国产一级a片免费看高清,亚洲熟女中文字幕在线视频,黄三级高清在线播放,免费黄色视频在线看

    UsernamePasswordToken token = new UsernamePasswordToken(loginForm.getUsername(), loginForm.getPassphrase());    token.setRememberMe(true);    Subject currentUser = SecurityUtils.getSubject();    currentUser.login(token);

 public void login(AuthenticationToken token) throws AuthenticationException {        clearRunAsIdentitiesInternal();        Subject subject = securityManager.login(this, token);        PrincipalCollection principals;        String host = null;        if (subject instanceof DelegatingSubject) {            DelegatingSubject delegating = (DelegatingSubject) subject;            //we have to do this in case there are assumed identities - we don't want to lose the 'real' principals:            principals = delegating.principals;            host = delegating.host;        } else {            principals = subject.getPrincipals();        }        if (principals == null || principals.isEmpty()) {            String msg = "Principals returned from securityManager.login( token ) returned a null or " +                    "empty value.  This value must be non null and populated with one or more elements.";            throw new IllegalStateException(msg);        }        this.principals = principals;        this.authenticated = true;        if (token instanceof HostAuthenticationToken) {            host = ((HostAuthenticationToken) token).getHost();        }        if (host != null) {            this.host = host;        }        Session session = subject.getSession(false);        if (session != null) {            this.session = decorate(session);        } else {            this.session = null;        }    }

    public Subject login(Subject subject, AuthenticationToken token) throws AuthenticationException {        AuthenticationInfo info;        try {            info = authenticate(token);        } catch (AuthenticationException ae) {            try {                onFailedLogin(token, ae, subject);            } catch (Exception e) {                if (log.isInfoEnabled()) {                    log.info("onFailedLogin method threw an " +                            "exception.  Logging and propagating original AuthenticationException.", e);                }            }            throw ae; //propagate        }        Subject loggedIn = createSubject(token, info, subject);        onSuccessfulLogin(token, info, loggedIn);        return loggedIn;    }

    /**     * Delegates to the wrapped {@link org.apache.shiro.authc.Authenticator Authenticator} for authentication.     */    public AuthenticationInfo authenticate(AuthenticationToken token) throws AuthenticationException {        return this.authenticator.authenticate(token);    }

public final AuthenticationInfo authenticate(AuthenticationToken token) throws AuthenticationException {        if (token == null) {            throw new IllegalArgumentException("Method argumet (authentication token) cannot be null.");        }        log.trace("Authentication attempt received for token [{}]", token);        AuthenticationInfo info;        try {            info = doAuthenticate(token);            if (info == null) {                String msg = "No account information found for authentication token [" + token + "] by this " +                        "Authenticator instance.  Please check that it is configured correctly.";                throw new AuthenticationException(msg);            }        } catch (Throwable t) {            AuthenticationException ae = null;            if (t instanceof AuthenticationException) {                ae = (AuthenticationException) t;            }            if (ae == null) {                //Exception thrown was not an expected AuthenticationException.  Therefore it is probably a little more                //severe or unexpected.  So, wrap in an AuthenticationException, log to warn, and propagate:                String msg = "Authentication failed for token submission [" + token + "].  Possible unexpected " +                        "error? (Typical or expected login exceptions should extend from AuthenticationException).";                ae = new AuthenticationException(msg, t);            }            try {                notifyFailure(token, ae);            } catch (Throwable t2) {                if (log.isWarnEnabled()) {                    String msg = "Unable to send notification for failed authentication attempt - listener error?.  " +                            "Please check your AuthenticationListener implementation(s).  Logging sending exception " +                            "and propagating original AuthenticationException instead...";                    log.warn(msg, t2);                }            }            throw ae;        }        log.debug("Authentication successful for token [{}].  Returned account [{}]", token, info);        notifySuccess(token, info);        return info;    }

    protected AuthenticationInfo doAuthenticate(AuthenticationToken authenticationToken) throws AuthenticationException {        assertRealmsConfigured();        Collection<Realm> realms = getRealms();        if (realms.size() == 1) {            return doSingleRealmAuthentication(realms.iterator().next(), authenticationToken);        } else {            return doMultiRealmAuthentication(realms, authenticationToken);        }    }

