Weird... It looks like there is an issue with the class loader, however why does it say "Unable to load class" then "Unabl;e to load clazz....???" Something is weird there.
Date: Wed, 29 Oct 2014 17:40:39 -0400 Subject: Re: Configuring Shiro Programatically From: [email protected] To: [email protected] Oh, that makes a bit more sense now. I've used the PasswordService and PasswordManager now, but I'm still unable to authenticate. I turned up debugging some more, and now I get the following output:17:21:55.123 [SSHThread] TRACE org.apache.shiro.util.ClassUtils - Unable to load clazz named [ff72007e587a7be71ffa92b598fef97ec0de1a1354a5e241f60d1806c9cd0351] from class loader [sun.misc.Launcher$AppClassLoader@13cb1eb] 17:21:55.123 [SSHThread] TRACE org.apache.shiro.util.ClassUtils - Unable to load class named [ff72007e587a7be71ffa92b598fef97ec0de1a1354a5e241f60d1806c9cd0351] from the thread context ClassLoader. Trying the current ClassLoader... 17:21:55.124 [SSHThread] TRACE org.apache.shiro.util.ClassUtils - Unable to load clazz named [ff72007e587a7be71ffa92b598fef97ec0de1a1354a5e241f60d1806c9cd0351] from class loader [sun.misc.Launcher$AppClassLoader@13cb1eb] 17:21:55.124 [SSHThread] TRACE org.apache.shiro.util.ClassUtils - Unable to load class named [ff72007e587a7be71ffa92b598fef97ec0de1a1354a5e241f60d1806c9cd0351] from the current ClassLoader. Trying the system/application ClassLoader... 17:21:55.124 [SSHThread] TRACE org.apache.shiro.util.ClassUtils - Unable to load clazz named [ff72007e587a7be71ffa92b598fef97ec0de1a1354a5e241f60d1806c9cd0351] from class loader [sun.misc.Launcher$AppClassLoader@13cb1eb] The ff72... value is the hashed password, so shiro is reading from the database properly. However, the log messages indicate that it's trying to load a class with that name?? My database should be setup properly, with a table 'users' and columns 'password', 'password_salt', and 'username'. -Robert Middleton On Wed, Oct 29, 2014 at 2:35 PM, Konrad Zuse <[email protected]> wrote: Sorry, ignore my last reply, was in the middle of typing it and was goin g to finish it later since I didn't have time and clicked send... sorry all again >( You should, however, be using "passwordservice" and passwordmanager I don't have much time now, so I will reply again later with some code I have using it. check out this post though from Lez, who is the creator (at least I believe he is one of them, if not the only one). http://stackoverflow.com/questions/17048153/apache-shiro-using-hashing-credentials-can-not-make-login-successfully From: [email protected] To: [email protected] Subject: RE: Configuring Shiro Programatically Date: Wed, 29 Oct 2014 14:33:21 -0400 I don't think we used HashedCredentialsMatcher anymore, From: [email protected] Date: Wed, 29 Oct 2014 15:26:12 +0100 Subject: Re: Configuring Shiro Programatically To: [email protected] You're probably missing a LifecycleUtils.init(realm); Log lines come from AuthenticatingRealm most probably because JdbcRealm inherits those methods from AuthenticatingRealm. Typically loggers are initialized with the class declaring them. On Wed, Oct 29, 2014 at 3:06 PM, Robert Middleton <[email protected]> wrote: Hi, I have set up shiro programatically using the following code: SQLiteConfig config = new SQLiteConfig(); config.enforceForeignKeys( true ); HashedCredentialsMatcher cm = new HashedCredentialsMatcher( "SHA-256" ); cm.setHashIterations( 500000 ); JdbcRealm realm = new JdbcRealm(); org.sqlite.SQLiteDataSource ds = new org.sqlite.SQLiteDataSource( config ); ds.setUrl( "jdbc:sqlite:light.db" ); realm.setDataSource( ds ); realm.setCredentialsMatcher( cm ); realm.setSaltStyle( SaltStyle.COLUMN ); SecurityManager ss = new DefaultSecurityManager( realm ); SecurityUtils.setSecurityManager( ss ); However, when I try to authenticate a user, I can't log in. This worked find before when I used shiro.ini with no encryption on the passwords. The following debug information is printed out: 18:18:28.835 [SSHThread] DEBUG org.apache.shiro.realm.AuthenticatingRealm - Looked up AuthenticationInfo [robert] from doGetAuthenticationInfo 18:18:28.836 [SSHThread] DEBUG org.apache.shiro.realm.AuthenticatingRealm - AuthenticationInfo caching is disabled for info [robert]. Submitted token: [org.apache.shiro.authc.UsernamePasswordToken - robert, rememberMe=false]. 18:18:29.275 [SSHThread] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Performing credentials equality check for tokenCredentials of type [org.apache.shiro.crypto.hash.SimpleHash and accountCredentials of type [org.apache.shiro.crypto.hash.SimpleHash] 18:18:29.276 [SSHThread] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher - Both credentials arguments can be easily converted to byte arrays. Performing array equals comparison 18:18:29.277 [SSHThread] ERROR com.synexxus.gateway.connectors.SSHConnector - org.apache.shiro.authc.IncorrectCredentialsException: Submitted credentials for token [org.apache.shiro.authc.UsernamePasswordToken - robert, rememberMe=false] did not match the expected credentials. Since I setup the realm for the SecurityManager to be a JdbcRealm, I would expect that the log lines that come from org.apache.shiro.realm.AuthenticatingRealm would in fact come from org.apache.shiro.realm.jdbc.JdbcRealm. Why isn't this the case? -- Alessio Stalla | Software Architect M: +39 340 7824743 | T: +39 010 566441 | F: +39 010 8900455 [email protected] | www.manydesigns.com MANYDESIGNS s.r.l. Via G. D'Annunzio, 2/51 | 16121 Genova (GE) | Italy
