本文整理汇总了Java中org.apache.shiro.authc.AuthenticationInfo类的典型用法代码示例。如果您正苦于以下问题:Java AuthenticationInfo类的具体用法?Java AuthenticationInfo怎么用?Java AuthenticationInfo使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
AuthenticationInfo类属于org.apache.shiro.authc包,在下文中一共展示了AuthenticationInfo类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
/**
* 认证回调函数,登录时调用.
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken authcToken) throws AuthenticationException {
UsernamePassword2Token token = (UsernamePassword2Token) authcToken;
String username = token.getUsername();
if (username == null || null == username) {
throw new AccountException(
"Null usernames are not allowed by this realm.");
}
User entity = new User();
entity.setEmail(username);
entity.setStatus(Constant.STATUS_ENABLED);
entity = (User) service.iUserService.select(entity);
if (null == entity) {
throw new UnknownAccountException("No account found for user ["
+ username + "]");
}
byte[] key = Encode.decodeHex(entity.getRandom());
return new SimpleAuthenticationInfo(new Shiro(entity.getId(),
entity.getEmail(), entity.getName()), entity.getPassword(),
ByteSource.Util.bytes(key), getName());
}
示例2: queryForAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
/**
* Builds an {@link AuthenticationInfo} object by querying the active directory LDAP context for the
* specified username.
*/
@Override
protected AuthenticationInfo queryForAuthenticationInfo(
AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
final UsernamePasswordToken upToken = ensureUsernamePasswordToken(token);
final String userDn = findUserDn(ldapContextFactory, upToken.getUsername());
LdapContext ctx = null;
try {
// Binds using the username and password provided by the user.
ctx = ldapContextFactory.getLdapContext(userDn, upToken.getPassword());
} finally {
LdapUtils.closeContext(ctx);
}
return buildAuthenticationInfo(upToken.getUsername(), upToken.getPassword());
}
示例3: doCredentialsMatch
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) throws ExcessiveAttemptsException {
String username = (String)token.getPrincipal();
AtomicInteger retryCount = passwordRetryCache.get(username);
if(retryCount == null) {
retryCount = new AtomicInteger(0);
passwordRetryCache.put(username, retryCount);
}
if(retryCount.incrementAndGet() > retryMax) {
throw new ExcessiveAttemptsException("您已连续错误达" + retryMax + "次!请10分钟后再试");
}
boolean matches = super.doCredentialsMatch(token, info);
if(matches) {
passwordRetryCache.remove(username);
}else {
throw new IncorrectCredentialsException("密码错误,已错误" + retryCount.get() + "次,最多错误" + retryMax + "次");
}
return true;
}
示例4: queryForAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
/**
* This implementation opens an LDAP connection using the token's
* {@link #getLdapPrincipal(org.apache.shiro.authc.AuthenticationToken) discovered principal} and provided
* {@link AuthenticationToken#getCredentials() credentials}. If the connection opens successfully, the
* authentication attempt is immediately considered successful and a new
* {@link AuthenticationInfo} instance is
* {@link #createAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, Object, Object, javax.naming.ldap.LdapContext) created}
* and returned. If the connection cannot be opened, either because LDAP authentication failed or some other
* JNDI problem, an {@link NamingException} will be thrown.
*
* @param token the submitted authentication token that triggered the authentication attempt.
* @param ldapContextFactory factory used to retrieve LDAP connections.
* @return an {@link AuthenticationInfo} instance representing the authenticated user's information.
* @throws NamingException if any LDAP errors occur.
*/
protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken token,
LdapContextFactory ldapContextFactory)
throws NamingException {
Object principal = token.getPrincipal();
Object credentials = token.getCredentials();
log.debug("Authenticating user '{}' through LDAP", principal);
principal = getLdapPrincipal(token);
LdapContext ctx = null;
try {
ctx = ldapContextFactory.getLdapContext(principal, credentials);
//context was opened successfully, which means their credentials were valid. Return the AuthenticationInfo:
return createAuthenticationInfo(token, principal, credentials, ctx);
} finally {
LdapUtils.closeContext(ctx);
}
}
示例5: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
//UsernamePasswordToken对象用来存放提交的登录信息
UsernamePasswordToken token=(UsernamePasswordToken) authenticationToken;
log.info("验证当前Subject时获取到token为:" + ReflectionToStringBuilder.toString(token, ToStringStyle.MULTI_LINE_STYLE));
// return new SimpleAuthenticationInfo("hsjhsj","8e24137dee97c9bbddb9a0cd6e043be4" , getName());
return new SimpleAuthenticationInfo("hsjhsj","" , getName());
//查出是否有此用户
// TbUser user=null;
// if(user!=null){
// 若存在,将此用户存放到登录认证info中,无需自己做密码对比,Shiro会为我们进行密码对比校验
// return new SimpleAuthenticationInfo(user.getUsername(), , getName());
// }
// return null;
}
示例6: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
String token = (String) auth.getCredentials();
Cache<String, String> authCache = CacheController.getAuthCache();
if (! authCache.containsKey(token)) {
// get user info from database
int uid = JWTUtil.getUid(token);
UserEntity userEntity = userService.getUserByUid(uid);
authCache.put(token, String.valueOf(userEntity.getPassword()));
}
String secret = authCache.get(token);
if (!JWTUtil.decode(token, secret)) {
throw new AuthenticationException("Token invalid");
}
return new SimpleAuthenticationInfo(token, token, "jwt_realm");
}
示例7: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
/**
* 用户认证-验证用户是否登录、用户名密码是否匹配
*/
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
logger.info(">>> 【用户认证】token = {}", token);
String userName = (String)token.getPrincipal();
