本文整理匯總了Java中org.apache.shiro.authc.AuthenticationInfo類的典型用法代碼示例。如果您正苦於以下問題:Java AuthenticationInfo類的具體用法?Java AuthenticationInfo怎麽用?Java AuthenticationInfo使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。
AuthenticationInfo類屬於org.apache.shiro.authc包,在下文中一共展示了AuthenticationInfo類的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
/**
* 認證回調函數,登錄時調用.
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken authcToken) throws AuthenticationException {
UsernamePassword2Token token = (UsernamePassword2Token) authcToken;
String username = token.getUsername();
if (username == null || null == username) {
throw new AccountException(
"Null usernames are not allowed by this realm.");
}
User entity = new User();
entity.setEmail(username);
entity.setStatus(Constant.STATUS_ENABLED);
entity = (User) service.iUserService.select(entity);
if (null == entity) {
throw new UnknownAccountException("No account found for user ["
+ username + "]");
}
byte[] key = Encode.decodeHex(entity.getRandom());
return new SimpleAuthenticationInfo(new Shiro(entity.getId(),
entity.getEmail(), entity.getName()), entity.getPassword(),
ByteSource.Util.bytes(key), getName());
}
示例2: queryForAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
/**
* Builds an {@link AuthenticationInfo} object by querying the active directory LDAP context for the
* specified username.
*/
@Override
protected AuthenticationInfo queryForAuthenticationInfo(
AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
final UsernamePasswordToken upToken = ensureUsernamePasswordToken(token);
final String userDn = findUserDn(ldapContextFactory, upToken.getUsername());
LdapContext ctx = null;
try {
// Binds using the username and password provided by the user.
ctx = ldapContextFactory.getLdapContext(userDn, upToken.getPassword());
} finally {
LdapUtils.closeContext(ctx);
}
return buildAuthenticationInfo(upToken.getUsername(), upToken.getPassword());
}
示例3: doCredentialsMatch
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) throws ExcessiveAttemptsException {
String username = (String)token.getPrincipal();
AtomicInteger retryCount = passwordRetryCache.get(username);
if(retryCount == null) {
retryCount = new AtomicInteger(0);
passwordRetryCache.put(username, retryCount);
}
if(retryCount.incrementAndGet() > retryMax) {
throw new ExcessiveAttemptsException("您已連續錯誤達" + retryMax + "次!請10分鍾後再試");
}
boolean matches = super.doCredentialsMatch(token, info);
if(matches) {
passwordRetryCache.remove(username);
}else {
throw new IncorrectCredentialsException("密碼錯誤,已錯誤" + retryCount.get() + "次,最多錯誤" + retryMax + "次");
}
return true;
}
示例4: queryForAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
/**
* This implementation opens an LDAP connection using the token's
* {@link #getLdapPrincipal(org.apache.shiro.authc.AuthenticationToken) discovered principal} and provided
* {@link AuthenticationToken#getCredentials() credentials}. If the connection opens successfully, the
* authentication attempt is immediately considered successful and a new
* {@link AuthenticationInfo} instance is
* {@link #createAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, Object, Object, javax.naming.ldap.LdapContext) created}
* and returned. If the connection cannot be opened, either because LDAP authentication failed or some other
* JNDI problem, an {@link NamingException} will be thrown.
*
* @param token the submitted authentication token that triggered the authentication attempt.
* @param ldapContextFactory factory used to retrieve LDAP connections.
* @return an {@link AuthenticationInfo} instance representing the authenticated user's information.
* @throws NamingException if any LDAP errors occur.
