org.apache.shiro.authc.IncorrectCredentialsException Java Examples

public UserVO identityVerifyAndSession(String key) {
	UserVO vo = identityVerify(key);
	if(vo.getResult() - UserVO.FAILURE == 0){
		return vo;
	}
	
	UsernamePasswordToken token = new UsernamePasswordToken(vo.getUser().getUsername(), vo.getUser().getUsername());
       token.setRememberMe(false);
	Subject currentUser = SecurityUtils.getSubject();  
	
	try {  
		currentUser.login(token);  
	} catch ( UnknownAccountException uae ) {
		uae.printStackTrace();
	} catch ( IncorrectCredentialsException ice ) {
		ice.printStackTrace();
	} catch ( LockedAccountException lae ) {
		lae.printStackTrace();
	} catch ( ExcessiveAttemptsException eae ) {
		eae.printStackTrace();
	} catch ( org.apache.shiro.authc.AuthenticationException ae ) { 
		ae.printStackTrace();
	}
	
	return vo;
}
 

@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(HttpServletRequest request, Map<String, Object> map) {
    _logger.info("登录方法start.........");
    // 登录失败从request中获取shiro处理的异常信息。shiroLoginFailure:就是shiro异常类的全类名.
    Object exception = request.getAttribute("shiroLoginFailure");
    String msg;
    if (exception != null) {
        if (UnknownAccountException.class.isInstance(exception)) {
            msg = "用户名不正确，请重新输入";
        } else if (IncorrectCredentialsException.class.isInstance(exception)) {
            msg = "密码错误，请重新输入";
        } else if (IncorrectCaptchaException.class.isInstance(exception)) {
            msg = "验证码错误";
        } else if (ForbiddenUserException.class.isInstance(exception)) {
            msg = "该用户已被禁用，如有疑问请联系系统管理员。";
        } else {
            msg = "发生未知错误，请联系管理员。";
        }
        map.put("username", request.getParameter("username"));
        map.put("password", request.getParameter("password"));
        map.put("msg", msg);
        return "login";
    }
    //如果已经登录，直接跳转主页面
    return "index";
}
 

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String userName = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());

	System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
	User user = userMapper.findByUserName(userName);

	if (user == null) {
		throw new UnknownAccountException("用户名或密码错误！");
	}
	if (!password.equals(user.getPassword())) {
		throw new IncorrectCredentialsException("用户名或密码错误！");
	}
	if (user.getStatus().equals("0")) {
		throw new LockedAccountException("账号已被锁定,请联系管理员！");
	}
	SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
	return info;
}
 

/**
 * 校验用户密码
 *
 * @param user     用户
 * @param password 需要校验的密码
 */
private void validateUserPassword(User user, String password) {
    if (user == null) {
        // 用户不存在
        throw new UnknownAccountException();
    }
    if (BooleanEnum.NO.getValue() == user.getStateCode()) {
        // 账户不可用
        throw new LockedAccountException();
    }
    String passwordDb = user.getPassword();
    if (!passwordDb.equals(PasswordUtil.encrypt(password, user.getSalt()))) {
        //密码不正确
        throw new IncorrectCredentialsException();
    }
}
 

@Test
public void testSingleRealmFailureIsStillSuccessful() {
  UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("username", "password");

  Realm realmOne = mock(Realm.class);
  Realm realmTwo = mock(Realm.class);

  when(realmOne.supports(usernamePasswordToken)).thenReturn(true);
  when(realmTwo.supports(usernamePasswordToken)).thenReturn(true);

  when(realmOne.getAuthenticationInfo(usernamePasswordToken)).thenThrow(new IncorrectCredentialsException());
  when(realmTwo.getAuthenticationInfo(usernamePasswordToken)).thenReturn(new SimpleAccount());

  firstSuccessfulModularRealmAuthenticator
      .doMultiRealmAuthentication(Lists.newArrayList(realmOne, realmTwo), usernamePasswordToken);
}
 

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String userName = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());