AdminUser user = getPrincipalService().getPrincipalObject(userName);
if(user == null) {
throw new UnknownAccountException("Unknown account: " + userName);//没找到帐号
}
if(AdminUserStatusEnum.ADMIN_USER_STATUS_DISABLED.getStatusCode().equals(user.getStatus())) {
throw new LockedAccountException("Account[" + userName + "] has been locked!"); //帐号锁定
}
//交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
user.getUserName(), //用户名
user.getPassword(), //密码
ByteSource.Util.bytes(user.getPasswordSalt()),//salt
getName() //realm name
);
return authenticationInfo;
}
示例8: doCredentialsMatch
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
String userName = (String)token.getPrincipal();
final String key = REDIS_KEY_PREFIX + userName;
long maxRetry = redisTemplate.opsForValue().increment(key, 1);
if(maxRetry == 1){ //首次输入密码
redisTemplate.expire(key, passwordRetryWaitMinutes, TimeUnit.MINUTES);
}
if(maxRetry >= passwordRetryLimit){
throw new ExcessiveAttemptsException(passwordRetryLimit + "");
}
boolean matches = super.doCredentialsMatch(token, info);
if(matches) {
redisTemplate.delete(key);
}
return matches;
}
示例9: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// identify account to log to
UsernamePasswordToken userPassToken = (UsernamePasswordToken) token;
final String username = userPassToken.getUsername();
if (username == null) {
return null;
}
// read password hash and salt from db
final User user = UserDAO.getUser(username);
if (user == null) {
return null;
}
// return salted credentials
SaltedAuthenticationInfo info = new SaltedAuthInfo(username, user.getPassword(), user.getSalt());
return info;
}
示例10: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
/**
* 先执行登录验证
* @param token
* @return
* @throws AuthenticationException
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
//获取用户名密码
String username = token.getPrincipal().toString();
TbUser tbUser = userService.getUserByUsername(username);
if (tbUser != null){
//得到用户账号和密码存放到authenticationInfo中用于Controller层的权限判断 第三个参数随意不能为null
AuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(tbUser.getUsername(),tbUser.getPassword(),
tbUser.getUsername()) ;
return authenticationInfo ;
}else{
return null ;
}
}
示例11: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
Map<String, Object> params = new HashMap<String, Object>();
params.put("enable", 1);
params.put("account", token.getUsername());
Parameter parameter = new Parameter("sysUserService", "queryList").setMap(params);
logger.info("{} execute sysUserService.queryList start...", parameter.getNo());
List<?> list = provider.execute(parameter).getList();
logger.info("{} execute sysUserService.queryList end.", parameter.getNo());
if (list.size() == 1) {
SysUser user = (SysUser) list.get(0);
StringBuilder sb = new StringBuilder(100);
for (int i = 0; i < token.getPassword().length; i++) {
sb.append(token.getPassword()[i]);
}
if (user.getPassword().equals(sb.toString())) {
WebUtil.saveCurrentUser(user.getId());
saveSession(user.getAccount(), token.getHost());
AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(user.getAccount(), user.getPassword(),
user.getUserName());
return authcInfo;
}
logger.warn("USER [{}] PASSWORD IS WRONG: {}", token.getUsername(), sb.toString());
return null;
} else {
logger.warn("No user: {}", token.getUsername());
return null;
}
}
示例12: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// token是用户输入的用户名和密码
// 第一步从token中取出用户名
String userCode = (String) token.getPrincipal();
// 如果查询不到返回null
//数据库中用户账号是zhangsansan
// if(!userCode.equals("zhangsansan")){//
// return null;
// }
// 模拟从数据库查询到密码
String password = "111111";
//将activeUser设置simpleAuthenticationInfo
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(
userCode, password, this.getName());
return simpleAuthenticationInfo;
}
示例13: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username = (String) token.getPrincipal();// 根据刚刚传过来的token获取用户名
Blogger blogger = bloggerService.findByUsername(username);// 只是根据用户名查询出,不涉及密码
if (blogger != null) {
System.out.println("验证信息:" + blogger);
// 把获取到的用户存到session中
SecurityUtils.getSubject().getSession().setAttribute("blogger", blogger);
// 把从数据库中查询出来的博主信息放到AuthenticationInfo中,即把正确的用户名,密码,交给shiro,再和前台输入的校验。
AuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(blogger.getUsername(),
blogger.getPassword(), "MyRealm");
return authenticationInfo;
} else {
return null;
}
}
示例14: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
/**
* 认证回调函数,登录时调用.
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
// User user = accountManager.findUserByLoginName(token.getUsername());
//根据loginToken 看能不查到当前token token有效期就1分钟
String tokenPassword=new String(token.getPassword());
User user = accountManager.findUserByLoginNameOrEmail(token.getUsername());
//user.getStandardLock()==1
if (user != null && user.getStatus().intValue()!=0 && !user.getLoginName().endsWith("@chacuo.net")) {
return new SimpleAuthenticationInfo(user.getLoginName(), user.getShaPassword() , getName());
} else {
return null;
}
}
示例15: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //导入依赖的package包/类
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException {
BearerToken token = (BearerToken)arg0;
// assert the bearerToken, and if valid, look up the account data and return
//an AuthenticationInfo instance representing that account.
String email = (String)token.getPrincipal();
String credentials = (String)token.getCredentials();
Preconditions.checkNotNull(email, "Email can't be null");
Preconditions.checkNotNull(token, "Token can't be null");
DBAuthenticationToken dbToken = tokenRepository.getAuthenticationToken(credentials) ;
if (tokenIsInvalid(token, dbToken)) {
LOGGER.info("Rejecting token " + credentials + " for user " + email);
return null;
}
return new BearerAuthenticationInfo(this, dbToken);
}