*/
protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken token,
LdapContextFactory ldapContextFactory)
throws NamingException {
Object principal = token.getPrincipal();
Object credentials = token.getCredentials();
log.debug("Authenticating user '{}' through LDAP", principal);
principal = getLdapPrincipal(token);
LdapContext ctx = null;
try {
ctx = ldapContextFactory.getLdapContext(principal, credentials);
//context was opened successfully, which means their credentials were valid. Return the AuthenticationInfo:
return createAuthenticationInfo(token, principal, credentials, ctx);
} finally {
LdapUtils.closeContext(ctx);
}
}
示例5: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
//UsernamePasswordToken對象用來存放提交的登錄信息
UsernamePasswordToken token=(UsernamePasswordToken) authenticationToken;
log.info("驗證當前Subject時獲取到token為:" + ReflectionToStringBuilder.toString(token, ToStringStyle.MULTI_LINE_STYLE));
// return new SimpleAuthenticationInfo("hsjhsj","8e24137dee97c9bbddb9a0cd6e043be4" , getName());
return new SimpleAuthenticationInfo("hsjhsj","" , getName());
//查出是否有此用戶
// TbUser user=null;
// if(user!=null){
// 若存在,將此用戶存放到登錄認證info中,無需自己做密碼對比,Shiro會為我們進行密碼對比校驗
// return new SimpleAuthenticationInfo(user.getUsername(), , getName());
// }
// return null;
}
示例6: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
String token = (String) auth.getCredentials();
Cache<String, String> authCache = CacheController.getAuthCache();
if (! authCache.containsKey(token)) {
// get user info from database
int uid = JWTUtil.getUid(token);
UserEntity userEntity = userService.getUserByUid(uid);
authCache.put(token, String.valueOf(userEntity.getPassword()));
}
String secret = authCache.get(token);
if (!JWTUtil.decode(token, secret)) {
throw new AuthenticationException("Token invalid");
}
return new SimpleAuthenticationInfo(token, token, "jwt_realm");
}
示例7: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
/**
* 用戶認證-驗證用戶是否登錄、用戶名密碼是否匹配
*/
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
logger.info(">>> 【用戶認證】token = {}", token);
String userName = (String)token.getPrincipal();
AdminUser user = getPrincipalService().getPrincipalObject(userName);
if(user == null) {
throw new UnknownAccountException("Unknown account: " + userName);//沒找到帳號
}
if(AdminUserStatusEnum.ADMIN_USER_STATUS_DISABLED.getStatusCode().equals(user.getStatus())) {
throw new LockedAccountException("Account[" + userName + "] has been locked!"); //帳號鎖定
}
//交給AuthenticatingRealm使用CredentialsMatcher進行密碼匹配
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
user.getUserName(), //用戶名
user.getPassword(), //密碼
ByteSource.Util.bytes(user.getPasswordSalt()),//salt
getName() //realm name
);
return authenticationInfo;
}
示例8: doCredentialsMatch
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
String userName = (String)token.getPrincipal();
final String key = REDIS_KEY_PREFIX + userName;
long maxRetry = redisTemplate.opsForValue().increment(key, 1);
if(maxRetry == 1){ //首次輸入密碼
redisTemplate.expire(key, passwordRetryWaitMinutes, TimeUnit.MINUTES);
}
if(maxRetry >= passwordRetryLimit){
throw new ExcessiveAttemptsException(passwordRetryLimit + "");
}
boolean matches = super.doCredentialsMatch(token, info);
if(matches) {
redisTemplate.delete(key);
}
return matches;
}
示例9: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// identify account to log to
UsernamePasswordToken userPassToken = (UsernamePasswordToken) token;
final String username = userPassToken.getUsername();
if (username == null) {
return null;
}
// read password hash and salt from db
final User user = UserDAO.getUser(username);
if (user == null) {
return null;
}
// return salted credentials
SaltedAuthenticationInfo info = new SaltedAuthInfo(username, user.getPassword(), user.getSalt());
return info;
}
示例10: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
/**
* 先執行登錄驗證
* @param token
* @return
* @throws AuthenticationException
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