	System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
	User user = userMapper.findByUserName(userName);

	if (user == null) {
		throw new UnknownAccountException("用户名或密码错误！");
	}
	if (!password.equals(user.getPassword())) {
		throw new IncorrectCredentialsException("用户名或密码错误！");
	}
	if (user.getStatus().equals("0")) {
		throw new LockedAccountException("账号已被锁定,请联系管理员！");
	}
	SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
	return info;
}
 

protected void setFailureAttribute(ServletRequest request,
		AuthenticationException ae) {
	String errorMessage = null;

	if (ae instanceof IncorrectCredentialsException) {
		errorMessage = "密码错误,输入错误超过当日限制,将锁定账户";
		// 登录失败日志记录
		logLoginStatus(request, LoginType.登录失败);
	} else if (ae instanceof ValidateCodeException) {
		errorMessage = "验证码错误";
	} else if (ae instanceof UnValidationAccountException) {
		errorMessage = "账号未被验证";
	} else if (ae instanceof LockedAccountException) {
		errorMessage = "密码输入错误超过当日限制,请明天再试";
	} else if (ae instanceof DisabledAccountException) {
		errorMessage = "账号被管理员锁定";
	} else if (ae instanceof UnknownAccountException) {
		errorMessage = "账号不存在";
	} else {
		errorMessage = "未知错误";
		log.fatal("登录错误-未知错误，请管理员检查", ae);
	}

	request.setAttribute(getFailureKeyAttribute(), errorMessage);
}
 

public static void handle(HttpServletResponse response, Exception exception) {
	try {
		if (ExceptionUtils.find(exception, UnauthenticatedException.class) != null) {
			requireAuthentication(response);
		} else if (find(exception, UnauthorizedException.class) != null) {
			if (!SecurityUtils.getSubject().isAuthenticated()) 
				requireAuthentication(response);
			else 
				response.sendError(HttpServletResponse.SC_FORBIDDEN, "Access denied.");
		} else if (find(exception, IncorrectCredentialsException.class) != null) {
			response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Incorrect credentials.");
		} else if (find(exception, UnknownAccountException.class) != null) {
			response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unknown user name.");
		} else {
			logger.warn("Error serving request", exception);
			response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, exception.getMessage());
		} 
	} catch (IOException e) {
		throw new RuntimeException(e);
	}
}
 

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {		
	SessionHandoff handoff = null;
	try {
		handoff = handoffDao.validate(((AppHandoffToken) token).getToken()).orElseThrow(() -> new IncorrectCredentialsException());
		AppHandoffMetrics.incValidateTokenSuccess();
	}catch(IncorrectCredentialsException e) {
		AppHandoffMetrics.incValidateTokenFailed();
		throw e;
	}
	if(checkSameIp) {
		String tokenHost = ((AppHandoffToken) token).getHost();
		if(StringUtils.isBlank(tokenHost) || StringUtils.isBlank(handoff.getIp()) || !tokenHost.equalsIgnoreCase(handoff.getIp())) {
			if(StringUtils.isBlank(handoff.getIp()) && StringUtils.isBlank(tokenHost)) {
				logger.warn("Both IP in token and app_handoff_token DB is null for person [{}].  Should not happen!", handoff.getPersonId());
			}
			AppHandoffMetrics.incSameIPFailed();
			throw new IncorrectCredentialsException();
		}
		AppHandoffMetrics.incSameIPSuccess();
	}
	Login login = new Login();
	login.setUserId(handoff.getPersonId());
	login.setUsername(handoff.getUsername());
	return new SimpleAuthenticationInfo(principalResolver.resolvePrincipal(login), token, getName()); 
}
 

@RequestMapping("/login")
public String login(HttpServletRequest request, Map<String, Object> map) throws Exception {
      // 登录失败从request中获取shiro处理的异常信息。
    // shiroLoginFailure:就是shiro异常类的全类名.
    //初始登陆用户名密码long/longzhonghua,或者long/123456
    String exception = (String) request.getAttribute("shiroLoginFailure");
    System.out.println("exception=" + exception);
    String msg = "";
    if (exception != null) {
        if (UnknownAccountException.class.getName().equals(exception)) {
                   msg = "账号不存在：";
        } else if (IncorrectCredentialsException.class.getName().equals(exception)) {
                     msg = "密码不正确：";
        } else if ("kaptchaValidateFailed".equals(exception)) {
                         msg = "验证码错误";
        } else {
            msg = "else >> " + exception;

