Java AuthenticationInfo類代碼示例

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
/**
 * 認證回調函數,登錄時調用.
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
		AuthenticationToken authcToken) throws AuthenticationException {
	UsernamePassword2Token token = (UsernamePassword2Token) authcToken;
	String username = token.getUsername();
	if (username == null || null == username) {
		throw new AccountException(
				"Null usernames are not allowed by this realm.");
	}
	User entity = new User();
	entity.setEmail(username);
	entity.setStatus(Constant.STATUS_ENABLED);
	entity = (User) service.iUserService.select(entity);
	if (null == entity) {
		throw new UnknownAccountException("No account found for user ["
				+ username + "]");
	}
	byte[] key = Encode.decodeHex(entity.getRandom());
	return new SimpleAuthenticationInfo(new Shiro(entity.getId(),
			entity.getEmail(), entity.getName()), entity.getPassword(),
			ByteSource.Util.bytes(key), getName());
}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
/**
 * Builds an {@link AuthenticationInfo} object by querying the active directory LDAP context for the
 * specified username.
 */
@Override
protected AuthenticationInfo queryForAuthenticationInfo(
        AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {

    final UsernamePasswordToken upToken = ensureUsernamePasswordToken(token);
    final String userDn = findUserDn(ldapContextFactory, upToken.getUsername());

    LdapContext ctx = null;
    try {
        // Binds using the username and password provided by the user.
        ctx = ldapContextFactory.getLdapContext(userDn, upToken.getPassword());
    } finally {
        LdapUtils.closeContext(ctx);
    }
    return buildAuthenticationInfo(upToken.getUsername(), upToken.getPassword());
}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) throws ExcessiveAttemptsException {
    String username = (String)token.getPrincipal();
    AtomicInteger retryCount = passwordRetryCache.get(username);

    if(retryCount == null) {
        retryCount = new AtomicInteger(0);
        passwordRetryCache.put(username, retryCount);
    }
    if(retryCount.incrementAndGet() > retryMax) {
        throw new ExcessiveAttemptsException("您已連續錯誤達" + retryMax + "次！請10分鍾後再試");
    }

    boolean matches = super.doCredentialsMatch(token, info);
    if(matches) {
        passwordRetryCache.remove(username);
    }else {
        throw new IncorrectCredentialsException("密碼錯誤，已錯誤" + retryCount.get() + "次，最多錯誤" + retryMax + "次");
    }
    return true;
}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
/**
 * This implementation opens an LDAP connection using the token's
 * {@link #getLdapPrincipal(org.apache.shiro.authc.AuthenticationToken) discovered principal} and provided
 * {@link AuthenticationToken#getCredentials() credentials}.  If the connection opens successfully, the
 * authentication attempt is immediately considered successful and a new
 * {@link AuthenticationInfo} instance is
 * {@link #createAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, Object, Object, javax.naming.ldap.LdapContext) created}
 * and returned.  If the connection cannot be opened, either because LDAP authentication failed or some other
 * JNDI problem, an {@link NamingException} will be thrown.
 *
 * @param token              the submitted authentication token that triggered the authentication attempt.
 * @param ldapContextFactory factory used to retrieve LDAP connections.
 * @return an {@link AuthenticationInfo} instance representing the authenticated user's information.
 * @throws NamingException if any LDAP errors occur.
 */
protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken token,
                                                        LdapContextFactory ldapContextFactory)
        throws NamingException {

    Object principal = token.getPrincipal();
    Object credentials = token.getCredentials();

    log.debug("Authenticating user '{}' through LDAP", principal);

    principal = getLdapPrincipal(token);

