I am stuck with authenticating user from database table. In this function doGetAuthenticationInfo() don't we need to set the Subject?
What is the purpose of SimpleAuthenticationInfo? package com.kids.crm.services; import java.util.HashSet; import java.util.Set; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AccountException; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authz.AuthorizationException; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.subject.Subject; import org.apache.shiro.util.SimpleByteSource; import org.apache.tapestry5.ioc.annotations.Inject; import org.springframework.beans.factory.annotation.Autowired; import com.kids.crm.dao.DatabaseDao; import com.kids.crm.dao.UserAccountDao; import com.kids.crm.dao.impl.UserAccountDaoImpl; import com.kids.crm.db.Role; import com.kids.crm.db.UserAccount; public class UserRealm extends AuthorizingRealm { @Inject UserAccountDao userAccountDao; public UserRealm() { setName("localaccounts"); setAuthenticationTokenClass(UsernamePasswordToken.class); } private UserAccount findByUsername(String userName) { return (UserAccount) userAccountDao.getUserByUserName(userName); } @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { //Subject currentUser = SecurityUtils.getSubject(); UsernamePasswordToken upToken = (UsernamePasswordToken) token; String username = upToken.getUsername(); upToken.setRememberMe(true); // Null username is invalid if (username == null) { throw new AccountException("Null usernames are not allowed by this realm."); } UserAccount user = findByUsername(username); return new SimpleAuthenticationInfo(username, user.getEncodedPassword(), new SimpleByteSource(user.getPasswordSalt()), getName()); } } -- View this message in context: http://tapestry.1045711.n5.nabble.com/shiro-authentication-tp5106945p5106945.html Sent from the Tapestry - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org