Java Code Examples for org.apache.shiro.authc.UsernamePasswordToken#getPassword()
The following examples show how to use
org.apache.shiro.authc.UsernamePasswordToken#getPassword() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: CredentialsMatcher.java From springboot-learn with MIT License | 6 votes |
|
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
System.out.println("=================CredentialsMatcher.doCredentialsMatch=================");
UsernamePasswordToken utoken = (UsernamePasswordToken) token;
//获得用户输入的密码:(可以采用加盐(salt)的方式去检验)
String inPassword = new String(utoken.getPassword());
//获得数据库中的密码
String dbPassword = (String) info.getCredentials();
try {
// dbPassword = PasswordUtil.decrypt(dbPassword, utoken.getUsername());
} catch (Exception e) {
e.printStackTrace();
return false;
}
//进行密码的比对
return this.equals(inPassword, dbPassword);
}
Example 2
| Source File: Realm.java From permission with Apache License 2.0 | 6 votes |
|
/**
* 认证方法
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
System.out.println("认证中......");
UsernamePasswordToken upt = (UsernamePasswordToken)token;
String pwd = new String(upt.getPassword());
// // 根据用户名和密码查找用户
User user = userService.findUserByCodeAndPwd(upt.getUsername(), pwd);
if(user != null) {
//返回认证信息
//参数1:主角,就是登陆的用户
//参数2:证书,就是凭证,对应密码
//参数3:当前realm的名称
return new SimpleAuthenticationInfo(user, pwd, getName());
}
return null;
}
Example 3
| Source File: CredentialsMatcher.java From springboot-shiro with MIT License | 6 votes |
|
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
UsernamePasswordToken utoken = (UsernamePasswordToken) token;
//获得用户输入的密码:(可以采用加盐(salt)的方式去检验)
String inPassword = new String(utoken.getPassword());
//获得数据库中的密码
String dbPassword = (String) info.getCredentials();
try {
dbPassword = PasswordUtil.decrypt(dbPassword, utoken.getUsername());
} catch (Exception e) {
e.printStackTrace();
return false;
}
//进行密码的比对
return this.equals(inPassword, dbPassword);
}
Example 4
| Source File: CredentialsMatcher.java From OneBlog with GNU General Public License v3.0 | 6 votes |
|
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
UsernamePasswordToken utoken = (UsernamePasswordToken) token;
//获得用户输入的密码:(可以采用加盐(salt)的方式去检验)
String inPassword = new String(utoken.getPassword());
//获得数据库中的密码
String dbPassword = (String) info.getCredentials();
try {
dbPassword = PasswordUtil.decrypt(dbPassword, utoken.getUsername());
} catch (Exception e) {
e.printStackTrace();
return false;
}
//进行密码的比对
return this.equals(inPassword, dbPassword);
}
Example 5
| Source File: ShiroDbRealm.java From DWSurvey with GNU Affero General Public License v3.0 | 6 votes |
|
/**
* 认证回调函数,登录时调用.
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
// User user = accountManager.findUserByLoginName(token.getUsername());
//根据loginToken 看能不查到当前token token有效期就1分钟
String tokenPassword=new String(token.getPassword());
User user = accountManager.findUserByLoginNameOrEmail(token.getUsername());
//user.getStandardLock()==1
if (user != null && user.getStatus().intValue()!=0 && !user.getLoginName().endsWith("@chacuo.net")) {
return new SimpleAuthenticationInfo(user.getLoginName(), user.getShaPassword() , getName());
} else {
return null;
}
}
Example 6
| Source File: MockRealm.java From nexus-public with Eclipse Public License 1.0 | 6 votes |
|
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String password = new String(upToken.getPassword());
String userId = upToken.getUsername();
// username == password
try {
if (userId.endsWith(password) && userManager.getUser(userId) != null) {
return new SimpleAuthenticationInfo(new SimplePrincipalCollection(token.getPrincipal(),
this.getName()), userId);
}
else {
throw new IncorrectCredentialsException("User [" + userId + "] bad credentials.");
}
}
catch (UserNotFoundException e) {
throw new UnknownAccountException("User [" + userId + "] not found.");
}
}
Example 7
| Source File: AdminAuthorizingRealm.java From dts-shop with GNU Lesser General Public License v3.0 | 5 votes |
|
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String username = upToken.getUsername();
String password = new String(upToken.getPassword());
if (StringUtils.isEmpty(username)) {
throw new AccountException("用户名不能为空");
}
if (StringUtils.isEmpty(password)) {
throw new AccountException("密码不能为空");
}
List<DtsAdmin> adminList = adminService.findAdmin(username);
Assert.state(adminList.size() < 2, "同一个用户名存在两个账户");
if (adminList.size() == 0) {
logger.error("找不到用户(" + username + ")的帐号信息");
throw new UnknownAccountException("找不到用户(" + username + ")的帐号信息");
}
DtsAdmin admin = adminList.get(0);
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
if (!encoder.matches(password, admin.getPassword())) {
logger.error("找不到用户(" + username + ")的帐号信息");
throw new UnknownAccountException("找不到用户(" + username + ")的帐号信息");
}
return new SimpleAuthenticationInfo(admin, password, getName());
}
Example 8
| Source File: AuthzPrincipalRepositoryImpl.java From spring-boot-starter-samples with Apache License 2.0 | 5 votes |
|
@Override
public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
if( !StringUtils.hasText(upToken.getUsername()) || upToken.getPassword() == null ){
throw new UnknownAccountException("Username or password is required.");
}
//密码加密
String pwd = new String(upToken.getPassword());//Base64.encodeBase64String(new String(upToken.getPassword()).getBytes());
