public AuthenticatingRealm() { this(null, new SimpleCredentialsMatcher()); }
/** * This implementation acquires the {@code token}'s credentials * (via {@link #getCredentials(AuthenticationToken) getCredentials(token)}) * and then the {@code account}'s credentials * (via {@link #getCredentials(org.apache.shiro.authc.AuthenticationInfo) getCredentials(account)}) and then passes both of * them to the {@link #equals(Object,Object) equals(tokenCredentials, accountCredentials)} method for equality * comparison. * * @param token the {@code AuthenticationToken} submitted during the authentication attempt. * @param info the {@code AuthenticationInfo} stored in the system matching the token principal. * @return {@code true} if the provided token credentials are equal to the stored account credentials, * {@code false} otherwise */ public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { Object tokenCredentials = getCredentials(token); Object accountCredentials = getCredentials(info); return equals(tokenCredentials, accountCredentials); }
accountCredentials.getClass().getName() + "]"); if (isByteSource(tokenCredentials) && isByteSource(accountCredentials)) { if (log.isDebugEnabled()) { log.debug("Both credentials arguments can be easily converted to byte arrays. Performing " + "array equals comparison"); byte[] tokenBytes = toBytes(tokenCredentials); byte[] accountBytes = toBytes(accountCredentials); return MessageDigest.isEqual(tokenBytes, accountBytes); } else {
matches = super.doCredentialsMatch(token, info); } else if (token.getLoginType().equals(MuitiLoginToken.TOKEN_MODE)) { SimpleCredentialsMatcher simpleMatcher = new SimpleCredentialsMatcher(); matches = simpleMatcher.doCredentialsMatch(token, info); } else { throw new BusinessException("not support login type :" + token.getLoginType());
@Override protected boolean equals(Object tokenCredentials, Object accountCredentials) { if (tokenCredentials == null || accountCredentials == null) { return false; } return super.equals(tokenCredentials, accountCredentials); } }
@Override public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { return super.doCredentialsMatch(token,info); }
/** * This implementation acquires the {@code token}'s credentials * (via {@link #getCredentials(AuthenticationToken) getCredentials(token)}) * and then the {@code account}'s credentials * (via {@link #getCredentials(org.apache.shiro.authc.AuthenticationInfo) getCredentials(account)}) and then passes both of * them to the {@link #equals(Object,Object) equals(tokenCredentials, accountCredentials)} method for equality * comparison. * * @param token the {@code AuthenticationToken} submitted during the authentication attempt. * @param info the {@code AuthenticationInfo} stored in the system matching the token principal. * @return {@code true} if the provided token credentials are equal to the stored account credentials, * {@code false} otherwise */ public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { Object tokenCredentials = getCredentials(token); Object accountCredentials = getCredentials(info); return equals(tokenCredentials, accountCredentials); }
accountCredentials.getClass().getName() + "]"); if (isByteSource(tokenCredentials) && isByteSource(accountCredentials)) { if (log.isDebugEnabled()) { log.debug("Both credentials arguments can be easily converted to byte arrays. Performing " + "array equals comparison"); byte[] tokenBytes = toBytes(tokenCredentials); byte[] accountBytes = toBytes(accountCredentials); return MessageDigest.isEqual(tokenBytes, accountBytes); } else {
public AuthenticatingRealm(CacheManager cacheManager) { this(cacheManager, new SimpleCredentialsMatcher()); }
/** * This implementation acquires the {@code token}'s credentials * (via {@link #getCredentials(AuthenticationToken) getCredentials(token)}) * and then the {@code account}'s credentials * (via {@link #getCredentials(org.apache.shiro.authc.AuthenticationInfo) getCredentials(account)}) and then passes both of * them to the {@link #equals(Object,Object) equals(tokenCredentials, accountCredentials)} method for equality * comparison. * * @param token the {@code AuthenticationToken} submitted during the authentication attempt. * @param info the {@code AuthenticationInfo} stored in the system matching the token principal. * @return {@code true} if the provided token credentials are equal to the stored account credentials, * {@code false} otherwise */ public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { Object tokenCredentials = getCredentials(token); Object accountCredentials = getCredentials(info); return equals(tokenCredentials, accountCredentials); }
accountCredentials.getClass().getName() + "]"); if (isByteSource(tokenCredentials) && isByteSource(accountCredentials)) { if (log.isDebugEnabled()) { log.debug("Both credentials arguments can be easily converted to byte arrays. Performing " + "array equals comparison"); byte[] tokenBytes = toBytes(tokenCredentials); byte[] accountBytes = toBytes(accountCredentials); return Arrays.equals(tokenBytes, accountBytes); } else {
public AuthenticatingRealm() { this(null, new SimpleCredentialsMatcher()); }
public AuthenticatingRealm(CacheManager cacheManager) { this(cacheManager, new SimpleCredentialsMatcher()); }
public ApiKeyRealm(String name, CacheManager cacheManager, AuthIdentityReader<ApiKey> authIdentityReader, PermissionReader permissionReader, @Nullable String anonymousId) { super(null, AnonymousCredentialsMatcher.anonymousOrMatchUsing(new SimpleCredentialsMatcher())); _authIdentityReader = checkNotNull(authIdentityReader, "authIdentityReader"); _permissionReader = checkNotNull(permissionReader, "permissionReader"); _anonymousId = anonymousId; setName(checkNotNull(name, "name")); setAuthenticationTokenClass(ApiKeyAuthenticationToken.class); setPermissionResolver(permissionReader.getPermissionResolver()); setRolePermissionResolver(createRolePermissionResolver()); setCacheManager(prepareCacheManager(cacheManager)); setAuthenticationCachingEnabled(true); setAuthorizationCachingEnabled(true); // By default Shiro calls clearCache() for each user when they are logged out in order to prevent stale // credentials from being cached. However, if the cache manager implements InvalidatingCacheManager then it has // its own internal listeners that will invalidate the cache on any updates, making this behavior unnecessarily // expensive. _clearCaches = cacheManager != null && !(cacheManager instanceof InvalidatableCacheManager); _log.debug("Clearing of caches for realm {} is {}", name, _clearCaches ? "enabled" : "disabled"); }