Java Code Examples for org.apache.shiro.authc.AuthenticationInfo#getCredentials()
The following examples show how to use
org.apache.shiro.authc.AuthenticationInfo#getCredentials() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: CredentialsMatcher.java From springboot-learn with MIT License | 6 votes |
|
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
System.out.println("=================CredentialsMatcher.doCredentialsMatch=================");
UsernamePasswordToken utoken = (UsernamePasswordToken) token;
//获得用户输入的密码:(可以采用加盐(salt)的方式去检验)
String inPassword = new String(utoken.getPassword());
//获得数据库中的密码
String dbPassword = (String) info.getCredentials();
try {
// dbPassword = PasswordUtil.decrypt(dbPassword, utoken.getUsername());
} catch (Exception e) {
e.printStackTrace();
return false;
}
//进行密码的比对
return this.equals(inPassword, dbPassword);
}
Example 2
| Source File: CredentialsMatcher.java From springboot-shiro with MIT License | 6 votes |
|
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
UsernamePasswordToken utoken = (UsernamePasswordToken) token;
//获得用户输入的密码:(可以采用加盐(salt)的方式去检验)
String inPassword = new String(utoken.getPassword());
//获得数据库中的密码
String dbPassword = (String) info.getCredentials();
try {
dbPassword = PasswordUtil.decrypt(dbPassword, utoken.getUsername());
} catch (Exception e) {
e.printStackTrace();
return false;
}
//进行密码的比对
return this.equals(inPassword, dbPassword);
}
Example 3
| Source File: CredentialsMatcher.java From OneBlog with GNU General Public License v3.0 | 6 votes |
|
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
UsernamePasswordToken utoken = (UsernamePasswordToken) token;
//获得用户输入的密码:(可以采用加盐(salt)的方式去检验)
String inPassword = new String(utoken.getPassword());
//获得数据库中的密码
String dbPassword = (String) info.getCredentials();
try {
dbPassword = PasswordUtil.decrypt(dbPassword, utoken.getUsername());
} catch (Exception e) {
e.printStackTrace();
return false;
}
//进行密码的比对
return this.equals(inPassword, dbPassword);
}
Example 4
| Source File: AuthenticatingRealmImplTest.java From nexus-public with Eclipse Public License 1.0 | 6 votes |
|
@Test
public void testCreateWithPassowrd() throws Exception {
buildTestAuthenticationConfig(CUser.STATUS_ACTIVE);
String clearPassword = "default-password";
String username = "testCreateWithPassowrdEmailUserId";
CUser user = user("testCreateWithPassowrdEmail@somewhere", "testCreateWithPassowrdEmail",
"testCreateWithPassowrdEmail", CUser.STATUS_ACTIVE, username, null);
Set<String> roles = new HashSet<String>();
roles.add("role");
configurationManager.createUser(user, clearPassword, roles);
UsernamePasswordToken upToken = new UsernamePasswordToken("testCreateWithPassowrdEmailUserId", clearPassword);
AuthenticationInfo ai = realm.getAuthenticationInfo(upToken);
String password = new String((char[]) ai.getCredentials());
assertThat(passwordService.passwordsMatch(clearPassword, password), is(true));
}
Example 5
| Source File: HashedCredentialsMatcher.java From nano-framework with Apache License 2.0 | 6 votes |
|
/**
*
* @param info the AuthenticationInfo from which to retrieve the credentials which assumed to be in already-hashed form.
* @return a {@link Hash Hash} instance representing the given AuthenticationInfo's stored credentials.
