/** * Returns {@code info}.{@link org.apache.shiro.authc.AuthenticationInfo#getPrincipals() getPrincipals()} and * ignores the {@link Subject} argument. * * @param subject the subject for which the principals are being remembered. * @param info the authentication info resulting from the successful authentication attempt. * @return the {@code PrincipalCollection} to remember. */ protected PrincipalCollection getIdentityToRemember(Subject subject, AuthenticationInfo info) { return info.getPrincipals(); }
/** * Returns the specified {@code aggregate} instance if is non null and valid (that is, has principals and they are * not empty) immediately, or, if it is null or not valid, the {@code info} argument is returned instead. * <p/> * This logic ensures that the first valid info encountered is the one retained and all subsequent ones are ignored, * since this strategy mandates that only the info from the first successfully authenticated realm be used. */ protected AuthenticationInfo merge(AuthenticationInfo info, AuthenticationInfo aggregate) { if (aggregate != null && !isEmpty(aggregate.getPrincipals())) { return aggregate; } return info != null ? info : aggregate; } }
/** * Ensures that the <code>aggregate</code> method argument is not <code>null</code> and * <code>aggregate.{@link org.apache.shiro.authc.AuthenticationInfo#getPrincipals() getPrincipals()}</code> * is not <code>null</code>, and if either is <code>null</code>, throws an AuthenticationException to indicate * that none of the realms authenticated successfully. */ public AuthenticationInfo afterAllAttempts(AuthenticationToken token, AuthenticationInfo aggregate) throws AuthenticationException { //we know if one or more were able to successfully authenticate if the aggregated account object does not //contain null or empty data: if (aggregate == null || isEmpty(aggregate.getPrincipals())) { throw new AuthenticationException("Authentication token of type [" + token.getClass() + "] " + "could not be authenticated by any configured realms. Please ensure that at least one realm can " + "authenticate these tokens."); } return aggregate; } }
if (info == null || info.getPrincipals() == null || info.getPrincipals().isEmpty()) { return; this.principals = info.getPrincipals(); } else { if (!(this.principals instanceof MutablePrincipalCollection)) { this.principals = new SimplePrincipalCollection(this.principals); ((MutablePrincipalCollection) this.principals).addAll(info.getPrincipals());
if (info == null || info.getPrincipals() == null || info.getPrincipals().isEmpty()) { return; this.principals = info.getPrincipals(); } else { if (!(this.principals instanceof MutablePrincipalCollection)) { this.principals = new SimplePrincipalCollection(this.principals); ((MutablePrincipalCollection) this.principals).addAll(info.getPrincipals());
@Test public void testDefaultConfig() { AuthenticationInfo info = realm.getAuthenticationInfo(new UsernamePasswordToken(USERNAME, PASSWORD, localhost)); assertNotNull(info); assertTrue(realm.hasRole(info.getPrincipals(), ROLE)); Object principal = info.getPrincipals().getPrimaryPrincipal(); assertTrue(principal instanceof UserIdPrincipal); UsernamePrincipal usernamePrincipal = info.getPrincipals().oneByType(UsernamePrincipal.class); assertTrue(usernamePrincipal.getUsername().equals(USERNAME)); UserIdPrincipal userIdPrincipal = info.getPrincipals().oneByType(UserIdPrincipal.class); assertTrue(userIdPrincipal.getUserId() == USER_ID); String stringPrincipal = info.getPrincipals().oneByType(String.class); assertTrue(stringPrincipal.equals(USER_ID + USERNAME)); }
/** * Returns {@code info}.{@link org.apache.shiro.authc.AuthenticationInfo#getPrincipals() getPrincipals()} and * ignores the {@link Subject} argument. * * @param subject the subject for which the principals are being remembered. * @param info the authentication info resulting from the successful authentication attempt. * @return the {@code PrincipalCollection} to remember. */ protected PrincipalCollection getIdentityToRemember(Subject subject, AuthenticationInfo info) { return info.getPrincipals(); }
public PrincipalCollection resolvePrincipals() { PrincipalCollection principals = getPrincipals(); if (isEmpty(principals)) { //check to see if they were just authenticated: AuthenticationInfo info = getAuthenticationInfo(); if (info != null) { principals = info.getPrincipals(); } } if (isEmpty(principals)) { Subject subject = getSubject(); if (subject != null) { principals = subject.getPrincipals(); } } if (isEmpty(principals)) { //try the session: Session session = resolveSession(); if (session != null) { principals = (PrincipalCollection) session.getAttribute(PRINCIPALS_SESSION_KEY); } } return principals; }
@Test public void testCreateAccountOverride() { AuthorizingRealm realm = new AllowAllRealm() { @Override protected AuthenticationInfo buildAuthenticationInfo(Object principal, Object credentials) { String username = (String) principal; UsernamePrincipal customPrincipal = new UsernamePrincipal(username); return new SimpleAccount(customPrincipal, credentials, getName()); } }; AuthenticationInfo info = realm.getAuthenticationInfo(new UsernamePasswordToken(USERNAME, PASSWORD, localhost)); assertNotNull(info); assertTrue(realm.hasRole(info.getPrincipals(), ROLE)); Object principal = info.getPrincipals().getPrimaryPrincipal(); assertTrue(principal instanceof UsernamePrincipal); assertEquals(USERNAME, ((UsernamePrincipal) principal).getUsername()); }
