Re: How to set Principals?

tarka Fri, 20 Jul 2012 06:04:15 -0700

Sorry, I have been away on another project for little while. I am now back to
try and finish off this Shiro issue!


I tried to implement the code that you suggested but as always the second I
do that subjects are no longer able to authenticate. Lets just take a step
back for a moment so I can try to understand why this isn't working. 

Here is my current code (works perfectly).

My doGetAuthenticationInfo method in my custom realm:
###################################
@Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
token) throws AuthenticationException {

        UsernamePasswordToken upToken = (UsernamePasswordToken) token;
        String username = upToken.getUsername();

        // Null username is invalid
        if (username == null) {
            throw new AccountException("Null usernames are not allowed by
this realm.");
        }

        SimpleAuthenticationInfo info = null;
        
        try {

            String password = null;

            try {
                password = getPasswordForUser(username)[0];
            } catch (Exception ex) {
               
java.util.logging.Logger.getLogger(DynamoRealm.class.getName()).log(Level.SEVERE,
null, ex);
            }

            if (password == null) {
                throw new UnknownAccountException("No account found for user
[" + username + "]");
            }

            info = new SimpleAuthenticationInfo(username,
password.toCharArray(), getName());

        } catch (Exception e) {
            final String message = "There was an error while authenticating
user [" + username + "]";
            if (log.isErrorEnabled()) {
                log.error(message, e);
            }

            // Rethrow any SQL errors as an authentication exception
            throw new AuthenticationException(message, e);
        }

        return info;
    }
###################################

And a stripped down version of my authentication class used with a form:
###################################
public void authenticate(
            String username,
            String password,
            boolean rememberMe) {
        
// some logic checks

        try {
             // Submit credentials to shiro for authentication
             UsernamePasswordToken subjectToken = new
UsernamePasswordToken(username, password);
             subjectToken.setRememberMe(rememberMe);
             SecurityUtils.getSubject().login(subjectToken);

             } catch (Exception e) {
                       // Catch all the exceptions ;
             }

    }
###################################

At the moment I can use
SecurityUtils.getSubject().getPrincipal().toString(); to retrieve the
current subjects principal, which is their username (only).
###################################

If I now want to add a uuid to that PrincipalCollection (the
getUuidForUser(username) returns a string from the db). I have modified my
doGetAuthenticationInfo method as follows:
###################################
@Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
token) throws AuthenticationException {

        UsernamePasswordToken upToken = (UsernamePasswordToken) token;
        String username = upToken.getUsername();

        // Null username is invalid
        if (username == null) {
            throw new AccountException("Null usernames are not allowed by
this realm.");
        }

        SimpleAuthenticationInfo info = null;
        
        try {

            String password = null;
            String uuid = null;

            try {
                password = getPasswordForUser(username)[0];
                uuid = getUuidForUser(username);
            } catch (Exception ex) {
               
java.util.logging.Logger.getLogger(DynamoRealm.class.getName()).log(Level.SEVERE,
null, ex);
            }

            if (password == null) {
                throw new UnknownAccountException("No account found for user
[" + username + "]");
            }

            SimplePrincipalCollection principals = new
SimplePrincipalCollection(); 
            principals.add(username, getName()); 
            principals.add(uuid, getName());
            
            info = new SimpleAuthenticationInfo(principals,
password.toCharArray(), getName());

        } catch (Exception e) {
            final String message = "There was an error while authenticating
user [" + username + "]";
            if (log.isErrorEnabled()) {
                log.error(message, e);
            }

            // Rethrow any SQL errors as an authentication exception
            throw new AuthenticationException(message, e);
        }

        return info;
    }
###################################

First off I get a org.apache.shiro.subject.SimplePrincipalCollection cannot
be cast to java.lang.String exception. Even if I comment out  the
principals.add(uuid, getName()); line I still get the error so Im obviously
not implementing this correctly.

Thanks in advance for any help





--
View this message in context: 
http://shiro-user.582556.n2.nabble.com/How-to-set-Principals-tp7490972p7577614.html
Sent from the Shiro User mailing list archive at Nabble.com.

Re: How to set Principals?

Reply via email to