@Override @Transactional public User createUser(User user) throws UserExistsException, DatabaseException { if (userRepository.findByEmailAddress(user.getEmailAddress()) != null) { throw new UserExistsException(); } if (user.isNew()) { String hash = new Sha512Hash(user.getPassword(), getSalt(), HASH_ITERATIONS).toBase64(); user.setDbPassword(hash); user.setActive(true); } try { userRepository.save(user); } catch (Exception e) { throw new DatabaseException(e); } Subject currentUserSubject = SecurityUtils.getSubject(); if (!currentUserSubject.isAuthenticated()) { UsernamePasswordToken token = new UsernamePasswordToken(user.getEmailAddress(), user.getPassword()); token.setRememberMe(false); try { currentUserSubject.login(token); } catch (AuthenticationException ae) { throw new LoginException(); } } return currentUser = user; }
@ValidateParams({ @ValidateParam(value = "user.name", minLen = 4, maxLen = 12), @ValidateParam(value = "user.password", minLen = 6, maxLen = 20), @ValidateParam(value = "captcha", defaultValue = "@@@@", maxLen = 4, minLen = 4), @ValidateParam(value = "rememberMe", type = Boolean.class) }) @RequestMethod(Method.POST) public void signin() { User user = getModel(User.class, "user"); Sys_Common_Variable captcha = ComVarService.service.getComVarByName(Key.CAPTCHA); if (captcha != null && captcha.getToBoolean(Sys_Common_Variable.S_VALUE) && !validateCaptcha(getPara("captcha"))) { renderJson(new Message(captcha.getStr(Sys_Common_Variable.S_ERROR))); return; } Subject subject = SecurityUtils.getSubject(); if (!subject.isAuthenticated()) { UsernamePasswordToken token = new UsernamePasswordToken(user.getStr(User.S_NAME), user.getStr(User.S_PASSWORD)); token.setRememberMe(getParaToBoolean("rememberMe")); subject.login(token); if (subject.isAuthenticated()) { subject.getSession().setAttribute(Lc4eCaptchaRender.captcha_code, Const.DEFAULT_NONE); } else { renderJson(new Message("Login failed")); } } renderJson(new Message(true, "Login Success")); }
@RequestMapping("/login") public ModelAndView login( HttpServletRequest request, HttpServletResponse response, @RequestParam String userName, @RequestParam String password, Boolean isRemeberMe) throws Exception { UsernamePasswordToken token = new UsernamePasswordToken(userName, password); Subject subject = SecurityUtils.getSubject(); subject.login(token); if (null != isRemeberMe && isRemeberMe) token.setRememberMe(true); if (subject.isAuthenticated()) { AuthenticationInfo info = new SimpleAuthenticationInfo(userName, password, userName); Subject currentUser = SecurityUtils.getSubject(); Session session = currentUser.getSession(); User user = new User(); user.setUserName(userName); user.setPassword(password); Env env = new Env(); env.setUser(user); session.setAttribute("env", env); GlobalConfigHolder.setEnv(env); ModelAndView view = createLayoutView("admin/index", request, response); return view; } else return createSingleView("login/login", request, response); }
/** 用户登陆 */ @RequestMapping( path = "/login", produces = {"application/json;charset=UTF-8"}) public JsonResult login(String loginName, String password, Boolean rememberMe) { JsonResult result = new JsonResult(); SecurityUtils.setSecurityManager(securityManager); Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(loginName, password); if (rememberMe != null && rememberMe) { token.setRememberMe(true); } try { subject.login(token); } catch (AuthenticationException e) { subject.logout(); log.info("登录失败"); result.setResult(false); return result; } if (subject.isAuthenticated()) { result.setResult(true); } else { result.setResult(false); } return result; }
/** * 根据角色id获取角色菜单关系测试方法. * * @throws Exception 普通异常. */ @Test public final void testQueryRoleMenuItemMap() throws Exception { Subject currentUser = ShiroHelper.getSubject(this.request, this.response); UsernamePasswordToken token = new UsernamePasswordToken("user1", "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"); token.setRememberMe(true); try { currentUser.login(token); UserPo uPo = new UserPo(); uPo.setUserId(Long.valueOf("1")); uPo.setLoginName("user1"); uPo.setPassword("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"); Date date = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").parse("2012-01-12 23:30:20"); uPo.setCreateTime(date); uPo.setCreatorId(Long.valueOf("1")); uPo.setIsDelete(false); uPo.setIsLockUp(false); uPo.setVersion(Long.valueOf("0")); currentUser.getSession().setAttribute("user", uPo); } catch (Exception se) { se.printStackTrace(); } request.setParameter("roleMenuItemMap", "{\"roleId\":\"2\"}"); String resultMessage = executeAction("/SuperW/queryRoleMenuItemMap.action"); boolean rs = -1 != resultMessage.indexOf( "{\"userToken\":true,\"serviceResult\":true," + "\"resultInfo\":\"查询角色菜单关系列表成功\""); assertTrue("返回服務信息錯誤失敗", rs); }
