org.apache.shiro.authc.credential.AllowAllCredentialsMatcher Java Examples
The following examples show how to use
org.apache.shiro.authc.credential.AllowAllCredentialsMatcher.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: ShiroConfig.java From spring-boot-starter-samples with Apache License 2.0 | 6 votes |
|
@Bean
public Realm defRealm(ShiroPrincipalRepository defRepository,
@Autowired(required = false) List<AuthorizingRealmListener> realmsListeners, ShiroBizProperties properties) {
LoginAuthorizingRealm authzRealm = new LoginAuthorizingRealm();
// 认证账号信息提供实现:认证信息、角色信息、权限信息;业务系统需要自己实现该接口
//authzRealm.setRepository(defRepository);
// 凭证匹配器:该对象主要做密码校验
authzRealm.setCredentialsMatcher(new AllowAllCredentialsMatcher());
// Realm 执行监听:实现该接口可监听认证失败和成功的状态,从而做业务系统自己的事情,比如记录日志
authzRealm.setRealmsListeners(realmsListeners);
// 缓存相关的配置:采用提供的默认配置即可
authzRealm.setCachingEnabled(properties.isCachingEnabled());
// 认证缓存配置:无状态情况不缓存认证信息
authzRealm.setAuthenticationCachingEnabled(properties.isAuthenticationCachingEnabled());
authzRealm.setAuthenticationCacheName(properties.getAuthenticationCacheName());
// 授权缓存配置:无状态情况不缓存认证信息
authzRealm.setAuthorizationCachingEnabled(properties.isAuthorizationCachingEnabled());
authzRealm.setAuthorizationCacheName(properties.getAuthorizationCacheName());
return authzRealm;
}
Example #2
| Source File: ShiroConfig.java From spring-boot-starter-samples with Apache License 2.0 | 6 votes |
|
@Bean
public Realm defRealm(ShiroPrincipalRepository defRepository,
@Autowired(required = false) List<AuthorizingRealmListener> realmsListeners, ShiroBizProperties properties) {
LoginAuthorizingRealm authzRealm = new LoginAuthorizingRealm();
// 认证账号信息提供实现:认证信息、角色信息、权限信息;业务系统需要自己实现该接口
//authzRealm.setRepository(defRepository);
// 凭证匹配器:该对象主要做密码校验
authzRealm.setCredentialsMatcher(new AllowAllCredentialsMatcher());
// Realm 执行监听:实现该接口可监听认证失败和成功的状态,从而做业务系统自己的事情,比如记录日志
authzRealm.setRealmsListeners(realmsListeners);
// 缓存相关的配置:采用提供的默认配置即可
authzRealm.setCachingEnabled(properties.isCachingEnabled());
// 认证缓存配置:无状态情况不缓存认证信息
authzRealm.setAuthenticationCachingEnabled(properties.isAuthenticationCachingEnabled());
authzRealm.setAuthenticationCacheName(properties.getAuthenticationCacheName());
// 授权缓存配置:无状态情况不缓存认证信息
authzRealm.setAuthorizationCachingEnabled(properties.isAuthorizationCachingEnabled());
authzRealm.setAuthorizationCacheName(properties.getAuthorizationCacheName());
return authzRealm;
}
Example #3
| Source File: AppHandoffRealm.java From arcusplatform with Apache License 2.0 | 5 votes |
|
@Inject
public AppHandoffRealm(AppHandoffDao handoffDao, PrincipalResolver principalResolver) {
this.handoffDao = handoffDao;
this.principalResolver = principalResolver;
// if it gets to this point its authorized
setCredentialsMatcher(new AllowAllCredentialsMatcher());
}
Example #4
| Source File: SsoAuthorizingRealm.java From onedev with MIT License | 5 votes |
|
@Inject
public SsoAuthorizingRealm(UserManager userManager, MembershipManager membershipManager,
GroupManager groupManager, ProjectManager projectManager, SessionManager sessionManager,
TransactionManager transactionManager, SshKeyManager sshKeyManager) {
super(userManager, groupManager, projectManager, sessionManager);
setCredentialsMatcher(new AllowAllCredentialsMatcher());
this.membershipManager = membershipManager;
this.transactionManager = transactionManager;
this.sshKeyManager = sshKeyManager;
}
Example #5
| Source File: OauthUserRealm.java From java-platform with Apache License 2.0 | 5 votes |
|
@Override
public void afterPropertiesSet() throws Exception {
setCachingEnabled(true);
setCacheManager(cacheManager);
setAuthenticationCachingEnabled(true);
setAuthenticationCacheName(CACHE_AUTHENTICATION);
setAuthorizationCachingEnabled(true);
setAuthorizationCacheName(CACHE_AUTHORIZATION);
setAuthenticationTokenClass(OauthUserToken.class);
setCredentialsMatcher(new AllowAllCredentialsMatcher());
}
Example #6
| Source File: Realm.java From usergrid with Apache License 2.0 | 5 votes |
|
public Realm( CacheManager cacheManager ) {
super( cacheManager );
setCredentialsMatcher( new AllowAllCredentialsMatcher() );
setPermissionResolver(new CustomPermissionResolver());
setCachingEnabled(true);
setAuthenticationCachingEnabled(true);
}
Example #7
| Source File: ShiroConfig.java From SENS with GNU General Public License v3.0 | 4 votes |
|
@Bean
public AllowAllCredentialsMatcher allowAllCredentialsMatcher() {
return new AllowAllCredentialsMatcher();
}
Example #8
