If you really want to check the password is test you can do:
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String username = upToken.getUsername();
String password = new String(upToken.getPassword());
On Fri, Aug 9, 2013 at 2:37 PM, Stuart Broad <[email protected]> wrote:
> Hi,
>
> I created a realm that was a subclass of AuthorizingRealm (I think it
> would be just as easy to subclass AuthenticatingRealm). Then write the
> methods:
>
> AuthenticationInfo doGetAuthenticationInfo(AuthentiationToken)
>
> Then for any authentication token (since you will authenticate anyone in
> development) just return something like:
>
> return new SimpleAuthenticationInfo(username, password, getName());
>
> If you wanted to fail the authentication then you can just return null.
>
> Cheers,
>
> Stuart
>
>
> On Fri, Aug 9, 2013 at 2:22 PM, gruntbug <[email protected]> wrote:
>
>> Replying to myself... in thinking about this a little more, I think what
>> makes more sense is to have a production realm configured in shiro.ini
>> that
>> does the AD authentication, then for testing and development, we have a
>> shiro-dev.ini that defines a realm that authenticates anyone that logs in
>> with the password of test (or, more generically, uses some other realm).
>> So,
>> my question is still similar - how do I setup a realm that will
>> authenticate
>> arbitrarily via code/algorithm I write? Is there one already in Shiro I
>> can
>> use or should I extend one of the built-in classes and override a
>> method(s)
>> to make it work like that?
>>
>> Looks like I should just extend AuthorizingRealm and create a
>> TestAuthorizingRealm from it?
>>
>>
>>
>> --
>> View this message in context:
>> http://shiro-user.582556.n2.nabble.com/fake-authentication-in-Shiro-with-test-password-tp7579014p7579019.html
>> Sent from the Shiro User mailing list archive at Nabble.com.
>>
>
>
