Seems that this advise does not work for me.
Look, I implement a realm which calls stored procedure login(username,
password), which accepts plain text password.
Code:
public class ProcRealm extends AuthorizingRealm {
protected DataSource dataSource;
private static final Logger log = LoggerFactory.getLogger(ProcRealm.class);
@Override
protected AuthenticationInfo
doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String username = upToken.getUsername();
char[] password = upToken.getPassword();
log.info("username=" + username + ", password=" + password);
....
stmt = conn.prepareCall("select api.login('abc', ?, ?, 'en')");
stmt.setString(1, username);
stmt.setString(2, password.toString());
stmt.execute();
...
I don't use any matcher here. As far as I can understand, matchers are
used in realms, am I right?
So, how can I get a plain text password here?
Or how can I decode it?
On Wed, Oct 20, 2010 at 11:18 AM, Andrey Gladilin
<[email protected]> wrote:
> Thanks Kalle, I will try.
>
> I will compare hashes, but a bit later. By now I need the simplest way
> to make my application up and running.
>
>
> On Wed, Oct 20, 2010 at 10:42 AM, Kalle Korhonen
> <[email protected]> wrote:
>> In your contributeWebSecurityManager(...) simply call:
>> yourRealm.setCredentialsMatcher(new SimpleCredentialsMatcher());
>>
>> But wouldn't you rather want to compare the hashes?
>>
>> Kalle
>>
>> PS. attachments won't go through
>>
>>
>> On Tue, Oct 19, 2010 at 11:31 PM, Andrey Gladilin
>> <[email protected]> wrote:
>>> Thank you all for answeres.
>>> I have chosen Tynamo-security and implemented a realm. You can find it
>>> attached.
>>> But when I try to login, I receive encrypted password. But I want it
>>> as plain text.
>>>
>>> There are some matchers but I can not get the way how to use it.
>>> link:
>>> http://shiro.apache.org/configuration.html#Configuration-EncryptingPasswords
>>>
>>> Could you advise?
>>> Thanks.
>>>
>>>
>>> On Sun, Oct 17, 2010 at 9:15 AM, ael <[email protected]> wrote:
>>>>
>>>> In Postgres
>>>>
>>>> you can create a function that will return a boolean data type.
>>>>
>>>> Then let tapestry decide ^_^.
>>>> --
>>>> View this message in context:
>>>> http://tapestry.1045711.n5.nabble.com/login-with-stored-procedure-tp3215112p3215941.html
>>>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: [email protected]
>>>> For additional commands, e-mail: [email protected]
>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> С уважением, Гладилин Андрей.
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [email protected]
>>> For additional commands, e-mail: [email protected]
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [email protected]
>> For additional commands, e-mail: [email protected]
>>
>>
>
>
>
> --
> С уважением, Гладилин Андрей.
>
--
С уважением, Гладилин Андрей.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