    /**     * Performs the authentication attempt by interacting with the single configured realm, which is significantly     * simpler than performing multi-realm logic.     *     * @param realm the realm to consult for AuthenticationInfo.     * @param token the submitted AuthenticationToken representing the subject's (user's) log-in principals and credentials.     * @return the AuthenticationInfo associated with the user account corresponding to the specified {@code token}     */    protected AuthenticationInfo doSingleRealmAuthentication(Realm realm, AuthenticationToken token) {        if (!realm.supports(token)) {            String msg = "Realm [" + realm + "] does not support authentication token [" +                    token + "].  Please ensure that the appropriate Realm implementation is " +                    "configured correctly or that the realm accepts AuthenticationTokens of this type.";            throw new UnsupportedTokenException(msg);        }        AuthenticationInfo info = realm.getAuthenticationInfo(token);        if (info == null) {            String msg = "Realm [" + realm + "] was unable to find account data for the " +                    "submitted AuthenticationToken [" + token + "].";            throw new UnknownAccountException(msg);        }        return info;    }

   public final AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {        AuthenticationInfo info = getCachedAuthenticationInfo(token); //從緩存中讀取        if (info == null) {            //otherwise not cached, perform the lookup:            info = doGetAuthenticationInfo(token);  //緩存中讀不到，則到數(shù)據(jù)庫或者ldap或者jndi等去讀            log.debug("Looked up AuthenticationInfo [{}] from doGetAuthenticationInfo", info);            if (token != null && info != null) {                cacheAuthenticationInfoIfPossible(token, info);            }        } else {            log.debug("Using cached authentication info [{}] to perform credentials matching.", info);        }        if (info != null) {            assertCredentialsMatch(token, info);        } else {            log.debug("No AuthenticationInfo found for submitted AuthenticationToken [{}].  Returning null.", token);        }        return info;    }

    /**     * Checks to see if the authenticationCache class attribute is null, and if so, attempts to acquire one from     * any configured {@link #getCacheManager() cacheManager}.  If one is acquired, it is set as the class attribute.     * The class attribute is then returned.     *     * @return an available cache instance to be used for authentication caching or {@code null} if one is not available.     * @since 1.2     */    private Cache<Object, AuthenticationInfo> getAuthenticationCacheLazy() {        if (this.authenticationCache == null) {            log.trace("No authenticationCache instance set.  Checking for a cacheManager...");            CacheManager cacheManager = getCacheManager();            if (cacheManager != null) {                String cacheName = getAuthenticationCacheName();                log.debug("CacheManager [{}] configured.  Building authentication cache '{}'", cacheManager, cacheName);                this.authenticationCache = cacheManager.getCache(cacheName);            }        }        return this.authenticationCache;    }

 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {        UsernamePasswordToken upToken = (UsernamePasswordToken) token;        String username = upToken.getUsername();        // Null username is invalid        if (username == null) {            throw new AccountException("Null usernames are not allowed by this realm.");        }        Connection conn = null;        SimpleAuthenticationInfo info = null;        try {            conn = dataSource.getConnection();            String password = null;            String salt = null;            switch (saltStyle) {            case NO_SALT:                password = getPasswordForUser(conn, username)[0];                break;            case CRYPT:                // TODO: separate password and hash from getPasswordForUser[0]                throw new ConfigurationException("Not implemented yet");                //break;            case COLUMN:                String[] queryResults = getPasswordForUser(conn, username);                password = queryResults[0];                salt = queryResults[1];                break;            case EXTERNAL:                password = getPasswordForUser(conn, username)[0];                salt = getSaltForUser(username);            }            if (password == null) {                throw new UnknownAccountException("No account found for user [" + username + "]");            }            info = new SimpleAuthenticationInfo(username, password.toCharArray(), getName());                        if (salt != null) {                info.setCredentialsSalt(ByteSource.Util.bytes(salt));            }        } catch (SQLException e) {            final String message = "There was a SQL error while authenticating user [" + username + "]";            if (log.isErrorEnabled()) {                log.error(message, e);            }            // Rethrow any SQL errors as an authentication exception            throw new AuthenticationException(message, e);        } finally {            JdbcUtils.closeConnection(conn);        }        return info;    }

 private String[] getPasswordForUser(Connection conn, String username) throws SQLException {        String[] result;        boolean returningSeparatedSalt = false;        switch (saltStyle) {        case NO_SALT:        case CRYPT:        case EXTERNAL:            result = new String[1];            break;        default:            result = new String[2];            returningSeparatedSalt = true;        }                PreparedStatement ps = null;        ResultSet rs = null;        try {            ps = conn.prepareStatement(authenticationQuery);            ps.setString(1, username);            // Execute query            rs = ps.executeQuery();            // Loop over results - although we are only expecting one result, since usernames should be unique            boolean foundResult = false;            while (rs.next()) {                // Check to ensure only one row is processed                if (foundResult) {                    throw new AuthenticationException("More than one user row found for user [" + username + "]. Usernames must be unique.");                }                result[0] = rs.getString(1);                if (returningSeparatedSalt) {                    result[1] = rs.getString(2);                }                foundResult = true;            }        } finally {            JdbcUtils.closeResultSet(rs);            JdbcUtils.closeStatement(ps);        }        return result;    }

 protected String authenticationQuery = DEFAULT_AUTHENTICATION_QUERY; protected static final String DEFAULT_AUTHENTICATION_QUERY = "select password from users where username = ?";