*/
protected Object getCredentials(AuthenticationInfo info) {
Object credentials = info.getCredentials();
byte[] storedBytes = toBytes(credentials);
if (credentials instanceof String || credentials instanceof char[]) {
//account.credentials were a char[] or String, so
//we need to do text decoding first:
if (isStoredCredentialsHexEncoded()) {
storedBytes = Hex.decode(storedBytes);
} else {
storedBytes = Base64.decode(storedBytes);
}
}
AbstractHash hash = newHashInstance();
hash.setBytes(storedBytes);
return hash;
}
Example 6
| Source File: AuthenticatingRealmImplTest.java From nexus-public with Eclipse Public License 1.0 | 5 votes |
|
@Test
public void testSuccessfulAuthentication() throws Exception {
buildTestAuthenticationConfig(CUser.STATUS_ACTIVE);
UsernamePasswordToken upToken = new UsernamePasswordToken("username", "password");
AuthenticationInfo ai = realm.getAuthenticationInfo(upToken);
String password = new String((char[]) ai.getCredentials());
assertThat(this.passwordService.passwordsMatch("password", password), is(true));
}
Example 7
| Source File: AuthenticatingRealmImplTest.java From nexus-public with Eclipse Public License 1.0 | 5 votes |
|
@Test
public void testGetAuthenticationInfo_userStatusChangePassword() throws Exception {
buildTestAuthenticationConfig(CUser.STATUS_CHANGE_PASSWORD);
UsernamePasswordToken upToken = new UsernamePasswordToken("username", "password");
AuthenticationInfo ai = realm.getAuthenticationInfo(upToken);
String password = new String((char[]) ai.getCredentials());
assertThat(this.passwordService.passwordsMatch("password", password), is(true));
}
Example 8
| Source File: AuthenticatingRealmImplTest.java From nexus-public with Eclipse Public License 1.0 | 5 votes |
|
@Test
public void testDetectLegacyUser() throws Exception {
String password = "password";
String username = "username";
buildLegacyTestAuthenticationConfig(password);
UsernamePasswordToken upToken = new UsernamePasswordToken(username, password);
AuthenticationInfo ai = realm.getAuthenticationInfo(upToken);
CUser updatedUser = this.configurationManager.readUser(username);
String hash = new String((char[]) ai.getCredentials());
assertThat(passwordService.passwordsMatch(password, hash), is(true));
assertThat(passwordService.passwordsMatch(password, updatedUser.getPassword()), is(true));
}
Example 9
| Source File: BooleanMatcher.java From jsets-shiro-spring-boot-starter with Apache License 2.0 | 4 votes |
|
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
return (Boolean) info.getCredentials();
}
Example 10
| Source File: SimpleAuthenticationInfo.java From nano-framework with Apache License 2.0 | 4 votes |
|
@SuppressWarnings("unchecked")
public void merge(AuthenticationInfo info) {
if (info == null || info.getPrincipals() == null || info.getPrincipals().isEmpty()) {
return;
}
if (this.principals == null) {
this.principals = info.getPrincipals();
} else {
if (!(this.principals instanceof MutablePrincipalCollection)) {
this.principals = new SimplePrincipalCollection(this.principals);
}
((MutablePrincipalCollection) this.principals).addAll(info.getPrincipals());
}
if (this.credentialsSalt == null && info instanceof SaltedAuthenticationInfo) {
this.credentialsSalt = ((SaltedAuthenticationInfo) info).getCredentialsSalt();
}
Object thisCredentials = getCredentials();
Object otherCredentials = info.getCredentials();
if (otherCredentials == null) {
return;
}
if (thisCredentials == null) {
this.credentials = otherCredentials;
return;
}
if (!(thisCredentials instanceof Collection)) {
Set<Object> newSet = new HashSet<>();
newSet.add(thisCredentials);
setCredentials(newSet);
}
// At this point, the credentials should be a collection
Collection<Object> credentialCollection = (Collection<Object>) getCredentials();
if (otherCredentials instanceof Collection) {
credentialCollection.addAll((Collection<Object>) otherCredentials);
} else {
credentialCollection.add(otherCredentials);
}
}
Example 11
| Source File: UsergridAuthenticationInfo.java From usergrid with Apache License 2.0 | 4 votes |
|
/**
* Takes the specified <code>info</code> argument and adds its principals and credentials into this instance.
*
* @param info the <code>AuthenticationInfo</code> to add into this instance.
*/
@SuppressWarnings("unchecked")
public void merge(AuthenticationInfo info) {
if (info == null || info.getPrincipals() == null || info.getPrincipals().isEmpty()) {
return;
}
if (this.principals == null) {
this.principals = info.getPrincipals();
} else {
if (!(this.principals instanceof MutablePrincipalCollection)) {
this.principals = new SimplePrincipalCollection(this.principals);
}
((MutablePrincipalCollection) this.principals).addAll(info.getPrincipals());
}
//only mess with a salt value if we don't have one yet. It doesn't make sense
//to merge salt values from different realms because a salt is used only within
//the realm's credential matching process. But if the current instance's salt
//is null, then it can't hurt to pull in a non-null value if one exists.
//
//since 1.1:
if (this.credentialsSalt == null && info instanceof SaltedAuthenticationInfo) {
this.credentialsSalt = ((SaltedAuthenticationInfo) info).getCredentialsSalt();
}
Object thisCredentials = getCredentials();
Object otherCredentials = info.getCredentials();
if (otherCredentials == null) {
return;
}
if (thisCredentials == null) {
this.credentials = otherCredentials;
return;
}
if (!(thisCredentials instanceof Collection)) {
Set newSet = new HashSet();
newSet.add(thisCredentials);
setCredentials(newSet);
}
// At this point, the credentials should be a collection
Collection credentialCollection = (Collection) getCredentials();
if (otherCredentials instanceof Collection) {
credentialCollection.addAll((Collection) otherCredentials);
} else {
credentialCollection.add(otherCredentials);
}
}
Example 12
| Source File: SimpleCredentialsMatcher.java From nano-framework with Apache License 2.0 | 2 votes |
|
/**
* @param info the {@code AuthenticationInfo} stored in the data store to be compared against the submitted authentication
* token's credentials.
* @return the {@code account}'s associated credentials.
*/
protected Object getCredentials(AuthenticationInfo info) {
return info.getCredentials();
}
