Stupid me. I've been checking the `password.toString()`, but should
have to do `new String(password)`.
My login form is working fine.
Thank you all for help!
On Wed, Oct 20, 2010 at 11:12 PM, Andrey Gladilin
<andrey.gladi...@gmail.com> wrote:
> Seems that this advise does not work for me.
> Look, I implement a realm which calls stored procedure login(username,
> password), which accepts plain text password.
> Code:
>
> public class ProcRealm extends AuthorizingRealm {
> protected DataSource dataSource;
> private static final Logger log = LoggerFactory.getLogger(ProcRealm.class);
>
>
> �...@override
> protected AuthenticationInfo
> doGetAuthenticationInfo(AuthenticationToken token)
> throws AuthenticationException {
>
> UsernamePasswordToken upToken = (UsernamePasswordToken) token;
> String username = upToken.getUsername();
> char[] password = upToken.getPassword();
>
> log.info("username=" + username + ", password=" + password);
> ....
> stmt = conn.prepareCall("select api.login('abc', ?, ?, 'en')");
> stmt.setString(1, username);
> stmt.setString(2, password.toString());
>
> stmt.execute();
> ...
>
> I don't use any matcher here. As far as I can understand, matchers are
> used in realms, am I right?
>
> So, how can I get a plain text password here?
> Or how can I decode it?
>
>
> On Wed, Oct 20, 2010 at 11:18 AM, Andrey Gladilin
> <andrey.gladi...@gmail.com> wrote:
>> Thanks Kalle, I will try.
>>
>> I will compare hashes, but a bit later. By now I need the simplest way
>> to make my application up and running.
>>
>>
>> On Wed, Oct 20, 2010 at 10:42 AM, Kalle Korhonen
>> <kalle.o.korho...@gmail.com> wrote:
>>> In your contributeWebSecurityManager(...) simply call:
>>> yourRealm.setCredentialsMatcher(new SimpleCredentialsMatcher());
>>>
>>> But wouldn't you rather want to compare the hashes?
>>>
>>> Kalle
>>>
>>> PS. attachments won't go through
>>>
>>>
>>> On Tue, Oct 19, 2010 at 11:31 PM, Andrey Gladilin
>>> <andrey.gladi...@gmail.com> wrote:
>>>> Thank you all for answeres.
>>>> I have chosen Tynamo-security and implemented a realm. You can find it
>>>> attached.
>>>> But when I try to login, I receive encrypted password. But I want it
>>>> as plain text.
>>>>
>>>> There are some matchers but I can not get the way how to use it.
>>>> link:
>>>> http://shiro.apache.org/configuration.html#Configuration-EncryptingPasswords
>>>>
>>>> Could you advise?
>>>> Thanks.
>>>>
>>>>
>>>> On Sun, Oct 17, 2010 at 9:15 AM, ael <alan-lua...@dash.com.ph> wrote:
>>>>>
>>>>> In Postgres
>>>>>
>>>>> you can create a function that will return a boolean data type.
>>>>>
>>>>> Then let tapestry decide ^_^.
>>>>> --
>>>>> View this message in context:
>>>>> http://tapestry.1045711.n5.nabble.com/login-with-stored-procedure-tp3215112p3215941.html
>>>>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>>>>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> С уважением, Гладилин Андрей.
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>>>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>>
>>>
>>
>>
>>
>> --
>> С уважением, Гладилин Андрей.
>>
>
>
>
> --
> С уважением, Гладилин Андрей.
>
--
С уважением, Гладилин Андрей.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
