1. You don't need to setCredentials like that:
smplAuthInfo.setCredentials(StrUname);
Here is my cutomer implement of jdbcRealm:
public AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
//use sql to get password
....
// this getName() method is org.apache.shiro.realm.CachingRealm.getName()
return new SimpleAuthenticationInfo(username, password.toCharArray(),
getName());
}
2. make sure you use right credentialsMatcher. Here is my configuration:
<bean id="jxcJdbcRealm" class="com.yqr.jxc.auth.JxcJdbcRealm">
<property name="permissionsLookupEnabled" value="true"/>
<property name="credentialsMatcher" ref="MD5Matcher"/>
</bean>
<!-- use md5 to hash passord -->
<bean id="MD5Matcher"
class="org.apache.shiro.authc.credential.HashedCredentialsMatcher">
<property name="hashAlgorithmName" value="MD5"/>
</bean>
If you use MD5 to encrypt your password like me. You have to use MD5Matcher and
make sure the password you stored in database is encrypted by MD5 algorithm.
------------------
????
------------------ Original ------------------
From: "j_pramanik_ind"<[email protected]>;
Date: 2014??8??13??(??????) ????10:27
To: "dev"<[email protected]>;
Subject: Login failed in Apache SHIRO
Hi,
Every time whenever I'm trying to login with token the following Exception
arises.
org.apache.shiro.authc.AuthenticationException: Authentication failed for
token submission [org.apache.shiro.authc.UsernamePasswordToken - 11112222,
rememberMe=false]. Possible unexpected error? (Typical or expected login
exceptions should extend from AuthenticationException).
From my CustomRealm I'm returning following AuthenticationInfo object with
valid credentials -
smplAuthInfo = new SimpleAuthenticationInfo(StrLoginid,
StrPassword, StrUname);
smplAuthInfo.setCredentials(StrUname);
CustomRealm is automatically invoked whenever it tries to login with token -
org.apache.shiro.subject.Subject currentUser =
SecurityUtils.getSubject();
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new
UsernamePasswordToken(username,
password);
token.setRememberMe(rememberMe);
try {
*currentUser.login(token);*
System.out.println("User [" +
currentUser.getPrincipal().toString() +
"] logged in successfully.");
currentUser.getSession().setAttribute("username", username);
return true;
} catch (UnknownAccountException uae) {
System.out.println("There is no user with
username of "
+ token.getPrincipal());
} catch (IncorrectCredentialsException ice) {
System.out.println("Password for account "
+ token.getPrincipal()
+ " was incorrect!");
} catch (LockedAccountException lae) {
System.out.println("The account for username "
+ token.getPrincipal()
+ " is locked. "
+ "Please contact your
administrator to unlock it.");
}
Can anybody please suggest what I'm doing wrong ? Or which configuration I
should look.
Thanks in advance,
Regards,
Jayanta P.
--
View this message in context:
http://shiro-developer.582600.n2.nabble.com/Login-failed-in-Apache-SHIRO-tp7578426.html
Sent from the Shiro Developer mailing list archive at Nabble.com.