//獲取用戶名密碼
String username = token.getPrincipal().toString();
TbUser tbUser = userService.getUserByUsername(username);
if (tbUser != null){
//得到用戶賬號和密碼存放到authenticationInfo中用於Controller層的權限判斷 第三個參數隨意不能為null
AuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(tbUser.getUsername(),tbUser.getPassword(),
tbUser.getUsername()) ;
return authenticationInfo ;
}else{
return null ;
}
}
示例11: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
Map<String, Object> params = new HashMap<String, Object>();
params.put("enable", 1);
params.put("account", token.getUsername());
Parameter parameter = new Parameter("sysUserService", "queryList").setMap(params);
logger.info("{} execute sysUserService.queryList start...", parameter.getNo());
List<?> list = provider.execute(parameter).getList();
logger.info("{} execute sysUserService.queryList end.", parameter.getNo());
if (list.size() == 1) {
SysUser user = (SysUser) list.get(0);
StringBuilder sb = new StringBuilder(100);
for (int i = 0; i < token.getPassword().length; i++) {
sb.append(token.getPassword()[i]);
}
if (user.getPassword().equals(sb.toString())) {
WebUtil.saveCurrentUser(user.getId());
saveSession(user.getAccount(), token.getHost());
AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(user.getAccount(), user.getPassword(),
user.getUserName());
return authcInfo;
}
logger.warn("USER [{}] PASSWORD IS WRONG: {}", token.getUsername(), sb.toString());
return null;
} else {
logger.warn("No user: {}", token.getUsername());
return null;
}
}
示例12: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// token是用戶輸入的用戶名和密碼
// 第一步從token中取出用戶名
String userCode = (String) token.getPrincipal();
// 如果查詢不到返回null
//數據庫中用戶賬號是zhangsansan
// if(!userCode.equals("zhangsansan")){//
// return null;
// }
// 模擬從數據庫查詢到密碼
String password = "111111";
//將activeUser設置simpleAuthenticationInfo
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(
userCode, password, this.getName());
return simpleAuthenticationInfo;
}
示例13: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
String username = (String) token.getPrincipal();// 根據剛剛傳過來的token獲取用戶名
Blogger blogger = bloggerService.findByUsername(username);// 隻是根據用戶名查詢出,不涉及密碼
if (blogger != null) {
System.out.println("驗證信息:" + blogger);
// 把獲取到的用戶存到session中
SecurityUtils.getSubject().getSession().setAttribute("blogger", blogger);
// 把從數據庫中查詢出來的博主信息放到AuthenticationInfo中,即把正確的用戶名,密碼,交給shiro,再和前台輸入的校驗。
AuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(blogger.getUsername(),
blogger.getPassword(), "MyRealm");
return authenticationInfo;
} else {
return null;
}
}
示例14: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
/**
* 認證回調函數,登錄時調用.
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
// User user = accountManager.findUserByLoginName(token.getUsername());
//根據loginToken 看能不查到當前token token有效期就1分鍾
String tokenPassword=new String(token.getPassword());
User user = accountManager.findUserByLoginNameOrEmail(token.getUsername());
//user.getStandardLock()==1
if (user != null && user.getStatus().intValue()!=0 && !user.getLoginName().endsWith("@chacuo.net")) {
return new SimpleAuthenticationInfo(user.getLoginName(), user.getShaPassword() , getName());
} else {
return null;
}
}
示例15: doGetAuthenticationInfo
import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException {
BearerToken token = (BearerToken)arg0;
// assert the bearerToken, and if valid, look up the account data and return
//an AuthenticationInfo instance representing that account.
String email = (String)token.getPrincipal();
String credentials = (String)token.getCredentials();
Preconditions.checkNotNull(email, "Email can't be null");
Preconditions.checkNotNull(token, "Token can't be null");
DBAuthenticationToken dbToken = tokenRepository.getAuthenticationToken(credentials) ;
if (tokenIsInvalid(token, dbToken)) {
LOGGER.info("Rejecting token " + credentials + " for user " + email);
return null;
}
return new BearerAuthenticationInfo(this, dbToken);
}