本文整理汇总了Java中org.apache.shiro.authc.AuthenticationToken类的典型用法代码示例。如果您正苦于以下问题:Java AuthenticationToken类的具体用法?Java AuthenticationToken怎么用?Java AuthenticationToken使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
AuthenticationToken类属于org.apache.shiro.authc包,在下文中一共展示了AuthenticationToken类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: onLoginFailure
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
@Override
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException ae, ServletRequest request,
ServletResponse response) {
final OAuthResponse oAuthResponse;
try {
oAuthResponse = OAuthRSResponse.errorResponse(401)
.setError(OAuthError.ResourceResponse.INVALID_TOKEN)
.setErrorDescription(ae.getMessage())
.buildJSONMessage();
com.monkeyk.os.web.WebUtils.writeOAuthJsonResponse((HttpServletResponse) response, oAuthResponse);
} catch (OAuthSystemException e) {
LOGGER.error("Build JSON message error", e);
throw new IllegalStateException(e);
}
return false;
}
示例2: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
/**
* 认证回调函数,登录时调用.
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken authcToken) throws AuthenticationException {
UsernamePassword2Token token = (UsernamePassword2Token) authcToken;
String username = token.getUsername();
if (username == null || null == username) {
throw new AccountException(
"Null usernames are not allowed by this realm.");
}
User entity = new User();
entity.setEmail(username);
entity.setStatus(Constant.STATUS_ENABLED);
entity = (User) service.iUserService.select(entity);
if (null == entity) {
throw new UnknownAccountException("No account found for user ["
+ username + "]");
}
byte[] key = Encode.decodeHex(entity.getRandom());
return new SimpleAuthenticationInfo(new Shiro(entity.getId(),
entity.getEmail(), entity.getName()), entity.getPassword(),
ByteSource.Util.bytes(key), getName());
}
示例3: queryForAuthenticationInfo
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
/**
* Builds an {@link AuthenticationInfo} object by querying the active directory LDAP context for the
* specified username.
*/
@Override
protected AuthenticationInfo queryForAuthenticationInfo(
AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
final UsernamePasswordToken upToken = ensureUsernamePasswordToken(token);
final String userDn = findUserDn(ldapContextFactory, upToken.getUsername());
LdapContext ctx = null;
try {
// Binds using the username and password provided by the user.
ctx = ldapContextFactory.getLdapContext(userDn, upToken.getPassword());
} finally {
LdapUtils.closeContext(ctx);
}
return buildAuthenticationInfo(upToken.getUsername(), upToken.getPassword());
}
示例4: onLoginSuccess
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
/**
* 覆盖默认实现,用sendRedirect直接跳出框架,以免造成js框架重复加载js出错。
*
* @param token
* @param subject
* @param request
* @param response
* @return
* @throws Exception
*/
@Override
protected boolean onLoginSuccess(AuthenticationToken token,
Subject subject, ServletRequest request, ServletResponse response)
throws Exception {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
if (!"XMLHttpRequest".equalsIgnoreCase(httpRequest
.getHeader("X-Requested-With"))) {
httpResponse.sendRedirect(httpRequest.getContextPath()
+ this.getSuccessUrl());
} else {
httpRequest.getRequestDispatcher("/CN").forward(httpRequest,
httpResponse);
}
return false;
}
示例5: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
//UsernamePasswordToken对象用来存放提交的登录信息
UsernamePasswordToken token=(UsernamePasswordToken) authenticationToken;
log.info("验证当前Subject时获取到token为:" + ReflectionToStringBuilder.toString(token, ToStringStyle.MULTI_LINE_STYLE));
// return new SimpleAuthenticationInfo("hsjhsj","8e24137dee97c9bbddb9a0cd6e043be4" , getName());
return new SimpleAuthenticationInfo("hsjhsj","" , getName());
//查出是否有此用户
// TbUser user=null;
// if(user!=null){
// 若存在,将此用户存放到登录认证info中,无需自己做密码对比,Shiro会为我们进行密码对比校验
// return new SimpleAuthenticationInfo(user.getUsername(), , getName());
// }
// return null;
}
示例6: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
String token = (String) auth.getCredentials();
Cache<String, String> authCache = CacheController.getAuthCache();
if (! authCache.containsKey(token)) {
// get user info from database
int uid = JWTUtil.getUid(token);
UserEntity userEntity = userService.getUserByUid(uid);
authCache.put(token, String.valueOf(userEntity.getPassword()));
}
String secret = authCache.get(token);
if (!JWTUtil.decode(token, secret)) {
throw new AuthenticationException("Token invalid");
}
return new SimpleAuthenticationInfo(token, token, "jwt_realm");
}
示例7: onLoginFailure
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
@Override
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {
HttpServletResponse httpResponse = (HttpServletResponse) response;
httpResponse.setContentType("application/json;charset=utf-8");
try {
//处理登录失败的异常
Throwable throwable = e.getCause() == null ? e : e.getCause();
R r = R.error(HttpStatus.SC_UNAUTHORIZED, throwable.getMessage());
String json = new Gson().toJson(r);
httpResponse.getWriter().print(json);
} catch (IOException e1) {
}
return false;
}
示例8: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
/**
* 用户认证-验证用户是否登录、用户名密码是否匹配
*/
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
logger.info(">>> 【用户认证】token = {}", token);
String userName = (String)token.getPrincipal();