        }
    }
    map.put("msg", msg);
    // 此方法不处理登录成功,由shiro进行处理
    return "/login";
}
 

/**
 * 认证(登录时调用)
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
    String token = (String) authenticationToken.getPrincipal();
    // 根据accessToken，查询用户token信息
    SysUserToken sysUserToken = sysUserTokenService.findByToken(token);
    if(sysUserToken == null || sysUserToken.getExpireTime().getTime() < System.currentTimeMillis()){
    	// token已经失效
        throw new IncorrectCredentialsException("token失效，请重新登录");
    }
    // 查询用户信息
    SysUser user = sysUserService.findById(sysUserToken.getUserId());
    // 账号被锁定
    if(user.getStatus() == 0){
        throw new LockedAccountException("账号已被锁定,请联系管理员");
    }
    SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, token, getName());
    return info;
}
 

/**
 * 登录失败调用事件
 */
@Override
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {
	String className = e.getClass().getName(), message = "";
	if (IncorrectCredentialsException.class.getName().equals(className) || UnknownAccountException.class.getName().equals(className)) {
		message = Global.getText("sys.login.failure");
	} else if (e.getMessage() != null && StringUtils.startsWith(e.getMessage(), "msg:")) {
		message = StringUtils.replace(e.getMessage(), "msg:", "");
	} else {
		message = Global.getText("sys.login.error");
		logger.error(message, e); // 输出到日志文件
	}
	request.setAttribute(getFailureKeyAttribute(), className);
	request.setAttribute(DEFAULT_MESSAGE_PARAM, message);
	return true;
}
 

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String userName = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());

	System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
	User user = userMapper.findByUserName(userName);

	if (user == null) {
		throw new UnknownAccountException("用户名或密码错误！");
	}
	if (!password.equals(user.getPassword())) {
		throw new IncorrectCredentialsException("用户名或密码错误！");
	}
	if (user.getStatus().equals("0")) {
		throw new LockedAccountException("账号已被锁定,请联系管理员！");
	}
	SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
	return info;
}
 

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String userName = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());

	System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
	User user = userMapper.findByUserName(userName);

	if (user == null) {
		throw new UnknownAccountException("用户名或密码错误！");
	}
	if (!password.equals(user.getPassword())) {
		throw new IncorrectCredentialsException("用户名或密码错误！");
	}
	if (user.getStatus().equals("0")) {
		throw new LockedAccountException("账号已被锁定,请联系管理员！");
	}
	SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
	return info;
}
 

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String userName = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());

	System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
	User user = userMapper.findByUserName(userName);

	if (user == null) {
		throw new UnknownAccountException("用户名或密码错误！");
	}
	if (!password.equals(user.getPassword())) {
		throw new IncorrectCredentialsException("用户名或密码错误！");
	}
	if (user.getStatus().equals("0")) {
		throw new LockedAccountException("账号已被锁定,请联系管理员！");
	}
	SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
	return info;
}
 

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String userName = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());

	System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
	User user = userMapper.findByUserName(userName);

	if (user == null) {
		throw new UnknownAccountException("用户名或密码错误！");
	}
	if (!password.equals(user.getPassword())) {
		throw new IncorrectCredentialsException("用户名或密码错误！");
	}
	if (user.getStatus().equals("0")) {
		throw new LockedAccountException("账号已被锁定,请联系管理员！");
	}
	SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
	return info;
}
 

@Test
public void testMultiRealmMultipleFailures() {
  UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("username", "password");

