Stupid me. I've been checking the `password.toString()`, but should have to do `new String(password)`. My login form is working fine. Thank you all for help!
On Wed, Oct 20, 2010 at 11:12 PM, Andrey Gladilin <andrey.gladi...@gmail.com> wrote: > Seems that this advise does not work for me. > Look, I implement a realm which calls stored procedure login(username, > password), which accepts plain text password. > Code: > > public class ProcRealm extends AuthorizingRealm { > protected DataSource dataSource; > private static final Logger log = LoggerFactory.getLogger(ProcRealm.class); > > > �...@override > protected AuthenticationInfo > doGetAuthenticationInfo(AuthenticationToken token) > throws AuthenticationException { > > UsernamePasswordToken upToken = (UsernamePasswordToken) token; > String username = upToken.getUsername(); > char[] password = upToken.getPassword(); > > log.info("username=" + username + ", password=" + password); > .... > stmt = conn.prepareCall("select api.login('abc', ?, ?, 'en')"); > stmt.setString(1, username); > stmt.setString(2, password.toString()); > > stmt.execute(); > ... > > I don't use any matcher here. As far as I can understand, matchers are > used in realms, am I right? > > So, how can I get a plain text password here? > Or how can I decode it? > > > On Wed, Oct 20, 2010 at 11:18 AM, Andrey Gladilin > <andrey.gladi...@gmail.com> wrote: >> Thanks Kalle, I will try. >> >> I will compare hashes, but a bit later. By now I need the simplest way >> to make my application up and running. >> >> >> On Wed, Oct 20, 2010 at 10:42 AM, Kalle Korhonen >> <kalle.o.korho...@gmail.com> wrote: >>> In your contributeWebSecurityManager(...) simply call: >>> yourRealm.setCredentialsMatcher(new SimpleCredentialsMatcher()); >>> >>> But wouldn't you rather want to compare the hashes? >>> >>> Kalle >>> >>> PS. attachments won't go through >>> >>> >>> On Tue, Oct 19, 2010 at 11:31 PM, Andrey Gladilin >>> <andrey.gladi...@gmail.com> wrote: >>>> Thank you all for answeres. >>>> I have chosen Tynamo-security and implemented a realm. You can find it >>>> attached. >>>> But when I try to login, I receive encrypted password. But I want it >>>> as plain text. >>>> >>>> There are some matchers but I can not get the way how to use it. >>>> link: >>>> http://shiro.apache.org/configuration.html#Configuration-EncryptingPasswords >>>> >>>> Could you advise? >>>> Thanks. >>>> >>>> >>>> On Sun, Oct 17, 2010 at 9:15 AM, ael <alan-lua...@dash.com.ph> wrote: >>>>> >>>>> In Postgres >>>>> >>>>> you can create a function that will return a boolean data type. >>>>> >>>>> Then let tapestry decide ^_^. >>>>> -- >>>>> View this message in context: >>>>> http://tapestry.1045711.n5.nabble.com/login-with-stored-procedure-tp3215112p3215941.html >>>>> Sent from the Tapestry - User mailing list archive at Nabble.com. >>>>> >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >>>>> For additional commands, e-mail: users-h...@tapestry.apache.org >>>>> >>>>> >>>> >>>> >>>> >>>> -- >>>> С уважением, Гладилин Андрей. >>>> >>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >>>> For additional commands, e-mail: users-h...@tapestry.apache.org >>>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >>> For additional commands, e-mail: users-h...@tapestry.apache.org >>> >>> >> >> >> >> -- >> С уважением, Гладилин Андрей. >> > > > > -- > С уважением, Гладилин Андрей. > -- С уважением, Гладилин Андрей. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org