AdminUser user = getPrincipalService().getPrincipalObject(userName);
if(user == null) {
throw new UnknownAccountException("Unknown account: " + userName);//没找到帐号
}
if(AdminUserStatusEnum.ADMIN_USER_STATUS_DISABLED.getStatusCode().equals(user.getStatus())) {
throw new LockedAccountException("Account[" + userName + "] has been locked!"); //帐号锁定
}
//交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
user.getUserName(), //用户名
user.getPassword(), //密码
ByteSource.Util.bytes(user.getPasswordSalt()),//salt
getName() //realm name
);
return authenticationInfo;
}
示例9: doCredentialsMatch
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
String userName = (String)token.getPrincipal();
final String key = REDIS_KEY_PREFIX + userName;
long maxRetry = redisTemplate.opsForValue().increment(key, 1);
if(maxRetry == 1){ //首次输入密码
redisTemplate.expire(key, passwordRetryWaitMinutes, TimeUnit.MINUTES);
}
if(maxRetry >= passwordRetryLimit){
throw new ExcessiveAttemptsException(passwordRetryLimit + "");
}
boolean matches = super.doCredentialsMatch(token, info);
if(matches) {
redisTemplate.delete(key);
}
return matches;
}
示例10: login
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
@RequestMapping(value = "/tlogin", method = RequestMethod.POST)
public String login(String username, String password, HttpServletRequest request) {
//String validateCode = (String) ServletActionContext.getRequest().getSession().getAttribute("key");
// if (StringUtils.isNotBlank(checkcode) && checkcode.equals(validateCode)) {
// 使用shiri方式
// 获得当前对象的状态:未认证
Subject subject = SecurityUtils.getSubject();
// 用户名密码令牌对象
AuthenticationToken token = new UsernamePasswordToken(username,
password);
try {
subject.login(token);
} catch (Exception e) {
e.printStackTrace();
return "login";
}
User user = (User) subject.getPrincipal();
// user放入session
request.getSession().setAttribute("loginUser", user);
return "index";
}
示例11: createToken
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
@Override
protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception {
HttpServletRequest httpRequest = (HttpServletRequest) request;
final String accessToken = getAccessToken(httpRequest);
final AccessToken token = rsService.loadAccessTokenByTokenId(accessToken);
String username = null;
if (token != null) {
LOGGER.debug("Set username and clientId from AccessToken: {}", token);
username = token.username();
httpRequest.setAttribute(OAuth.OAUTH_CLIENT_ID, token.clientId());
} else {
LOGGER.debug("Not found AccessToken by access_token: {}", accessToken);
}
return new OAuth2Token(accessToken, resourceId)
.setUserId(username);
}
示例12: createSubject
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
@Override
public Subject createSubject(SubjectContext context) {
boolean authenticated = context.isAuthenticated();
if (authenticated) {
AuthenticationToken token = context.getAuthenticationToken();
if (token != null && token instanceof OAuth2Token) {
OAuth2Token oAuth2Token = (OAuth2Token) token;
if (oAuth2Token.isRememberMe()) {
context.setAuthenticated(false);
}
}
}
return super.createSubject(context);
}
示例13: onLoginSuccess
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
@Override
protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
if (!httpServletRequest.getRequestURL().toString().endsWith(".json")) {
issueSuccessRedirect(request, response);
} else {
httpServletResponse.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = httpServletResponse.getWriter();
out.println("{\"code\":200,\"info\":\"登入成功\"}");
out.flush();
out.close();
}
return true;
}
示例14: onLoginFailure
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
@Override
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {
if (!((HttpServletRequest)request).getRequestURL().toString().endsWith(".json")) {
setFailureAttribute(request, e);
return true;
}
try {
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = response.getWriter();
String message = e.getClass().getSimpleName();
if ("IncorrectCredentialsException".equals(message)
|| "UnknownAccountException".equals(message)
) {
out.println("{\"code\":-100010,\"info\":\"账号或密码错误\"}");
}else if("ExcessiveAttemptsException".equals(message)){
out.println("{\"code\":-100020,\"info\":\"密码错误次数超过限制,请10分钟后重试!\"}");
}else if("LockedAccountException".equals(message)){
out.println("{\"code\":-100030,\"info\":\"账号已停用!\"}");
} else {
out.println("{\"code\":-100500,\"info\":\"未知错误\"}");
}
out.flush();
out.close();
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
return false;
}
示例15: createToken
import org.apache.shiro.authc.AuthenticationToken; //导入依赖的package包/类
@Override
protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception {
HttpServletRequest httpRequest = (HttpServletRequest) request;
final String accessToken = httpRequest.getParameter(OAuth.OAUTH_ACCESS_TOKEN);
final AccessToken token = rsService.loadAccessTokenByTokenId(accessToken);
String username = null;
if (token != null) {
username = token.username();
logger.debug("Set username[{}] and clientId[{}] to request that from AccessToken: {}", username, token.clientId(), token);
httpRequest.setAttribute(OAuth.OAUTH_CLIENT_ID, token.clientId());
} else {
logger.debug("Not found AccessToken by access_token: {}", accessToken);
}
return new OAuth2Token(accessToken, resourceId)
.setUserId(username);
}