Examples of org.apache.shiro.authc.AuthenticationToken

• org.apache.shiro.authc.AuthenticationToken

  An AuthenticationToken is a consolidation of an account's principals and supporting credentials submitted by a user during an authentication attempt.

  The token is submitted to an {@link Authenticator Authenticator} via the{@link Authenticator#authenticate(AuthenticationToken) authenticate(token)} method. TheAuthenticator then executes the authentication/log-in process.

  Common implementations of an AuthenticationToken would have username/password pairs, X.509 Certificate, PGP key, or anything else you can think of. The token can be anything needed by an {@link Authenticator} to authenticate properly.

  Because applications represent user data and credentials in different ways, implementations of this interface are application-specific. You are free to acquire a user's principals and credentials however you wish (e.g. web form, Swing form, fingerprint identification, etc) and then submit them to the Shiro framework in the form of an implementation of this interface.

  If your application's authentication process is username/password based (like most), instead of implementing this interface yourself, take a look at the {@link UsernamePasswordToken UsernamePasswordToken} class, as it is probably sufficient for your needs.

  RememberMe services are enabled for a token if they implement a sub-interface of this one, called {@link RememberMeAuthenticationToken RememberMeAuthenticationToken}. Implement that interfac if you need RememberMe services (the UsernamePasswordToken already implements this interface).

  If you are familiar with JAAS, an AuthenticationToken replaces the concept of a {@link javax.security.auth.callback.Callback}, and defines meaningful behavior (Callback is just a marker interface, and of little use). We also think the name AuthenticationToken more accurately reflects its true purpose in a login framework, whereas Callback is less obvious. @author Les Hazlewood @see RememberMeAuthenticationToken @see HostAuthenticationToken @see UsernamePasswordToken @since 0.1

        assertTrue(this.realm.hasRole(principals, ROLE_NAME));
    }

    @Test(expected = AuthenticationException.class)
    public void testInvalidUsernamePassword() {
        AuthenticationToken token = new UsernamePasswordToken("InvalidUser", "somePassword");
        this.realm.getAuthenticationInfo(token);
    }

        this.realm.getAuthenticationInfo(token);
    }

    @Test(expected = AuthenticationException.class)
    public void testGuestUsernamePassword() {
        AuthenticationToken token = new UsernamePasswordToken("Guest", "somePassword");
        this.realm.getAuthenticationInfo(token);
    }

        this.negAuthRealm = new NegotiateAuthenticationRealm();
    }

    public void testSupports() {
        assertFalse("Non-NegotiateToken should not be supported.",
                this.negAuthRealm.supports(new AuthenticationToken() {
                    private static final long serialVersionUID = 334672725950031145L;

                    @Override
                    public Object getPrincipal() {
                        return null;

        final AtomicReference<Object> authenticated = new AtomicReference<Object>();

        Mockito.doAnswer(new Answer<Void>() {
            @Override
            public Void answer(InvocationOnMock invocation) throws Throwable {
                AuthenticationToken t = (AuthenticationToken) invocation.getArguments()[0];
                try {
                    authConnector.authenticate(t.getPrincipal().toString(), (Credentials) t.getCredentials());
                } catch (AuthenticationException e) {
                    throw new org.apache.shiro.authc.AuthenticationException(e);
                }
                authenticated.set(t.getPrincipal());
                return null;
            }
        }).when(mockSubject).login(Mockito.any(AuthenticationToken.class));

        when(mockSubject.isAuthenticated()).thenAnswer(new Answer<Boolean>() {

            if (!subject.isAuthenticated()) {

                SubjectConnectionReference connection = new SubjectConnectionReference(context, info, getEnvironment(), subject);

                if (this.authenticationPolicy.isAuthenticationRequired(connection)) {
                    AuthenticationToken token = this.authenticationTokenFactory.getAuthenticationToken(connection);
                    if (token == null) {
                        String msg = "Unable to obtain authentication credentials for newly established connection.  " +
                                "Authentication is required.";
                        throw new AuthenticationException(msg);
                    }