public void login(String username, String password) { UsernamePasswordToken token; token = new UsernamePasswordToken(username, password); // ”Remember Me” built-in, just do this: token.setRememberMe(true); // With most of Shiro, you'll always want to make sure you're working with the currently // executing user, // referred to as the subject Subject currentUser = SecurityUtils.getSubject(); // Authenticate currentUser.login(token); }
/** * 实际的登录代码 如果登录成功,跳转至首页;登录失败,则将失败信息反馈对用户 * * @param request * @param model * @return */ @RequestMapping(value = "/dologin.do") public String doLogin(HttpServletRequest request, Model model) { String msg = ""; String userName = request.getParameter("userName"); String password = request.getParameter("password"); System.out.println(userName); System.out.println(password); UsernamePasswordToken token = new UsernamePasswordToken(userName, password); token.setRememberMe(true); Subject subject = SecurityUtils.getSubject(); try { subject.login(token); if (subject.isAuthenticated()) { return "index"; } else { return "login"; } } catch (IncorrectCredentialsException e) { msg = "登录密码错误. Password for account " + token.getPrincipal() + " was incorrect."; model.addAttribute("message", msg); System.out.println(msg); } catch (ExcessiveAttemptsException e) { msg = "登录失败次数过多"; model.addAttribute("message", msg); System.out.println(msg); } catch (LockedAccountException e) { msg = "帐号已被锁定. The account for username " + token.getPrincipal() + " was locked."; model.addAttribute("message", msg); System.out.println(msg); } catch (DisabledAccountException e) { msg = "帐号已被禁用. The account for username " + token.getPrincipal() + " was disabled."; model.addAttribute("message", msg); System.out.println(msg); } catch (ExpiredCredentialsException e) { msg = "帐号已过期. the account for username " + token.getPrincipal() + " was expired."; model.addAttribute("message", msg); System.out.println(msg); } catch (UnknownAccountException e) { msg = "帐号不存在. There is no user with username of " + token.getPrincipal(); model.addAttribute("message", msg); System.out.println(msg); } catch (UnauthorizedException e) { msg = "您没有得到相应的授权!" + e.getMessage(); model.addAttribute("message", msg); System.out.println(msg); } return "login"; }
@Override @Transactional public User login(String username, String password, boolean rememberMe) throws LoginException { LOG.info(String.format("Logging User {0} in to the application.", username)); Subject currentUserSubject = SecurityUtils.getSubject(); if (!currentUserSubject.isAuthenticated()) { UsernamePasswordToken token = new UsernamePasswordToken(username, password); token.setRememberMe(rememberMe); try { currentUserSubject.login(token); } catch (AuthenticationException ae) { throw new LoginException(); } } currentUser = userRepository.findByEmailAddress(username); return currentUser; }
@RequestMapping("/login") public ModelAndView login(HttpServletRequest request) { ModelAndView mav = new ModelAndView(); String username = request.getParameter("username"); String password = request.getParameter("password"); // 获取HttpSession中的验证码 String verifyCode = (String) request.getSession().getAttribute("verifyCode"); // 获取用户请求表单中输入的验证码 String submitCode = WebUtils.getCleanParam(request, "verifyCode"); Logger.info(username + "," + password + " login......"); // System.out.println("用户[" + username + "]登录时输入的验证码为[" + submitCode + "],HttpSession中的验证码为[" + // verifyCode + "]"); if (StringUtils.isEmpty(submitCode) || !StringUtils.equals(verifyCode, submitCode.toLowerCase())) { mav.setViewName("login"); mav.addObject("msg", "验证码错误!"); return mav; } if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) { mav.setViewName("login"); mav.addObject("msg", "用户名/密码 不能为空!"); return mav; } User user = authService.getUserByUserName(username); if (null == user) { mav.setViewName("login"); mav.addObject("msg", "用户不存在!"); return mav; } if (!user.getPassword().equals(password)) { mav.setViewName("login"); mav.addObject("msg", "账号密码错误!"); return mav; } UsernamePasswordToken token = new UsernamePasswordToken(username, password); token.setRememberMe(true); // System.out.println("为了验证登录用户而封装的token为" + ReflectionToStringBuilder.toString(token, // ToStringStyle.MULTI_LINE_STYLE)); Subject currentUser = SecurityUtils.getSubject(); currentUser.login(token); // 验证是否登录成功 if (currentUser.isAuthenticated()) { Logger.debug("用户[" + username + "]通过身份验证登录通过"); } else { token.clear(); mav.setViewName("login"); mav.addObject("msg", "验证未通过!"); return mav; } // mav.setViewName("index"); mav.setViewName(InternalResourceViewResolver.REDIRECT_URL_PREFIX + "/jsp/index.jsp"); return mav; }