  Realm realmOne = mock(Realm.class);
  Realm realmTwo = mock(Realm.class);

  when(realmOne.supports(usernamePasswordToken)).thenReturn(true);
  when(realmTwo.supports(usernamePasswordToken)).thenReturn(true);

  when(realmOne.getAuthenticationInfo(usernamePasswordToken)).thenThrow(new IncorrectCredentialsException());
  when(realmTwo.getAuthenticationInfo(usernamePasswordToken)).thenThrow(new UnknownAccountException());

  try {
    firstSuccessfulModularRealmAuthenticator
        .doMultiRealmAuthentication(Lists.newArrayList(realmOne, realmTwo), usernamePasswordToken);
  }
  catch (NexusAuthenticationException e) {
    assertThat(e.getAuthenticationFailureReasons(), containsInAnyOrder(AuthenticationFailureReason.INCORRECT_CREDENTIALS, AuthenticationFailureReason.USER_NOT_FOUND));
  }
}
 

@Test
public void testMultiRealmInvalidCredentials() {
  UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("username", "password");

  Realm realmOne = mock(Realm.class);
  Realm realmTwo = mock(Realm.class);

  when(realmOne.supports(usernamePasswordToken)).thenReturn(true);
  when(realmTwo.supports(usernamePasswordToken)).thenReturn(true);

  when(realmOne.getAuthenticationInfo(usernamePasswordToken)).thenThrow(new IncorrectCredentialsException());
  when(realmTwo.getAuthenticationInfo(usernamePasswordToken)).thenThrow(new IncorrectCredentialsException());

  try {
    firstSuccessfulModularRealmAuthenticator
        .doMultiRealmAuthentication(Lists.newArrayList(realmOne, realmTwo), usernamePasswordToken);
  }
  catch (NexusAuthenticationException e) {
    assertThat(e.getAuthenticationFailureReasons(), containsInAnyOrder(AuthenticationFailureReason.INCORRECT_CREDENTIALS));
  }
}
 

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
  UsernamePasswordToken upToken = (UsernamePasswordToken) token;

  String password = new String(upToken.getPassword());
  String userId = upToken.getUsername();

  // username == password
  try {
    if (userId.endsWith(password) && userManager.getUser(userId) != null) {
      return new SimpleAuthenticationInfo(new SimplePrincipalCollection(token.getPrincipal(),
          this.getName()), userId);
    }
    else {
      throw new IncorrectCredentialsException("User [" + userId + "] bad credentials.");
    }
  }
  catch (UserNotFoundException e) {
    throw new UnknownAccountException("User [" + userId + "] not found.");
  }
}
 

@Path("/login")
@POST
public void login(
    @FormParam("username") String username,
    @FormParam("password") String password,
    @FormParam("rememberMe") boolean rememberMe,
    @Auth Subject subject) throws IOException {

  ensurePresent(username, "Invalid credentials: missing username.");
  ensurePresent(password, "Invalid credentials: missing password.");

  try {
    subject.login(new UsernamePasswordToken(username, password, rememberMe));
  } catch (AuthenticationException e) {
    throw new IncorrectCredentialsException("Invalid credentials combination for user: " + username);
  }
}
 

/**
 * 用户登陆
 *
 * @param model   {@link Model}
 * @param request {@link HttpServletRequest}
 * @return jsp/login.jsp
 * @throws LoginException LoginException
 */
@RequestMapping("login")
public String userLogin(Model model, HttpServletRequest request) throws LoginException {
    User user = (User) SecurityUtils.getSubject().getPrincipal();
    if (user != null && user.getUid() != null) {
        logger.debug("用户成功登录 {}", user);
        return "redirect:index.jsp";
    }
    String exceptionClassName = (String) request.getAttribute("shiroLoginFailure");
    if (exceptionClassName != null) {
        if (UnknownAccountException.class.getName().equals(exceptionClassName)) {
            model.addAttribute("returninfo", "账号不存在");
        } else if (IncorrectCredentialsException.class.getName().equals(
                exceptionClassName) || AuthenticationException.class.getName().equals(exceptionClassName)) {
            model.addAttribute("returninfo", "用户名/密码错误");
        } else {
            throw new LoginException(exceptionClassName);
        }
    }
    return "jsp/login.jsp";
}
 

