Beispiel #1
0
 public void assertCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
     throws AuthenticationException {
   if (PropertyUtil.getBoolean("encrypt")) {
     super.assertCredentialsMatch(token, info);
   } else {
     if (token != null && info != null) {
       CaptchaUsernamePasswordToken tk = (CaptchaUsernamePasswordToken) token;
       if (!(String.valueOf(tk.getPassword())).equals((String) info.getCredentials())) {
         // not successful - throw an exception to indicate this:
         String msg =
             "Submitted credentials for token ["
                 + tk
                 + "] did not match the expected credentials.";
         throw new IncorrectCredentialsException(msg);
       }
     } else {
       throw new AuthenticationException(
           "A CredentialsMatcher must be configured in order to verify "
               + "credentials during authentication.  If you do not wish for credentials to be examined, you "
               + "can configure an "
               + AllowAllCredentialsMatcher.class.getName()
               + " instance.");
     }
   }
 }
Beispiel #2
0
  /** 认证回调函数,登录时调用. */
  @Override
  protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
      throws AuthenticationException {
    if (useCaptcha) {
      CaptchaUsernamePasswordToken token = (CaptchaUsernamePasswordToken) authcToken;
      String parm = token.getCaptcha();
      String c =
          (String)
              SecurityUtils.getSubject()
                  .getSession()
                  .getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
      if (parm == null || !parm.equalsIgnoreCase(c)) {
        throw new IncorrectCaptchaException(
            ResourceUtils.getString("msg.login.kaptcha.code.error"));
      }
    }
    UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
    // System.out.println("token.getUsername() : " + token.getUsername());
    EosEmp eosEmp = eosEmpService.findByEno(token.getUsername());
    // byte[] salt = Encodes.decodeHex(operator.getPwdSalt());
    // byte[] salt = Encodes.decodeHex(PropertyUtil.getString("salt"));
    if (eosEmp != null) {
      if (PropertyUtil.getBoolean("encrypt")) {
        return new SimpleAuthenticationInfo(
            new ShiroEmp(String.valueOf(eosEmp.getId()), eosEmp.getEno(), eosEmp.getEname()),
            eosEmp.getEpwd(),
            ByteSource.Util.bytes(Encodes.decodeHex(PropertyUtil.getString("salt"))),
            getName());
      } else {
        return new SimpleAccount(
            new ShiroEmp(String.valueOf(eosEmp.getId()), eosEmp.getEno(), eosEmp.getEname()),
            eosEmp.getPwd(),
            getName());
      }

    } else {
      throw new UnknownAccountException();
    }
  }