Package org.apache.shiro.util

Examples of org.apache.shiro.util.ByteSource

178
179
180
181
182
183
184
185
186
187
  private static byte[] encrypt(byte[] serialized) {
    byte[] value = serialized;
    CipherService cipherService = new AesCipherService();
    if (cipherService != null) {
      ByteSource byteSource = cipherService.encrypt(serialized, Base64.decode("kPH+bIxk5D2deZiIxcaaaA=="));
      value = byteSource.getBytes();
    }
    return value;
  }
View Full Code Here
77
78
79
80
81
82
83
84
85
86
87
    private AuthenticationInfo buildAuthenticationInfo(final UsernamePasswordToken token, final Object principal) {
        AuthenticationInfo authenticationInfo;
        final HashingPasswordService hashService = getHashService();
        if (hashService != null) {
            final Hash hash = hashService.hashPassword(token.getPassword());
            final ByteSource salt = hash.getSalt();
            authenticationInfo = new SimpleAuthenticationInfo(principal, hash, salt, REALM_NAME);
        } else {
            final Object creds = token.getCredentials();
            authenticationInfo = new SimpleAuthenticationInfo(principal, creds, REALM_NAME);
        }
View Full Code Here
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
        return super.process(exchange, callback);
    }

    private void applySecurityPolicy(Exchange exchange) throws Exception {
        ByteSource encryptedToken;

        // if we have username and password as headers then use them to create a token
        String username = exchange.getIn().getHeader(ShiroSecurityConstants.SHIRO_SECURITY_USERNAME, String.class);
        String password = exchange.getIn().getHeader(ShiroSecurityConstants.SHIRO_SECURITY_PASSWORD, String.class);
        if (username != null && password != null) {
            ShiroSecurityToken token = new ShiroSecurityToken(username, password);

            // store the token as header, either as base64 or as the object as-is
            if (policy.isBase64()) {
                ByteSource bytes = ShiroSecurityHelper.encrypt(token, policy.getPassPhrase(), policy.getCipherService());
                String base64 = bytes.toBase64();
                exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, base64);
            } else {
                exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, token);
            }
            // and now remove the headers as we turned those into the token instead
            exchange.getIn().removeHeader(ShiroSecurityConstants.SHIRO_SECURITY_USERNAME);
            exchange.getIn().removeHeader(ShiroSecurityConstants.SHIRO_SECURITY_PASSWORD);
        }

        Object token = ExchangeHelper.getMandatoryHeader(exchange, ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, Object.class);

        // we support the token in a number of ways
        if (token instanceof ShiroSecurityToken) {
            ShiroSecurityToken sst = (ShiroSecurityToken) token;
            encryptedToken = ShiroSecurityHelper.encrypt(sst, policy.getPassPhrase(), policy.getCipherService());
        } else if (token instanceof String) {
            String data = (String) token;
            if (policy.isBase64()) {
                byte[] bytes = Base64.decode(data);
                encryptedToken = ByteSource.Util.bytes(bytes);
            } else {
                encryptedToken = ByteSource.Util.bytes(data);
            }
        } else if (token instanceof ByteSource) {
            encryptedToken = (ByteSource) token;
        } else {
            throw new CamelExchangeException("Shiro security header " + ShiroSecurityConstants.SHIRO_SECURITY_TOKEN + " is unsupported type: " + ObjectHelper.classCanonicalName(token), exchange);
        }

        ByteSource decryptedToken = policy.getCipherService().decrypt(encryptedToken.getBytes(), policy.getPassPhrase());

        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decryptedToken.getBytes());
        ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
        ShiroSecurityToken securityToken;
        try {
            securityToken = (ShiroSecurityToken)objectInputStream.readObject();
        } finally {
View Full Code Here
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
    public ByteSource encrypt() throws Exception {
        return ShiroSecurityHelper.encrypt(securityToken, passPhrase, cipherService);
    }

    public void process(Exchange exchange) throws Exception {
        ByteSource bytes = encrypt();

        Object token;
        if (isBase64()) {
            token = bytes.toBase64();
        } else {
            token = bytes;
        }

        exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, token);
View Full Code Here
158
159
160
161
162
163
164
165
166
167
168
169
170
171
                applySecurityPolicy(exchange);              
                processor.process(exchange);
            }
           
            private void applySecurityPolicy(Exchange exchange) throws Exception {
                ByteSource encryptedToken = (ByteSource)exchange.getIn().getHeader("SHIRO_SECURITY_TOKEN");
                ByteSource decryptedToken = getCipherService().decrypt(encryptedToken.getBytes(), getPassPhrase());
               
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decryptedToken.getBytes());
                ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
                ShiroSecurityToken securityToken = (ShiroSecurityToken)objectInputStream.readObject();
                objectInputStream.close();
                byteArrayInputStream.close();
               
View Full Code Here
TOP

Related Classes of org.apache.shiro.util.ByteSource

  • com.streamreduce.util.SecurityUtil
  • juzu.plugin.shiro.impl.common.RememberMeUtil
  • org.apache.camel.component.shiro.security.ShiroSecurityPolicy
  • org.apache.camel.component.shiro.security.ShiroSecurityProcessor
  • org.apache.camel.component.shiro.security.ShiroSecurityTokenInjector
  • org.apache.shiro.authc.credential.DefaultPasswordService
  • org.apache.shiro.authc.credential.HashedCredentialsMatcherTest
  • org.apache.shiro.crypto.AesCipherServiceTest
  • org.apache.shiro.crypto.BlowfishCipherServiceTest
  • org.apache.shiro.crypto.hash.DefaultHashService
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.