|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.shiro.codec.CodecSupport org.apache.shiro.authc.credential.SimpleCredentialsMatcher
public class SimpleCredentialsMatcher
Simple CredentialsMatcher implementation. Supports direct (plain) comparison for credentials of type
byte[], char[], and Strings, and if the arguments do not match these types, then reverts back to simple
Object.equals
comparison.
Hashing comparisons (the most common technique used in secure applications) are not supported by this class, but
instead by the HashedCredentialsMatcher
.
HashedCredentialsMatcher
Field Summary |
---|
Fields inherited from class org.apache.shiro.codec.CodecSupport |
---|
PREFERRED_ENCODING |
Constructor Summary | |
---|---|
SimpleCredentialsMatcher()
|
Method Summary | |
---|---|
boolean |
doCredentialsMatch(AuthenticationToken token,
AuthenticationInfo info)
This implementation acquires the token 's credentials
(via getCredentials(token) )
and then the account 's credentials
(via getCredentials(account) ) and then passes both of
them to the equals(tokenCredentials, accountCredentials) method for equality
comparison. |
protected boolean |
equals(Object tokenCredentials,
Object accountCredentials)
Returns true if the tokenCredentials argument is logically equal to the
accountCredentials argument. |
protected Object |
getCredentials(AuthenticationInfo info)
Returns the account 's credentials. |
protected Object |
getCredentials(AuthenticationToken token)
Returns the token 's credentials. |
Methods inherited from class org.apache.shiro.codec.CodecSupport |
---|
isByteSource, objectToBytes, objectToString, toBytes, toBytes, toBytes, toBytes, toBytes, toBytes, toBytes, toChars, toChars, toString, toString, toString |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public SimpleCredentialsMatcher()
Method Detail |
---|
protected Object getCredentials(AuthenticationToken token)
token
's credentials.
This default implementation merely returns
authenticationToken.getCredentials()
and exists as a template hook
if subclasses wish to obtain the credentials in a different way or convert them to a different format before
returning.
token
- the AuthenticationToken
submitted during the authentication attempt.
token
's associated credentials.protected Object getCredentials(AuthenticationInfo info)
account
's credentials.
This default implementation merely returns
account.getCredentials()
and exists as a template hook if subclasses
wish to obtain the credentials in a different way or convert them to a different format before
returning.
info
- the AuthenticationInfo
stored in the data store to be compared against the submitted authentication
token's credentials.
account
's associated credentials.protected boolean equals(Object tokenCredentials, Object accountCredentials)
true
if the tokenCredentials
argument is logically equal to the
accountCredentials
argument.
If both arguments are either a byte array (byte[]), char array (char[]) or String, they will be both be
converted to raw byte arrays via the toBytes
method first, and then resulting byte arrays
are compared via Arrays.equals(byte[],byte[])
.
If either argument cannot be converted to a byte array as described, a simple Object equals
comparison is made.
Subclasses should override this method for more explicit equality checks.
tokenCredentials
- the AuthenticationToken
's associated credentials.accountCredentials
- the AuthenticationInfo
's stored credentials.
true
if the tokenCredentials
are equal to the accountCredentials
.public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
token
's credentials
(via getCredentials(token)
)
and then the account
's credentials
(via getCredentials(account)
) and then passes both of
them to the equals(tokenCredentials, accountCredentials)
method for equality
comparison.
doCredentialsMatch
in interface CredentialsMatcher
token
- the AuthenticationToken
submitted during the authentication attempt.info
- the AuthenticationInfo
stored in the system matching the token principal.
true
if the provided token credentials are equal to the stored account credentials,
false
otherwise
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |