@Override
  @Transactional
  public User createUser(User user) throws UserExistsException, DatabaseException {
    if (userRepository.findByEmailAddress(user.getEmailAddress()) != null) {
      throw new UserExistsException();
    }

    if (user.isNew()) {
      String hash = new Sha512Hash(user.getPassword(), getSalt(), HASH_ITERATIONS).toBase64();
      user.setDbPassword(hash);
      user.setActive(true);
    }

    try {
      userRepository.save(user);
    } catch (Exception e) {
      throw new DatabaseException(e);
    }

    Subject currentUserSubject = SecurityUtils.getSubject();

    if (!currentUserSubject.isAuthenticated()) {
      UsernamePasswordToken token =
          new UsernamePasswordToken(user.getEmailAddress(), user.getPassword());
      token.setRememberMe(false);

      try {
        currentUserSubject.login(token);
      } catch (AuthenticationException ae) {
        throw new LoginException();
      }
    }

    return currentUser = user;
  }
Example #2
0
 @ValidateParams({
   @ValidateParam(value = "user.name", minLen = 4, maxLen = 12),
   @ValidateParam(value = "user.password", minLen = 6, maxLen = 20),
   @ValidateParam(value = "captcha", defaultValue = "@@@@", maxLen = 4, minLen = 4),
   @ValidateParam(value = "rememberMe", type = Boolean.class)
 })
 @RequestMethod(Method.POST)
 public void signin() {
   User user = getModel(User.class, "user");
   Sys_Common_Variable captcha = ComVarService.service.getComVarByName(Key.CAPTCHA);
   if (captcha != null
       && captcha.getToBoolean(Sys_Common_Variable.S_VALUE)
       && !validateCaptcha(getPara("captcha"))) {
     renderJson(new Message(captcha.getStr(Sys_Common_Variable.S_ERROR)));
     return;
   }
   Subject subject = SecurityUtils.getSubject();
   if (!subject.isAuthenticated()) {
     UsernamePasswordToken token =
         new UsernamePasswordToken(user.getStr(User.S_NAME), user.getStr(User.S_PASSWORD));
     token.setRememberMe(getParaToBoolean("rememberMe"));
     subject.login(token);
     if (subject.isAuthenticated()) {
       subject.getSession().setAttribute(Lc4eCaptchaRender.captcha_code, Const.DEFAULT_NONE);
     } else {
       renderJson(new Message("Login failed"));
     }
   }
   renderJson(new Message(true, "Login Success"));
 }
Example #3
0
 @RequestMapping("/login")
 public ModelAndView login(
     HttpServletRequest request,
     HttpServletResponse response,
     @RequestParam String userName,
     @RequestParam String password,
     Boolean isRemeberMe)
     throws Exception {
   UsernamePasswordToken token = new UsernamePasswordToken(userName, password);
   Subject subject = SecurityUtils.getSubject();
   subject.login(token);
   if (null != isRemeberMe && isRemeberMe) token.setRememberMe(true);
   if (subject.isAuthenticated()) {
     AuthenticationInfo info = new SimpleAuthenticationInfo(userName, password, userName);
     Subject currentUser = SecurityUtils.getSubject();
     Session session = currentUser.getSession();
     User user = new User();
     user.setUserName(userName);
     user.setPassword(password);
     Env env = new Env();
     env.setUser(user);
     session.setAttribute("env", env);
     GlobalConfigHolder.setEnv(env);
     ModelAndView view = createLayoutView("admin/index", request, response);
     return view;
   } else return createSingleView("login/login", request, response);
 }
Example #4
0
  /** 用户登陆 */
  @RequestMapping(
      path = "/login",
      produces = {"application/json;charset=UTF-8"})
  public JsonResult login(String loginName, String password, Boolean rememberMe) {
    JsonResult result = new JsonResult();
    SecurityUtils.setSecurityManager(securityManager);
    Subject subject = SecurityUtils.getSubject();
    UsernamePasswordToken token = new UsernamePasswordToken(loginName, password);
    if (rememberMe != null && rememberMe) {
      token.setRememberMe(true);
    }
    try {
      subject.login(token);
    } catch (AuthenticationException e) {
      subject.logout();
      log.info("登录失败");
      result.setResult(false);
      return result;
    }

    if (subject.isAuthenticated()) {
      result.setResult(true);
    } else {
      result.setResult(false);
    }

    return result;
  }
  /**
   * 根据角色id获取角色菜单关系测试方法.
   *
   * @throws Exception 普通异常.
   */
  @Test
  public final void testQueryRoleMenuItemMap() throws Exception {
    Subject currentUser = ShiroHelper.getSubject(this.request, this.response);
    UsernamePasswordToken token =
        new UsernamePasswordToken("user1", "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
    token.setRememberMe(true);
    try {
      currentUser.login(token);
      UserPo uPo = new UserPo();
      uPo.setUserId(Long.valueOf("1"));
      uPo.setLoginName("user1");
      uPo.setPassword("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
      Date date = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").parse("2012-01-12 23:30:20");
      uPo.setCreateTime(date);
      uPo.setCreatorId(Long.valueOf("1"));
      uPo.setIsDelete(false);
      uPo.setIsLockUp(false);
      uPo.setVersion(Long.valueOf("0"));
      currentUser.getSession().setAttribute("user", uPo);
    } catch (Exception se) {
      se.printStackTrace();
    }

    request.setParameter("roleMenuItemMap", "{\"roleId\":\"2\"}");
    String resultMessage = executeAction("/SuperW/queryRoleMenuItemMap.action");
    boolean rs =
        -1
            != resultMessage.indexOf(
                "{\"userToken\":true,\"serviceResult\":true," + "\"resultInfo\":\"查询角色菜单关系列表成功\"");
    assertTrue("返回服務信息錯誤失敗", rs);
  }
  public void login(String username, String password) {
    UsernamePasswordToken token;

    token = new UsernamePasswordToken(username, password);
    // ”Remember Me” built-in, just do this:
    token.setRememberMe(true);

    // With most of Shiro, you'll always want to make sure you're working with the currently
    // executing user,
    // referred to as the subject
    Subject currentUser = SecurityUtils.getSubject();

    // Authenticate
    currentUser.login(token);
  }
 /**
  * 实际的登录代码 如果登录成功,跳转至首页;登录失败,则将失败信息反馈对用户
  *
  * @param request
  * @param model
  * @return
  */
 @RequestMapping(value = "/dologin.do")
 public String doLogin(HttpServletRequest request, Model model) {
   String msg = "";
   String userName = request.getParameter("userName");
   String password = request.getParameter("password");
   System.out.println(userName);
   System.out.println(password);
   UsernamePasswordToken token = new UsernamePasswordToken(userName, password);
   token.setRememberMe(true);
   Subject subject = SecurityUtils.getSubject();
   try {
     subject.login(token);
     if (subject.isAuthenticated()) {
       return "index";
     } else {
       return "login";
     }
   } catch (IncorrectCredentialsException e) {
     msg = "登录密码错误. Password for account " + token.getPrincipal() + " was incorrect.";
     model.addAttribute("message", msg);
     System.out.println(msg);
   } catch (ExcessiveAttemptsException e) {
     msg = "登录失败次数过多";
     model.addAttribute("message", msg);
     System.out.println(msg);
   } catch (LockedAccountException e) {
     msg = "帐号已被锁定. The account for username " + token.getPrincipal() + " was locked.";
     model.addAttribute("message", msg);
     System.out.println(msg);
   } catch (DisabledAccountException e) {
     msg = "帐号已被禁用. The account for username " + token.getPrincipal() + " was disabled.";
     model.addAttribute("message", msg);
     System.out.println(msg);
   } catch (ExpiredCredentialsException e) {
     msg = "帐号已过期. the account for username " + token.getPrincipal() + "  was expired.";
     model.addAttribute("message", msg);
     System.out.println(msg);
   } catch (UnknownAccountException e) {
     msg = "帐号不存在. There is no user with username of " + token.getPrincipal();
     model.addAttribute("message", msg);
     System.out.println(msg);
   } catch (UnauthorizedException e) {
     msg = "您没有得到相应的授权!" + e.getMessage();
     model.addAttribute("message", msg);
     System.out.println(msg);
   }
   return "login";
 }
  @Override
  @Transactional
  public User login(String username, String password, boolean rememberMe) throws LoginException {
    LOG.info(String.format("Logging User {0} in to the application.", username));

    Subject currentUserSubject = SecurityUtils.getSubject();

    if (!currentUserSubject.isAuthenticated()) {
      UsernamePasswordToken token = new UsernamePasswordToken(username, password);
      token.setRememberMe(rememberMe);

      try {
        currentUserSubject.login(token);
      } catch (AuthenticationException ae) {
        throw new LoginException();
      }
    }

    currentUser = userRepository.findByEmailAddress(username);

    return currentUser;
  }
Example #9
0
  @RequestMapping("/login")
  public ModelAndView login(HttpServletRequest request) {
    ModelAndView mav = new ModelAndView();

    String username = request.getParameter("username");
    String password = request.getParameter("password");
    // 获取HttpSession中的验证码
    String verifyCode = (String) request.getSession().getAttribute("verifyCode");
    // 获取用户请求表单中输入的验证码
    String submitCode = WebUtils.getCleanParam(request, "verifyCode");

    Logger.info(username + "," + password + " login......");

    // System.out.println("用户[" + username + "]登录时输入的验证码为[" + submitCode + "],HttpSession中的验证码为[" +
    // verifyCode + "]");
    if (StringUtils.isEmpty(submitCode)
        || !StringUtils.equals(verifyCode, submitCode.toLowerCase())) {
      mav.setViewName("login");
      mav.addObject("msg", "验证码错误!");
      return mav;
    }

    if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) {
      mav.setViewName("login");
      mav.addObject("msg", "用户名/密码 不能为空!");
      return mav;
    }

    User user = authService.getUserByUserName(username);
    if (null == user) {
      mav.setViewName("login");
      mav.addObject("msg", "用户不存在!");
      return mav;
    }

    if (!user.getPassword().equals(password)) {
      mav.setViewName("login");
      mav.addObject("msg", "账号密码错误!");
      return mav;
    }

    UsernamePasswordToken token = new UsernamePasswordToken(username, password);
    token.setRememberMe(true);
    // System.out.println("为了验证登录用户而封装的token为" + ReflectionToStringBuilder.toString(token,
    // ToStringStyle.MULTI_LINE_STYLE));

    Subject currentUser = SecurityUtils.getSubject();
    currentUser.login(token);

    // 验证是否登录成功
    if (currentUser.isAuthenticated()) {
      Logger.debug("用户[" + username + "]通过身份验证登录通过");
    } else {
      token.clear();

      mav.setViewName("login");
      mav.addObject("msg", "验证未通过!");
      return mav;
    }

    // mav.setViewName("index");
    mav.setViewName(InternalResourceViewResolver.REDIRECT_URL_PREFIX + "/jsp/index.jsp");

    return mav;
  }