//账号状态
Map<String, String> statusMap = getAuthzLoginDao().getAccountStatus(upToken.getUsername(), pwd);
//账号不存在 或 用户名或密码不正确
if("0".equals(statusMap.get("num_1")) || "0".equals(statusMap.get("num_2"))){
throw new InvalidAccountException("Username or password is incorrect, please re-enter.");
}
// 账号被禁用
else if ("0".equals(statusMap.get("num_4"))) {
throw new DisabledAccountException("Account is disabled.");
}
//用户无所属角色
else if("0".equals(statusMap.get("num_3"))){
throw new NoneRoleException();
}
// 用户主体对象
AuthzLoginModel model = getAuthzLoginDao().getAccount(upToken.getUsername(), pwd);
// 用户角色ID集合
List<String> roles = getAuthzUserDao().getRoles(model.getUserid());
model.setRoles(Sets.newHashSet(roles.iterator()));
model.setRoleid(roles.get(0));
// 用户权限标记集合
Set<String> perms = Sets.newHashSet();
for (String roleid : model.getRoles()) {
perms.addAll(getAuthzRolePermsDao().getPermissions(roleid));
}
model.setPerms(perms);
// 认证信息
return new SimpleAuthenticationInfo(model, upToken.getPassword(), "login");
}
Example 9
| Source File: AuthzPrincipalRepositoryImpl.java From spring-boot-starter-samples with Apache License 2.0 | 5 votes |
|
@Override
public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
if( !StringUtils.hasText(upToken.getUsername()) || upToken.getPassword() == null ){
throw new UnknownAccountException("Username or password is required.");
}
//密码加密
String pwd = new String(upToken.getPassword());//Base64.encodeBase64String(new String(upToken.getPassword()).getBytes());
//账号状态
Map<String, String> statusMap = getAuthzLoginDao().getAccountStatus(upToken.getUsername(), pwd);
//账号不存在 或 用户名或密码不正确
if("0".equals(statusMap.get("num_1")) || "0".equals(statusMap.get("num_2"))){
throw new InvalidAccountException("Username or password is incorrect, please re-enter.");
}
// 账号被禁用
else if ("0".equals(statusMap.get("num_4"))) {
throw new DisabledAccountException("Account is disabled.");
}
//用户无所属角色
else if("0".equals(statusMap.get("num_3"))){
throw new NoneRoleException();
}
// 用户主体对象
AuthzLoginModel model = getAuthzLoginDao().getAccount(upToken.getUsername(), pwd);
// 用户角色ID集合
List<String> roles = getAuthzUserDao().getRoles(model.getUserid());
model.setRoles(Sets.newHashSet(roles.iterator()));
model.setRoleid(roles.get(0));
// 用户权限标记集合
Set<String> perms = Sets.newHashSet();
for (String roleid : model.getRoles()) {
perms.addAll(getAuthzRolePermsDao().getPermissions(roleid));
}
model.setPerms(perms);
// 认证信息
return new SimpleAuthenticationInfo(model, upToken.getPassword(), "login");
}
Example 10
| Source File: NexusKeycloakClient.java From nexus3-keycloak-plugin with Apache License 2.0 | 5 votes |
|
public boolean authenticate(UsernamePasswordToken token) {
String principal = token.getUsername();
String credentials = new String(token.getPassword());
AccessTokenResponse accessTokenResponse = this.keycloakAdminClient.obtainAccessToken(principal, credentials);
return accessTokenResponse != null && StringUtils.hasText(accessTokenResponse.getToken());
}
Example 11
| Source File: ShiroConfiguration.java From roncoo-jui-springboot with Apache License 2.0 | 5 votes |
|
/**
* 登录认证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) arg0;
// String roncooNo = token.getUsername();
// String password = token.getPassword().toString();
SecurityUtils.getSubject().getSession().setAttribute(Constants.Session.USER, sysUserDao.getByUserPhone(ConfUtil.USER));
return new SimpleAuthenticationInfo(token, token.getPassword(), getName());
}
Example 12
| Source File: MockRealmB.java From nexus-public with Eclipse Public License 1.0 | 5 votes |
|
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// only allow jcool/jcool
UsernamePasswordToken userpass = (UsernamePasswordToken) token;
if ("jcool".equals(userpass.getUsername()) && "jcool".equals(new String(userpass.getPassword()))) {
return new SimpleAuthenticationInfo(userpass.getUsername(), new String(userpass.getPassword()), this.getName());
}
return null;
}
Example 13
| Source File: MockRealmA.java From nexus-public with Eclipse Public License 1.0 | 5 votes |
|
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException
{
// only allow jcoder/jcoder
UsernamePasswordToken userpass = (UsernamePasswordToken) token;
if ("jcoder".equals(userpass.getUsername()) && "jcoder".equals(new String(userpass.getPassword()))) {
return new SimpleAuthenticationInfo(userpass.getUsername(), new String(userpass.getPassword()), this.getName());
}
return null;
}
Example 14
| Source File: ZeppelinHubRealm.java From zeppelin with Apache License 2.0 | 5 votes |
|
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authToken)
throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authToken;
if (StringUtils.isBlank(token.getUsername())) {
throw new AccountException("Empty usernames are not allowed by this realm.");
}
String loginPayload = createLoginPayload(token.getUsername(), token.getPassword());
User user = authenticateUser(loginPayload);
LOG.debug("{} successfully login via ZeppelinHub", user.login);
return new SimpleAuthenticationInfo(user.login, token.getPassword(), name);
}
Example 15
| Source File: ShiroAuthRealm.java From belling-admin with Apache License 2.0 | 4 votes |
|
/**
* 认证回调函数,登录时调用.
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
return new SimpleAuthenticationInfo(token.getUsername(), new String(token.getPassword()), getName());
}