| Source File: OktaRealm.java From okta-auth-java with Apache License 2.0 | 4 votes |
|
public OktaRealm() {
// matching credentials on server
setCredentialsMatcher(new AllowAllCredentialsMatcher());
setAuthenticationTokenClass(OktaSuccessLoginToken.class);
}
Example #9
| Source File: BearerAuthorizingRealm.java From onedev with MIT License | 4 votes |
|
@Inject
public BearerAuthorizingRealm(UserManager userManager, GroupManager groupManager,
ProjectManager projectManager, SessionManager sessionManager) {
super(userManager, groupManager, projectManager, sessionManager);
setCredentialsMatcher(new AllowAllCredentialsMatcher());
}
Example #10
| Source File: AbstractAuthorizingRealm.java From super-cloudops with Apache License 2.0 | 4 votes |
|
@Override
protected void assertCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) throws AuthenticationException {
AbstractIamAuthenticationToken tk = (AbstractIamAuthenticationToken) token;
IamAuthenticationInfo info0 = (IamAuthenticationInfo) info;
CredentialsMatcher matcher = getCredentialsMatcher();
if (isNull(matcher)) {
throw new AuthenticationException("A CredentialsMatcher must be configured in order to verify "
+ "credentials during authentication. If you do not wish for credentials to be examined, you "
+ "can configure an " + AllowAllCredentialsMatcher.class.getName() + " instance.");
}
// Assert credentials match.
if (!matcher.doCredentialsMatch(tk, info)) {
throw new IncorrectCredentialsException(bundle.getMessage("AbstractIamAuthorizingRealm.credential.mismatch"));
}
// Assert when that no permissions are configured, forbid login.
if (isBlank(info0.getAccountInfo().getPermissions())) {
throw new AccessPermissionDeniedException(bundle.getMessage("AbstractIamAuthorizingRealm.permission.denied"));
}
// Check if have access to the client application.
String fromAppName = tk.getRedirectInfo().getFromAppName();
if (!isBlank(fromAppName)) {
isTrue(!info.getPrincipals().isEmpty(),
format("Authentication info principals is empty, please check the configure. [%s]", info));
// For example: when using wechat scanning code (oauth2)
// to log in, token.getPrincipal() is empty,
// info.getPrimaryPrincipal() will not be empty.
String principal = (String) info.getPrincipals().getPrimaryPrincipal();
try {
authHandler.assertApplicationAccessAuthorized(principal, fromAppName);
} catch (IllegalApplicationAccessException ex) {
// Disable fallback redirect?
if (!tk.getRedirectInfo().isFallbackRedirect()) {
throw ex;
}
// For example: first login to manager service(mp) with
// 'admin', then logout, and then login to portal
// service(portal) with user01. At this time, the check will
// return that 'user01' has no permission to access manager
// service(mp).
// e.g.->https://sso.wl4g.com/login.html?service=mp&redirect_url=https%3A%2F%2Fmp.wl4g.com%2Fmp%2Fauthenticator
// Fallback determine redirect to application.
RedirectInfo fallbackRedirect = configurer.getFallbackRedirectInfo(tk,
new RedirectInfo(config.getSuccessService(), config.getSuccessUri(), true));
notNull(fallbackRedirect, "Fallback redirect info cannot be null");
/**
* See:{@link AuthenticatorAuthenticationFilter#savedRequestParameters()}
* See:{@link AbstractIamAuthenticationFilter#getRedirectInfo()}
*/
bindKVParameters(KEY_REQ_AUTH_PARAMS, KEY_REQ_AUTH_REDIRECT, fallbackRedirect);
log.warn("The principal({}) no access to '{}', fallback redirect to:{}, caused by: {}", principal, fromAppName,
fallbackRedirect, getRootCausesString(ex));
}
}
}
Example #11
| Source File: AccountRealm.java From mblog with GNU General Public License v3.0 | 4 votes |
|
public AccountRealm() {
super(new AllowAllCredentialsMatcher());
setAuthenticationTokenClass(UsernamePasswordToken.class);
}
Example #12
| Source File: Realm.java From usergrid with Apache License 2.0 | 4 votes |
|
public Realm() {
setCredentialsMatcher(new AllowAllCredentialsMatcher());
setPermissionResolver(new CustomPermissionResolver());
}
Example #13
| Source File: Realm.java From usergrid with Apache License 2.0 | 4 votes |
|
public Realm( CredentialsMatcher matcher ) {
super(new AllowAllCredentialsMatcher());
setPermissionResolver(new CustomPermissionResolver());
}
Example #14
| Source File: Realm.java From usergrid with Apache License 2.0 | 4 votes |
|
public Realm( CacheManager cacheManager, CredentialsMatcher matcher ) {
super(cacheManager, new AllowAllCredentialsMatcher());
setPermissionResolver( new CustomPermissionResolver() );
setCachingEnabled(true);
setAuthenticationCachingEnabled(true);
}
