Examples of org.apache.shiro.subject.Subject.login()

org.apache.shiro.subject.Subject.login()
Performs a login attempt for this Subject/user. If unsuccessful, an {@link AuthenticationException} is thrown, the subclass of which identifies why the attempt failed.If successful, the account data associated with the submitted principals/credentials will be associated with this {@code Subject} and the method will return quietly.
Upon returning quietly, this {@code Subject} instance can be consideredauthenticated and {@link #getPrincipal() getPrincipal()} will be non-null and{@link #isAuthenticated() isAuthenticated()} will be {@code true}. @param token the token encapsulating the subject's principals and credentials to be passed to theAuthentication subsystem for verification. @throws org.apache.shiro.authc.AuthenticationException if the authentication attempt fails. @since 0.9

      if (user == null || user.trim().length() == 0) {
         throw new IllegalArgumentException("Missing 'user' parameter!");
      }


      Subject subject = SecurityUtils.getSubject();
      subject.login(new UsernamePasswordToken(user, "secret"));


      if (subject.isAuthenticated()) {
         response.getOutputStream().print("SUCCESS");
      }
      else {

View Full Code Here

            
            // for now, just log them out.
            currentUser.logout();
        }
        try {
            currentUser.login(token);
        } catch ( UnknownAccountException uae ) { 
            LOG.debug("Unable to authenticate", uae);
            return null;
        } catch ( IncorrectCredentialsException ice ) {
            LOG.debug("Unable to authenticate", ice);

View Full Code Here


        Subject subject = newSubject(mockRequest, mockResponse);


        assertFalse(subject.isAuthenticated());


        subject.login(new UsernamePasswordToken("lonestarr", "vespa"));


        assertTrue(subject.isAuthenticated());
        assertNotNull(subject.getPrincipal());
        assertTrue(subject.getPrincipal().equals("lonestarr"));
    }

View Full Code Here

    public boolean login(String subject, String password) {
        UsernamePasswordToken token = new UsernamePasswordToken(subject, password);
        token.setRememberMe(true);
        Subject currentUser = SecurityUtils.getSubject();
        try {
            currentUser.login(token);
            currentUser.getSession().setTimeout(-1);
            return true;
        } catch (Exception e) {
            LOG.warning(e.getLocalizedMessage());
            return false;

View Full Code Here

        Subject subject = SecurityUtils.getSubject();


        UsernamePasswordToken token = new UsernamePasswordToken(command.getUsername(), command.getPassword());


        try {
            subject.login(token);
        } catch (AuthenticationException e) {
            log.debug("Error authenticating.", e);
            errors.reject("error.invalidLogin", "The username or password was not correct.");
        }

View Full Code Here

        // let's login the current user so we can check against roles and permissions:
        if (!currentUser.isAuthenticated()) {
            UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
            token.setRememberMe(true);
            try {
                currentUser.login(token);
            } catch (UnknownAccountException uae) {
                log.info("There is no user with username of " + token.getPrincipal());
            } catch (IncorrectCredentialsException ice) {
                log.info("Password for account " + token.getPrincipal() + " was incorrect!");
            } catch (LockedAccountException lae) {

View Full Code Here


    @Test
    public void testDefaultConfig() {
        String localhost = "localhost";
        Subject subject = SecurityUtils.getSubject();
        subject.login(new UsernamePasswordToken(USERNAME, PASSWORD, localhost));
        assertTrue(subject.isAuthenticated());
        assertTrue(subject.hasRole(ROLE));




        UsernamePrincipal usernamePrincipal = subject.getPrincipals().oneByType(UsernamePrincipal.class);

View Full Code Here

        IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini);
        SecurityManager sm = factory.getInstance();


        //try to log-in:
        Subject subject = new Subject.Builder(sm).buildSubject();
        subject.login(new UsernamePasswordToken("admin", "admin"));
        Session session = subject.getSession();
        session.setAttribute("hello", "world");
        //session should have been started, and a cache is in use.  Assert that the SessionDAO is still using
        //the cache instances provided by our custom CacheManager and not the Default MemoryConstrainedCacheManager

View Full Code Here

    @Test
    public void testDefaultConfig() {
        Subject subject = SecurityUtils.getSubject();


        AuthenticationToken token = new UsernamePasswordToken("guest", "guest");
        subject.login(token);
        assertTrue(subject.isAuthenticated());
        assertTrue("guest".equals(subject.getPrincipal()));
        assertTrue(subject.hasRole("guest"));


        Session session = subject.getSession();

View Full Code Here

    public void testSubjectReuseAfterLogout() {


        Subject subject = SecurityUtils.getSubject();


        AuthenticationToken token = new UsernamePasswordToken("guest", "guest");
        subject.login(token);
        assertTrue(subject.isAuthenticated());
        assertTrue("guest".equals(subject.getPrincipal()));
        assertTrue(subject.hasRole("guest"));


        Session session = subject.getSession();

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.