@Test public void testIniFile() { IniRealm realm = new IniRealm(); realm.setResourcePath("classpath:org/apache/shiro/realm/text/IniRealmTest.simple.ini"); realm.init(); assertTrue(realm.roleExists("admin")); UsernamePasswordToken token = new UsernamePasswordToken("user1", "user1"); AuthenticationInfo info = realm.getAuthenticationInfo(token); assertNotNull(info); assertTrue(realm.hasRole(info.getPrincipals(), "admin")); }
/** * Returns the specified {@code aggregate} instance if is non null and valid (that is, has principals and they are * not empty) immediately, or, if it is null or not valid, the {@code info} argument is returned instead. * <p/> * This logic ensures that the first valid info encountered is the one retained and all subsequent ones are ignored, * since this strategy mandates that only the info from the first successfully authenticated realm be used. */ protected AuthenticationInfo merge(AuthenticationInfo info, AuthenticationInfo aggregate) { if (aggregate != null && isEmpty(aggregate.getPrincipals())) { return aggregate; } return info != null ? info : aggregate; } }
/** * Ensures that the <code>aggregate</code> method argument is not <code>null</code> and * <code>aggregate.{@link org.apache.shiro.authc.AuthenticationInfo#getPrincipals() getPrincipals()}</code> * is not <code>null</code>, and if either is <code>null</code>, throws an AuthenticationException to indicate * that none of the realms authenticated successfully. */ public AuthenticationInfo afterAllAttempts(AuthenticationToken token, AuthenticationInfo aggregate) throws AuthenticationException { //we know if one or more were able to successfully authenticate if the aggregated account object does not //contain null or empty data: if (aggregate == null || isEmpty(aggregate.getPrincipals())) { throw new AuthenticationException("Authentication token of type [" + token.getClass() + "] " + "could not be authenticated by any configured realms. Please ensure that at least one realm can " + "authenticate these tokens."); } return aggregate; } }
if (info == null || info.getPrincipals() == null || info.getPrincipals().isEmpty()) { return; this.principals = info.getPrincipals(); } else { if (!(this.principals instanceof MutablePrincipalCollection)) { this.principals = new SimplePrincipalCollection(this.principals); ((MutablePrincipalCollection) this.principals).addAll(info.getPrincipals());
/** * Returns {@code info}.{@link org.apache.shiro.authc.AuthenticationInfo#getPrincipals() getPrincipals()} and * ignores the {@link Subject} argument. * * @param subject the subject for which the principals are being remembered. * @param info the authentication info resulting from the successful authentication attempt. * @return the {@code PrincipalCollection} to remember. */ protected PrincipalCollection getIdentityToRemember(Subject subject, AuthenticationInfo info) { return info.getPrincipals(); }
public PrincipalCollection resolvePrincipals() { PrincipalCollection principals = getPrincipals(); if (isEmpty(principals)) { //check to see if they were just authenticated: AuthenticationInfo info = getAuthenticationInfo(); if (info != null) { principals = info.getPrincipals(); } } if (isEmpty(principals)) { Subject subject = getSubject(); if (subject != null) { principals = subject.getPrincipals(); } } if (isEmpty(principals)) { //try the session: Session session = resolveSession(); if (session != null) { principals = (PrincipalCollection) session.getAttribute(PRINCIPALS_SESSION_KEY); } } return principals; }
private PrincipalCollection getPrincipalCollection(SubjectContext context) { PrincipalCollection result = null; AuthenticationInfo authenticationInfo = context.getAuthenticationInfo(); if (authenticationInfo != null) { result = authenticationInfo.getPrincipals(); } return result; }
public UserPrincipal getUserPrincipal() { return (UserPrincipal) info.getPrincipals().getPrimaryPrincipal(); }
@Override public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) { return authenticationToken.getPrincipal().toString().equals(authenticationInfo.getPrincipals().getPrimaryPrincipal().toString()) && authenticationToken.getCredentials().toString().equals(authenticationInfo.getCredentials().toString()); } }
@Override public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { // String infoCredentials = String.valueOf(getStoredPassword(info)); // String tokenCredentials = Md5Encoding(String.valueOf(getSubmittedPassword(token)), ((UsernamePasswordToken) token).getUsername()); // logger.debug("username:" + ((UsernamePasswordToken) token).getUsername() + ",password:" + getSubmittedPassword(token) + " - " + infoCredentials + " valid " + tokenCredentials); // return infoCredentials.equals(tokenCredentials); boolean match = false; String hasher = ((Model<?>) info.getPrincipals().getPrimaryPrincipal()).get("hasher"); String default_hasher = Hasher.DEFAULT.value(); if (default_hasher.equals(hasher)) { match = super.doCredentialsMatch(token, info); } return match; }
private void defineTwoStepAuthentication(AuthenticationInfo info) { if (info instanceof TwoStepAuthenticationInfo) { return; } Object principal = info.getPrincipals().getPrimaryPrincipal(); if (principal instanceof UserPrincipal) { UserPrincipal userPrincipal = (UserPrincipal) principal; if (twoStepConfig.getAlwaysTwoStepAuthentication() != null) { if (twoStepConfig.getAlwaysTwoStepAuthentication()) { userPrincipal.setNeedsTwoStepAuthentication(true); } } } }