private PasswordService ensurePasswordService() { PasswordService service = getPasswordService(); if (service == null) { String msg = "Required PasswordService has not been configured."; throw new IllegalStateException(msg); } return service; }
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { PasswordService service = ensurePasswordService(); Object submittedPassword = getSubmittedPassword(token); Object storedCredentials = getStoredPassword(info); assertStoredCredentialsType(storedCredentials); if (storedCredentials instanceof Hash) { Hash hashedPassword = (Hash)storedCredentials; HashingPasswordService hashingService = assertHashingPasswordService(service); return hashingService.passwordsMatch(submittedPassword, hashedPassword); } //otherwise they are a String (asserted in the 'assertStoredCredentialsType' method call above): String formatted = (String)storedCredentials; return passwordService.passwordsMatch(submittedPassword, formatted); }
public class CustomEnvironmentLoaderListener extends EnvironmentLoaderListener { @Inject private JpaRealm jpaRealm; @Override protected WebEnvironment createEnvironment(ServletContext pServletContext) { WebEnvironment environment = super.createEnvironment(pServletContext); RealmSecurityManager rsm = (RealmSecurityManager) environment.getSecurityManager(); PasswordService passwordService = new DefaultPasswordService(); PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(passwordService); jpaRealm.setCredentialsMatcher(passwordMatcher); rsm.setRealm(jpaRealm); ((DefaultWebEnvironment) environment).setSecurityManager(rsm); return environment; } }
PasswordMatcher credentialsMatcher = new PasswordMatcher(); this.setCredentialsMatcher(credentialsMatcher);
@Configuration public class SecurityConfiguration { private static final String PRIVATE_SALT = "ourprivatesalt"; private PasswordService passwordService; private PasswordMatcher credentialsMatcher = new PasswordAndSystemCredentialsMatcher(); private AuthenticatingSecurityManager securityManager; @Bean public PasswordService passwordService() { if (passwordService == null) { DefaultPasswordService defaultPasswordService = new DefaultPasswordService(); passwordService = defaultPasswordService; DefaultHashService defaultHashService = (DefaultHashService) defaultPasswordService.getHashService(); defaultHashService.setPrivateSalt(new SimpleByteSource(PRIVATE_SALT)); } return passwordService; } @Bean public CredentialsMatcher credentialsMatcher() { credentialsMatcher.setPasswordService(passwordService()); return credentialsMatcher; }
@Override protected Object getStoredPassword(AuthenticationInfo storedUserInfo) { Object stored = super.getStoredPassword(storedUserInfo); if (stored instanceof char[]) { stored = String.valueOf((char[]) stored); } return stored; } }
@Override protected Object getSubmittedPassword(AuthenticationToken token) { Object submit = super.getSubmittedPassword(token); if (submit instanceof char[]) { submit = String.valueOf((char[]) submit); } return submit; }
@Bean(name = "credentialsMatcher") public PasswordMatcher credentialsMatcher() { final PasswordMatcher credentialsMatcher = new PasswordMatcher(); credentialsMatcher.setPasswordService(passwordService()); return credentialsMatcher; }
realm.setCredentialsMatcher(new PasswordMatcher());
@Override protected Object getStoredPassword(AuthenticationInfo storedUserInfo) { Object stored = super.getStoredPassword(storedUserInfo); if (stored instanceof char[]) { stored = String.valueOf((char[]) stored); } return stored; } }
@Override protected Object getSubmittedPassword(AuthenticationToken token) { Object submit = super.getSubmittedPassword(token); if (submit instanceof char[]) { submit = String.valueOf((char[]) submit); } return submit; }
@Inject public XmlAuthenticatingRealm( @Named( "default" ) ConfigurationManager configuration, PasswordService passwordService) { this.configuration = configuration; this.passwordService = passwordService; PasswordMatcher passwordMatcher = new PasswordMatcher(); passwordMatcher.setPasswordService(this.passwordService); setCredentialsMatcher( passwordMatcher ); }
public ShiroIniRealm(IniRealm iniRealm) { super(iniRealm); realm.setCredentialsMatcher(new PasswordMatcher()); }
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { PasswordService service = ensurePasswordService(); Object submittedPassword = getSubmittedPassword(token); Object storedCredentials = getStoredPassword(info); assertStoredCredentialsType(storedCredentials); if (storedCredentials instanceof Hash) { Hash hashedPassword = (Hash)storedCredentials; HashingPasswordService hashingService = assertHashingPasswordService(service); return hashingService.passwordsMatch(submittedPassword, hashedPassword); } //otherwise they are a String (asserted in the 'assertStoredCredentialsType' method call above): String formatted = (String)storedCredentials; return passwordService.passwordsMatch(submittedPassword, formatted); }
private PasswordService ensurePasswordService() { PasswordService service = getPasswordService(); if (service == null) { String msg = "Required PasswordService has not been configured."; throw new IllegalStateException(msg); } return service; }
public PasswordRealmMixin() { super(); passwordService = new DefaultPasswordService(); PasswordMatcher matcher = new PasswordMatcher(); matcher.setPasswordService( passwordService ); setCredentialsMatcher( matcher ); }
public ShiroIniRealm(IniRealm iniRealm) { super(iniRealm); realm.setCredentialsMatcher(new PasswordMatcher()); }
/** * Gets the hash service. * * @return the hash service */ private HashingPasswordService getHashService() { final CredentialsMatcher matcher = this.getCredentialsMatcher(); if (matcher instanceof PasswordMatcher) { final PasswordMatcher passwordMatcher = (PasswordMatcher) matcher; final PasswordService passwordService = passwordMatcher.getPasswordService(); if (passwordService instanceof HashingPasswordService) { return (HashingPasswordService) passwordService; } } return null; } }
public PasswordRealmMixin() { super(); passwordService = new DefaultPasswordService(); PasswordMatcher matcher = new PasswordMatcher(); matcher.setPasswordService( passwordService ); setCredentialsMatcher( matcher ); }
/** * Gets the hash service. * * @return the hash service */ private HashingPasswordService getHashService() { final CredentialsMatcher matcher = this.getCredentialsMatcher(); if (matcher instanceof PasswordMatcher) { final PasswordMatcher passwordMatcher = (PasswordMatcher) matcher; final PasswordService passwordService = passwordMatcher.getPasswordService(); if (passwordService instanceof HashingPasswordService) { return (HashingPasswordService) passwordService; } } return null; } }