    LdapContext ctx = null;
    try {
        ctx = ldapContextFactory.getLdapContext(principal, credentials);
        //context was opened successfully, which means their credentials were valid.  Return the AuthenticationInfo:
        return createAuthenticationInfo(token, principal, credentials, ctx);
    } finally {
        LdapUtils.closeContext(ctx);
    }
}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
		//UsernamePasswordToken對象用來存放提交的登錄信息
        UsernamePasswordToken token=(UsernamePasswordToken) authenticationToken;

        log.info("驗證當前Subject時獲取到token為：" + ReflectionToStringBuilder.toString(token, ToStringStyle.MULTI_LINE_STYLE)); 
//        return new SimpleAuthenticationInfo("hsjhsj","8e24137dee97c9bbddb9a0cd6e043be4" , getName());
        return new SimpleAuthenticationInfo("hsjhsj","" , getName());
        //查出是否有此用戶
//        TbUser user=null;
//        if(user!=null){
            // 若存在，將此用戶存放到登錄認證info中，無需自己做密碼對比，Shiro會為我們進行密碼對比校驗
//            return new SimpleAuthenticationInfo(user.getUsername(), , getName());
//        }
//        return null;
	}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
    String token = (String) auth.getCredentials();
    Cache<String, String> authCache = CacheController.getAuthCache();
    if (! authCache.containsKey(token)) {
        // get user info from database
        int uid = JWTUtil.getUid(token);
        UserEntity userEntity = userService.getUserByUid(uid);
        authCache.put(token, String.valueOf(userEntity.getPassword()));
    }

    String secret = authCache.get(token);
    if (!JWTUtil.decode(token, secret)) {
        throw new AuthenticationException("Token invalid");
    }

    return new SimpleAuthenticationInfo(token, token, "jwt_realm");
}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
/**
 * 用戶認證-驗證用戶是否登錄、用戶名密碼是否匹配
 */
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	logger.info(">>> 【用戶認證】token = {}", token);
	String userName = (String)token.getPrincipal();
	AdminUser user = getPrincipalService().getPrincipalObject(userName);
       if(user == null) {
           throw new UnknownAccountException("Unknown account: " + userName);//沒找到帳號
       }
       if(AdminUserStatusEnum.ADMIN_USER_STATUS_DISABLED.getStatusCode().equals(user.getStatus())) {
           throw new LockedAccountException("Account[" + userName + "] has been locked!"); //帳號鎖定
       }
       //交給AuthenticatingRealm使用CredentialsMatcher進行密碼匹配
       SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
               user.getUserName(), //用戶名
               user.getPassword(), //密碼
               ByteSource.Util.bytes(user.getPasswordSalt()),//salt
               getName()  //realm name
       );
       return authenticationInfo;
}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
	String userName = (String)token.getPrincipal();
	final String key = REDIS_KEY_PREFIX + userName;
	long maxRetry = redisTemplate.opsForValue().increment(key, 1);
	if(maxRetry == 1){ //首次輸入密碼
		redisTemplate.expire(key, passwordRetryWaitMinutes, TimeUnit.MINUTES);
	}
	if(maxRetry >= passwordRetryLimit){
		throw new ExcessiveAttemptsException(passwordRetryLimit + "");
	}
	boolean matches = super.doCredentialsMatch(token, info);
       if(matches) {
       	redisTemplate.delete(key);
       }
       return matches;
}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	// identify account to log to
	UsernamePasswordToken userPassToken = (UsernamePasswordToken) token;
	final String username = userPassToken.getUsername();
	if (username == null) {
		return null;
	}
	// read password hash and salt from db
	final User user = UserDAO.getUser(username);
	if (user == null) {
		return null;
	}
	// return salted credentials
	SaltedAuthenticationInfo info = new SaltedAuthInfo(username, user.getPassword(), user.getSalt());
	return info;
}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
/**
 * 先執行登錄驗證
 * @param token
 * @return
 * @throws AuthenticationException
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

