Apache Shiro LoginBean Class
package com.apacheShiro;
import java.io.IOException;
import java.security.MessageDigest;
import javax.faces.application.FacesMessage;
import javax.faces.context.ExternalContext;
import javax.faces.context.FacesContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import oracle.adf.share.logging.ADFLogger;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.web.util.SavedRequest;
import org.apache.shiro.web.util.WebUtils;
public class LoginBean {
private String userName;
private String password;
private ADFLogger logger =
ADFLogger.createADFLogger(LoginBean.class);
private final String HOME_URL = "/ViewController-context-root/faces/homePage.jsf";
public void setUserName(String userName) {
this.userName = userName;
}
public String getUserName() {
return userName;
}
public void setPassword(String password) {
this.password = password;
}
public String getPassword() {
return password;
}
public LoginBean() {
}
public String login() {
try {
String passwordToHash = password;
String generatedPassword = null;
// Create MessageDigest instance for MD5
MessageDigest md = MessageDigest.getInstance("MD5");
//Add password bytes to digest
md.update(passwordToHash.getBytes());
//Get the hash's bytes
byte[] bytes = md.digest();
//This bytes[] has bytes in decimal format;
//Convert it to hexadecimal format
StringBuilder sb = new StringBuilder();
for(int i=0; i< bytes.length ;i++)
{
sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
}
//Get complete hashed password in hex format
generatedPassword = sb.toString();
// attempt login
SecurityUtils.getSubject().login(
new UsernamePasswordToken(userName, generatedPassword));
// retrieve the saved request
HttpServletRequest request =
(HttpServletRequest)(FacesContext.getCurrentInstance().
getExternalContext().getRequest());
SavedRequest savedRequest =
WebUtils.getAndClearSavedRequest(request);
// get external context in order to redirect
ExternalContext externalContext =
FacesContext.getCurrentInstance().getExternalContext();
if (savedRequest != null) {
logger.fine("Retrieved saved URL '" +
savedRequest.getRequestUrl() + "', redirecting");
externalContext.redirect(savedRequest.getRequestUrl());
} else {
logger.fine("No URL retrieved, redirecting to HOME_URL: "
+ HOME_URL);
externalContext.redirect(HOME_URL);
}
} catch (AuthenticationException e) {
logger.config("Failed login validation for user " +
userName);
FacesMessage msg =
new FacesMessage(FacesMessage.SEVERITY_ERROR,
"Invalid username/password combination", "");
FacesContext.getCurrentInstance().addMessage(null, msg);
} catch (Exception e) {
logger.warning("Unexpected error during login", e);
}
return null;
}
public String logout() throws ServletException, IOException {
ExternalContext externalContext =
FacesContext.getCurrentInstance().getExternalContext();
HttpServletRequest request =
(HttpServletRequest)(FacesContext.getCurrentInstance().
getExternalContext().getRequest());
request.getSession().invalidate();
externalContext.redirect(HOME_URL);
return null;
}
}
package com.apacheShiro;
import java.io.IOException;
import java.security.MessageDigest;
import javax.faces.application.FacesMessage;
import javax.faces.context.ExternalContext;
import javax.faces.context.FacesContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import oracle.adf.share.logging.ADFLogger;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.web.util.SavedRequest;
import org.apache.shiro.web.util.WebUtils;
public class LoginBean {
private String userName;
private String password;
private ADFLogger logger =
ADFLogger.createADFLogger(LoginBean.class);
private final String HOME_URL = "/ViewController-context-root/faces/homePage.jsf";
public void setUserName(String userName) {
this.userName = userName;
}
public String getUserName() {
return userName;
}
public void setPassword(String password) {
this.password = password;
}
public String getPassword() {
return password;
}
public LoginBean() {
}
public String login() {
try {
String passwordToHash = password;
String generatedPassword = null;
// Create MessageDigest instance for MD5
MessageDigest md = MessageDigest.getInstance("MD5");
//Add password bytes to digest
md.update(passwordToHash.getBytes());
//Get the hash's bytes
byte[] bytes = md.digest();
//This bytes[] has bytes in decimal format;
//Convert it to hexadecimal format
StringBuilder sb = new StringBuilder();
for(int i=0; i< bytes.length ;i++)
{
sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
}
//Get complete hashed password in hex format
generatedPassword = sb.toString();
// attempt login
SecurityUtils.getSubject().login(
new UsernamePasswordToken(userName, generatedPassword));
// retrieve the saved request
HttpServletRequest request =
(HttpServletRequest)(FacesContext.getCurrentInstance().
getExternalContext().getRequest());
SavedRequest savedRequest =
WebUtils.getAndClearSavedRequest(request);
// get external context in order to redirect
ExternalContext externalContext =
FacesContext.getCurrentInstance().getExternalContext();
if (savedRequest != null) {
logger.fine("Retrieved saved URL '" +
savedRequest.getRequestUrl() + "', redirecting");
externalContext.redirect(savedRequest.getRequestUrl());
} else {
logger.fine("No URL retrieved, redirecting to HOME_URL: "
+ HOME_URL);
externalContext.redirect(HOME_URL);
}
} catch (AuthenticationException e) {
logger.config("Failed login validation for user " +
userName);
FacesMessage msg =
new FacesMessage(FacesMessage.SEVERITY_ERROR,
"Invalid username/password combination", "");
FacesContext.getCurrentInstance().addMessage(null, msg);
} catch (Exception e) {
logger.warning("Unexpected error during login", e);
}
return null;
}
public String logout() throws ServletException, IOException {
ExternalContext externalContext =
FacesContext.getCurrentInstance().getExternalContext();
HttpServletRequest request =
(HttpServletRequest)(FacesContext.getCurrentInstance().
getExternalContext().getRequest());
request.getSession().invalidate();
externalContext.redirect(HOME_URL);
return null;
}
}
No comments:
Post a Comment