@RequestMapping(value = "/login")
public String showLoginForm(HttpServletRequest req, Model model) {
    if(req.getMethod().equalsIgnoreCase("get")){
        return "login";
    }
    String exceptionClassName = (String)req.getAttribute("shiroLoginFailure");
    String error = null;
    if(UnknownAccountException.class.getName().equals(exceptionClassName)) {
        error = "用户名/密码错误";
    } else if(IncorrectCredentialsException.class.getName().equals(exceptionClassName)) {
        error = "用户名/密码错误";
    } else if(exceptionClassName != null) {
        error = "其他错误：" + exceptionClassName;
    }
    if(error!=null){
        model.addAttribute("shiroLoginFailure", error);
        return "login";
    }
    return "redirect:/main";

}
 

/**
 * 登录失败调用事件
 */
@Override
protected boolean onLoginFailure(AuthenticationToken token,
                                    AuthenticationException e, ServletRequest request, ServletResponse response) {
	String className = e.getClass().getName(), message = "";
	if (IncorrectCredentialsException.class.getName().equals(className)
			|| UnknownAccountException.class.getName().equals(className)){
		message = "用户或密码错误, 请重试.";
	}
	else if (e.getMessage() != null && StringUtils.startsWith(e.getMessage(), "msg:")){
		message = StringUtils.replace(e.getMessage(), "msg:", "");
	}
	else{
		message = "系统出现点问题，请稍后再试！";
		e.printStackTrace(); // 输出到控制台
	}
       request.setAttribute(getFailureKeyAttribute(), className);
       request.setAttribute(getMessageParam(), message);
       return true;
}
 

@RequestMapping(value = "/login", method = RequestMethod.POST)
@ResponseBody
public Result<User> login(String username, String password)
		throws IOException {
	// response.setHeader("resetCookie", "true");
	if (TextUtil.isEmpty(username) || TextUtil.isEmpty(password)) {
		return new Result<User>(false, "用户名或密码为空",
				null);
	}
	Result<User> result;
	try {
		User returnUser = accountService.login(username, password);
		if (returnUser != null) {
			// response.setHeader("resetCookie", "true");
			result = new Result<User>(true, null, returnUser);
		} else {
			result = new Result<User>(false, "登录失败.", null);
		}
	} catch (IncorrectCredentialsException e) {
		result = new Result<User>(false, "帐号密码错误", null);
	} catch (UnknownAccountException e1) {
		result = new Result<User>(false, "帐号密码错误", null);
	}
	return result;
}
 

/**
 * 函数功能说明 ： 进入后台登陆页面.
 *
 * @参数： @return
 * @return String
 * @throws
 */
@RequestMapping("/login")
public String login(HttpServletRequest req, Model model) {

	String exceptionClassName = (String) req.getAttribute("shiroLoginFailure");
	String error = null;
	if (UnknownAccountException.class.getName().equals(exceptionClassName)) {
		error = "用户名/密码错误";
	} else if (IncorrectCredentialsException.class.getName().equals(exceptionClassName)) {
		error = "用户名/密码错误";
	} else if (PermissionException.class.getName().equals(exceptionClassName)) {
		error = "网络异常,请联系龙果管理员";
	} else if (exceptionClassName != null) {
		error = "错误提示：" + exceptionClassName;
	}
	model.addAttribute("message", error);
	return "system/login";
}
 

@RequestMapping(value = "${web.adminPath}/login", method = RequestMethod.POST)
    public String showLoginForm(HttpServletRequest request, Model model) {
        String error = null;
        String exceptionClassName = (String)request.getAttribute(FormAuthenticationCaptchaFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);

        if(AccountException.class.getName().equals(exceptionClassName)){
            error = "对不起，您输入用户名";
        }  else if(UnknownAccountException.class.getName().equals(exceptionClassName)){
            error = "对不起，您输入用户名不存在";
        } else if(IncorrectCredentialsException.class.getName().equals(exceptionClassName)){
            error = "对不起，您输入用户名/密码错误";
        }  else if(CaptchaException.class.getName().equals(exceptionClassName)) {
            error="对不起，您输入验证码错误";
        } else if(LockedAccountException.class.getName().equals(exceptionClassName)) {
            error="对不起，您账号被冻结,请联系管理员";
        } else if(ExcessiveAttemptsException.class.getName().equals(exceptionClassName)){
            error="重复密码错误超过5次,请等待30分钟...";
        }else if(exceptionClassName != null) {
            error = "登录系统错误";
        }

        model.addAttribute("error",  error);

        return getRemoteView("login_signin");
//        return "redirect:/"+getTemplate()+"/login";
    }
 

@RequestMapping(value = "login", method = RequestMethod.POST)
    public String showLoginForm(HttpServletRequest request, Model model) {
        String error = null;
        String exceptionClassName = (String)request.getAttribute(FormAuthenticationCaptchaFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);

        if(AccountException.class.getName().equals(exceptionClassName)){
            error = "对不起，您输入用户名";
        }  else if(UnknownAccountException.class.getName().equals(exceptionClassName)){
            error = "对不起，您输入用户名不存在";
        } else if(IncorrectCredentialsException.class.getName().equals(exceptionClassName)){
            error = "对不起，您输入用户名/密码错误";
        }  else if(CaptchaException.class.getName().equals(exceptionClassName)) {
            error="对不起，您输入验证码错误";
        } else if(LockedAccountException.class.getName().equals(exceptionClassName)) {
            error="对不起，您账号被冻结,请联系管理员";
        } else if(ExcessiveAttemptsException.class.getName().equals(exceptionClassName)){
            error="重复密码错误超过5次,请等待30分钟...";
        }else if(exceptionClassName != null) {
            error = "登录系统错误";
        }

        model.addAttribute("error",  error);

        return getRemoteView("login");
//        return "redirect:/"+getTemplate()+"/login";
    }
 

/**
 * 登录认证
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String userName = (String) token.getPrincipal();
	String password = new String((char[]) token.getCredentials());

	System.out.println("用户" + userName + "认证-----ShiroRealm.doGetAuthenticationInfo");
	User user = userMapper.findByUserName(userName);

	if (user == null) {
		throw new UnknownAccountException("用户名或密码错误！");
	}
	if (!password.equals(user.getPassword())) {
		throw new IncorrectCredentialsException("用户名或密码错误！");
	}
	if (user.getStatus().equals("0")) {
		throw new LockedAccountException("账号已被锁定,请联系管理员！");
	}
	SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
	return info;
}
 

@RequestMapping(value = "/login", method = RequestMethod.POST)
@ExceptionForward("/shiro/login")
public String login(HttpServletRequest request) {
    String exception = (String) request.getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
    if (UnknownAccountException.class.getName().equals(exception)) {
        failed("Unknown account.");
    } else if (IncorrectCredentialsException.class.getName().equals(exception)) {
        failed("Incorrect password.");
    } else {
        LoggerHelper.error("unknown error : " + exception);
        failed("Unknown error.");
    }
    return "shiro_login";
}
 

@Override
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {
	if (WebHelper.isAjax((HttpServletRequest) request)) {
		Result result = Result.failure();
		if (e instanceof IncorrectCredentialsException) {
			result.message("密码错误");
		} else if (e instanceof ExpiredCredentialsException) {
			result.message("密码已过期");
		} else if (e instanceof UnknownAccountException) {
			result.message("该账号不存在");
		} else if (e instanceof DisabledAccountException) {
			result.message("该账号已禁用");
		} else if (e instanceof LockedAccountException) {
			result.message("该账号已锁定");
		} else if (e instanceof AccountException) {
			result.message("账号错误");
		} else if (e instanceof CredentialsException) {
			result.message("密码错误");
		}
		try {
			writeObject(request, response, result);
		} catch (IOException ex) {
			throw new RuntimeException(ex);
		}
		return false;
	}
	return super.onLoginFailure(token, e, request, response);
}