    //獲取用戶名密碼
    String username = token.getPrincipal().toString();
    TbUser tbUser = userService.getUserByUsername(username);
    if (tbUser != null){
        //得到用戶賬號和密碼存放到authenticationInfo中用於Controller層的權限判斷 第三個參數隨意不能為null
        AuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(tbUser.getUsername(),tbUser.getPassword(),
                tbUser.getUsername()) ;
        return authenticationInfo ;
    }else{
        return null ;
    }
}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
		throws AuthenticationException {
	UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
	Map<String, Object> params = new HashMap<String, Object>();
	params.put("enable", 1);
	params.put("account", token.getUsername());
	Parameter parameter = new Parameter("sysUserService", "queryList").setMap(params);
	logger.info("{} execute sysUserService.queryList start...", parameter.getNo());
	List<?> list = provider.execute(parameter).getList();
	logger.info("{} execute sysUserService.queryList end.", parameter.getNo());
	if (list.size() == 1) {
		SysUser user = (SysUser) list.get(0);
		StringBuilder sb = new StringBuilder(100);
		for (int i = 0; i < token.getPassword().length; i++) {
			sb.append(token.getPassword()[i]);
		}
		if (user.getPassword().equals(sb.toString())) {
			WebUtil.saveCurrentUser(user.getId());
			saveSession(user.getAccount(), token.getHost());
			AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(user.getAccount(), user.getPassword(),
					user.getUserName());
			return authcInfo;
		}
		logger.warn("USER [{}] PASSWORD IS WRONG: {}", token.getUsername(), sb.toString());
		return null;
	} else {
		logger.warn("No user: {}", token.getUsername());
		return null;
	}
}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        // token是用戶輸入的用戶名和密碼
        // 第一步從token中取出用戶名
        String userCode = (String) token.getPrincipal();

        // 如果查詢不到返回null
        //數據庫中用戶賬號是zhangsansan
//        if(!userCode.equals("zhangsansan")){//
//            return null;
//        }

        // 模擬從數據庫查詢到密碼
        String password = "111111";

        //將activeUser設置simpleAuthenticationInfo
        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(
                userCode, password, this.getName());

        return simpleAuthenticationInfo;
    }
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	String username = (String) token.getPrincipal();// 根據剛剛傳過來的token獲取用戶名
	Blogger blogger = bloggerService.findByUsername(username);// 隻是根據用戶名查詢出，不涉及密碼
	if (blogger != null) {
		System.out.println("驗證信息:" + blogger);
		// 把獲取到的用戶存到session中
		SecurityUtils.getSubject().getSession().setAttribute("blogger", blogger);
		// 把從數據庫中查詢出來的博主信息放到AuthenticationInfo中,即把正確的用戶名，密碼，交給shiro,再和前台輸入的校驗。
		AuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(blogger.getUsername(),
				blogger.getPassword(), "MyRealm");
		return authenticationInfo;
	} else {
		return null;
	}

}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
/**
	 * 認證回調函數,登錄時調用.
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
		UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
//		User user = accountManager.findUserByLoginName(token.getUsername());
		
		//根據loginToken 看能不查到當前token token有效期就1分鍾
		
		String tokenPassword=new String(token.getPassword());

		User user = accountManager.findUserByLoginNameOrEmail(token.getUsername());

		//user.getStandardLock()==1 
		if (user != null &&  user.getStatus().intValue()!=0 && !user.getLoginName().endsWith("@chacuo.net")) {
			 return new SimpleAuthenticationInfo(user.getLoginName(), user.getShaPassword() , getName());
		} else {
			return null;
		}
	}
 

import org.apache.shiro.authc.AuthenticationInfo; //導入依賴的package包/類
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException {
	BearerToken token = (BearerToken)arg0;
	// assert the bearerToken, and if valid, look up the account data and return
       //an AuthenticationInfo instance representing that account.
	String email = (String)token.getPrincipal();
	String credentials = (String)token.getCredentials();

	Preconditions.checkNotNull(email, "Email can't be null");
	Preconditions.checkNotNull(token, "Token can't be null");

	DBAuthenticationToken dbToken = tokenRepository.getAuthenticationToken(credentials) ;
	if (tokenIsInvalid(token, dbToken)) {
		LOGGER.info("Rejecting token " + credentials + " for user " + email);
		return null;
	}

	return new BearerAuthenticationInfo(this, dbToken);
}