Thanks Brian and Albert. I did eventually see that they were both called and what was really happening was trying to login with a non existing user throws Authentication exception with that as the exception message. So basically, it works just a bad message.
Should the get authentication method, forget the name, where we return a SimpleAccount object, we return null if the user doesn't exist. Should we instead throw new AuthenticationException? Thanks Mark http://www.perfectworldprogramming.com > On Feb 27, 2014, at 6:47 AM, Brian Demers <[email protected]> wrote: > > Is the first realm in your list throwing an exception? > > >> On Wed, Feb 26, 2014 at 6:20 PM, [email protected] <[email protected]> >> wrote: >> I thought I had corrected this when I changed the order of my Realms in the >> realm property, but it is back. >> >> "org.apache.shiro.authc.AuthenticationException: Authentication token of >> type [class org.apache.shiro.authc.UsernamePasswordToken] could not be >> authenticated by any configured realms. Please ensure that at least one >> realm can authenticate these tokens.” >> >> >> This would mean that it couldn’t find one of my realms that returns true for >> supporting UsernamePasswordToken. But it is 100% wrong. The second realm in >> my configuration accepts exactly just that type. >> >> What am I doing wrong? >> >> <bean id="hdPokerFingerprintRealm" >> class="com.hdpoker.security.shiro.realm.HDPokerFingerprintRealm"> >> <property name="name" value="hdPokerFingerprint"/> >> <property name="credentialsMatcher"> >> <bean >> class="org.apache.shiro.authc.credential.SimpleCredentialsMatcher"/> >> </property> >> <property name="authenticationCachingEnabled" value="true"/> >> </bean> >> >> <!-- Define the realm you want to use to connect to your back-end >> security datasource: --> >> <bean id="hdPokerRealm" >> class="com.hdpoker.security.shiro.realm.HDPokerRealm"> >> <property name="name" value="hdPoker"/> >> <property name="credentialsMatcher" ref="credentialsMatcher"/> >> <!--<property name="cacheManager" ref="cacheManager"/>--> >> <property name="authenticationCachingEnabled" value="false"/> >> </bean> >> >> <bean id="credentialsMatcher" >> class="org.apache.shiro.authc.credential.PasswordMatcher"> >> <property name="passwordService" ref="passwordService"/> >> </bean> >> >> <bean id="securityManager" >> class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> >> <!-- Single realm app. If you have multiple realms, use the >> 'realms' property instead. --> >> <!--<property name="realm" ref="hdPokerRealm"/>--> >> <property name="realms"> >> <list> >> <ref bean="hdPokerRealm"/> >> <ref bean="hdPokerFingerprintRealm"/> >> </list> >> </property> >> <!--<property name="cacheManager" ref="cacheManager"/>--> >> <property name="sessionManager" ref="sessionManager"/> >> </bean> >> >> >> In HDPokerFingerprintRealm we have >> >> @Override >> public boolean supports(AuthenticationToken authenticationToken) { >> return (authenticationToken instanceof FingerPrintAuthenticationToken) >> } >> >> >> In HDPokerRealm we have >> >> @Override >> public boolean supports(AuthenticationToken authenticationToken) { >> return (authenticationToken instanceof UsernamePasswordToken) >> } >> >> >> Thanks >> >> Mark >
