org.apache.shiro.authc.credential
Class SimpleCredentialsMatcher

java.lang.Object
  extended by org.apache.shiro.codec.CodecSupport
      extended by org.apache.shiro.authc.credential.SimpleCredentialsMatcher
All Implemented Interfaces:
CredentialsMatcher
Direct Known Subclasses:
HashedCredentialsMatcher

public class SimpleCredentialsMatcher
extends CodecSupport
implements CredentialsMatcher

Simple CredentialsMatcher implementation. Supports direct (plain) comparison for credentials of type byte[], char[], and Strings, and if the arguments do not match these types, then reverts back to simple Object.equals comparison.

Hashing comparisons (the most common technique used in secure applications) are not supported by this class, but instead by the HashedCredentialsMatcher.

Since:
0.9
See Also:
HashedCredentialsMatcher

Field Summary
 
Fields inherited from class org.apache.shiro.codec.CodecSupport
PREFERRED_ENCODING
 
Constructor Summary
SimpleCredentialsMatcher()
           
 
Method Summary
 boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
          This implementation acquires the token's credentials (via getCredentials(token)) and then the account's credentials (via getCredentials(account)) and then passes both of them to the equals(tokenCredentials, accountCredentials) method for equality comparison.
protected  boolean equals(Object tokenCredentials, Object accountCredentials)
          Returns true if the tokenCredentials argument is logically equal to the accountCredentials argument.
protected  Object getCredentials(AuthenticationInfo info)
          Returns the account's credentials.
protected  Object getCredentials(AuthenticationToken token)
          Returns the token's credentials.
 
Methods inherited from class org.apache.shiro.codec.CodecSupport
isByteSource, objectToBytes, objectToString, toBytes, toBytes, toBytes, toBytes, toBytes, toBytes, toBytes, toChars, toChars, toString, toString, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SimpleCredentialsMatcher

public SimpleCredentialsMatcher()
Method Detail

getCredentials

protected Object getCredentials(AuthenticationToken token)
Returns the token's credentials.

This default implementation merely returns authenticationToken.getCredentials() and exists as a template hook if subclasses wish to obtain the credentials in a different way or convert them to a different format before returning.

Parameters:
token - the AuthenticationToken submitted during the authentication attempt.
Returns:
the token's associated credentials.

getCredentials

protected Object getCredentials(AuthenticationInfo info)
Returns the account's credentials.

This default implementation merely returns account.getCredentials() and exists as a template hook if subclasses wish to obtain the credentials in a different way or convert them to a different format before returning.

Parameters:
info - the AuthenticationInfo stored in the data store to be compared against the submitted authentication token's credentials.
Returns:
the account's associated credentials.

equals

protected boolean equals(Object tokenCredentials,
                         Object accountCredentials)
Returns true if the tokenCredentials argument is logically equal to the accountCredentials argument.

If both arguments are either a byte array (byte[]), char array (char[]) or String, they will be both be converted to raw byte arrays via the toBytes method first, and then resulting byte arrays are compared via Arrays.equals(byte[],byte[]).

If either argument cannot be converted to a byte array as described, a simple Object equals comparison is made.

Subclasses should override this method for more explicit equality checks.

Parameters:
tokenCredentials - the AuthenticationToken's associated credentials.
accountCredentials - the AuthenticationInfo's stored credentials.
Returns:
true if the tokenCredentials are equal to the accountCredentials.

doCredentialsMatch

public boolean doCredentialsMatch(AuthenticationToken token,
                                  AuthenticationInfo info)
This implementation acquires the token's credentials (via getCredentials(token)) and then the account's credentials (via getCredentials(account)) and then passes both of them to the equals(tokenCredentials, accountCredentials) method for equality comparison.

Specified by:
doCredentialsMatch in interface CredentialsMatcher
Parameters:
token - the AuthenticationToken submitted during the authentication attempt.
info - the AuthenticationInfo stored in the system matching the token principal.
Returns:
true if the provided token credentials are equal to the stored account credentials, false otherwise


Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.