shiro.crypto.hash.HashRequest) ByteSource(org.apache.shiro.util.ByteSource) Hash(org.apache.shiro.crypto.hash.Hash)

Example 9 with Hash

use of org.apache.shiro.crypto.hash.Hash in project knox by apache.

the class KnoxPamRealm method doGetAuthenticationInfo.

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    PAM pam = null;
    UnixUser user = null;
    try {
        pam = new PAM(this.getService());
        UsernamePasswordToken upToken = (UsernamePasswordToken) token;
        user = pam.authenticate(upToken.getUsername(), new String(upToken.getPassword()));
    } catch (PAMException e) {
        handleAuthFailure(token, e.getMessage(), e);
    } finally {
        if (pam != null) {
            pam.dispose();
        }
    }
    HashRequest hashRequest = new HashRequest.Builder().setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build();
    Hash credentialsHash = hashService.computeHash(hashRequest);
    /* Coverity Scan CID 1361684 */
    if (credentialsHash == null) {
        handleAuthFailure(token, "Failed to compute hash", null);
    }
    return new SimpleAuthenticationInfo(new UnixUserPrincipal(user), credentialsHash.toHex(), credentialsHash.getSalt(), getName());
}
Also used : UnixUser(org.jvnet.libpam.UnixUser) HashRequest(org.apache.shiro.crypto.hash.HashRequest) SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo) Hash(org.apache.shiro.crypto.hash.Hash) PAM(org.jvnet.libpam.PAM) PAMException(org.jvnet.libpam.PAMException) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)

Example 10 with Hash

use of org.apache.shiro.crypto.hash.Hash in project knox by apache.

the class KnoxLdapRealm method createAuthenticationInfo.

@Override
protected AuthenticationInfo createAuthenticationInfo(AuthenticationToken token, Object ldapPrincipal, Object ldapCredentials, LdapContext ldapContext) throws NamingException {
    HashRequest.Builder builder = new HashRequest.Builder();
    Hash credentialsHash = hashService.computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
    return new SimpleAuthenticationInfo(token.getPrincipal(), credentialsHash.toHex(), credentialsHash.getSalt(), getName());
}
Also used : HashRequest(org.apache.shiro.crypto.hash.HashRequest) SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo) Hash(org.apache.shiro.crypto.hash.Hash)

Aggregations

Hash (org.apache.shiro.crypto.hash.Hash)10 HashRequest (org.apache.shiro.crypto.hash.HashRequest)7 SimpleAuthenticationInfo (org.apache.shiro.authc.SimpleAuthenticationInfo)5 ByteSource (org.apache.shiro.util.ByteSource)3 Shiro1CryptFormat (org.apache.shiro.crypto.hash.format.Shiro1CryptFormat)2 IOException (java.io.IOException)1 CommandLine (org.apache.commons.cli.CommandLine)1 CommandLineParser (org.apache.commons.cli.CommandLineParser)1 DefaultParser (org.apache.commons.cli.DefaultParser)1 Options (org.apache.commons.cli.Options)1 UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)1 UnknownAlgorithmException (org.apache.shiro.crypto.UnknownAlgorithmException)1 DefaultHashService (org.apache.shiro.crypto.hash.DefaultHashService)1 Sha256Hash (org.apache.shiro.crypto.hash.Sha256Hash)1 SimpleHash (org.apache.shiro.crypto.hash.SimpleHash)1 SimpleHashRequest (org.apache.shiro.crypto.hash.SimpleHashRequest)1 HashFormat (org.apache.shiro.crypto.hash.format.HashFormat)1 HexFormat (org.apache.shiro.crypto.hash.format.HexFormat)1 PAM (org.jvnet.libpam.PAM)1 PAMException (org.jvnet.libpam.PAMException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial