Package org.apache.shiro.util

Examples of org.apache.shiro.util.ByteSource

68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
        return super.process(exchange, callback);
    }

    private void applySecurityPolicy(Exchange exchange) throws Exception {
        ByteSource encryptedToken;

        // if we have username and password as headers then use them to create a token
        String username = exchange.getIn().getHeader(ShiroSecurityConstants.SHIRO_SECURITY_USERNAME, String.class);
        String password = exchange.getIn().getHeader(ShiroSecurityConstants.SHIRO_SECURITY_PASSWORD, String.class);
        if (username != null && password != null) {
            ShiroSecurityToken token = new ShiroSecurityToken(username, password);

            // store the token as header, either as base64 or as the object as-is
            if (policy.isBase64()) {
                ByteSource bytes = ShiroSecurityHelper.encrypt(token, policy.getPassPhrase(), policy.getCipherService());
                String base64 = bytes.toBase64();
                exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, base64);
            } else {
                exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, token);
            }
            // and now remove the headers as we turned those into the token instead
            exchange.getIn().removeHeader(ShiroSecurityConstants.SHIRO_SECURITY_USERNAME);
            exchange.getIn().removeHeader(ShiroSecurityConstants.SHIRO_SECURITY_PASSWORD);
        }

        Object token = ExchangeHelper.getMandatoryHeader(exchange, ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, Object.class);

        // we support the token in a number of ways
        if (token instanceof ShiroSecurityToken) {
            ShiroSecurityToken sst = (ShiroSecurityToken) token;
            encryptedToken = ShiroSecurityHelper.encrypt(sst, policy.getPassPhrase(), policy.getCipherService());
            // Remove unencrypted token + replace with an encrypted token
            exchange.getIn().removeHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN);
            exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, encryptedToken);
        } else if (token instanceof String) {
            String data = (String) token;
            if (policy.isBase64()) {
                byte[] bytes = Base64.decode(data);
                encryptedToken = ByteSource.Util.bytes(bytes);
            } else {
                encryptedToken = ByteSource.Util.bytes(data);
            }
        } else if (token instanceof ByteSource) {
            encryptedToken = (ByteSource) token;
        } else {
            throw new CamelExchangeException("Shiro security header " + ShiroSecurityConstants.SHIRO_SECURITY_TOKEN + " is unsupported type: " + ObjectHelper.classCanonicalName(token), exchange);
        }

        ByteSource decryptedToken = policy.getCipherService().decrypt(encryptedToken.getBytes(), policy.getPassPhrase());

        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decryptedToken.getBytes());
        ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
        ShiroSecurityToken securityToken;
        try {
            securityToken = (ShiroSecurityToken)objectInputStream.readObject();
        } finally {
View Full Code Here
160
161
162
163
164
165
166
167
168
169
170
171
172
173
                applySecurityPolicy(exchange);              
                processor.process(exchange);
            }
           
            private void applySecurityPolicy(Exchange exchange) throws Exception {
                ByteSource encryptedToken = ExchangeHelper.getMandatoryHeader(exchange, "SHIRO_SECURITY_TOKEN", ByteSource.class);
                ByteSource decryptedToken = getCipherService().decrypt(encryptedToken.getBytes(), getPassPhrase());
               
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decryptedToken.getBytes());
                ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
                ShiroSecurityToken securityToken;
                try {
                    securityToken = (ShiroSecurityToken)objectInputStream.readObject();
                } finally {
View Full Code Here
207
208
209
210
211
212
213
214
215
216
217
                } else {
                    iterations = DEFAULT_NUM_ITERATIONS;
                }
            }

            ByteSource salt = getSalt(saltString, saltBytesString, generateSalt, generatedSaltSize);

            SimpleHash hash = new SimpleHash(algorithm, source, salt, iterations);

            if (formatString == null) {
                //Output format was not specified.  Default to 'shiro1' when password hashing, and 'hex' for
View Full Code Here
158
159
160
161
162
163
164
165
166
167
168
169
170
171
                applySecurityPolicy(exchange);              
                processor.process(exchange);
            }
           
            private void applySecurityPolicy(Exchange exchange) throws Exception {
                ByteSource encryptedToken = (ByteSource)exchange.getIn().getHeader("SHIRO_SECURITY_TOKEN");
                ByteSource decryptedToken = getCipherService().decrypt(encryptedToken.getBytes(), getPassPhrase());
               
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decryptedToken.getBytes());
                ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
                ShiroSecurityToken securityToken = (ShiroSecurityToken)objectInputStream.readObject();
                objectInputStream.close();
                byteArrayInputStream.close();
               
View Full Code Here
470
471
472
473
474
475
476
477
478
479
     */
    protected byte[] encrypt(byte[] serialized) {
        byte[] value = serialized;
        CipherService cipherService = getCipherService();
        if (cipherService != null) {
            ByteSource byteSource = cipherService.encrypt(serialized, getEncryptionCipherKey());
            value = byteSource.getBytes();
        }
        return value;
    }
View Full Code Here
486
487
488
489
490
491
492
493
494
495
     */
    protected byte[] decrypt(byte[] encrypted) {
        byte[] serialized = encrypted;
        CipherService cipherService = getCipherService();
        if (cipherService != null) {
            ByteSource byteSource = cipherService.decrypt(encrypted, getDecryptionCipherKey());
            serialized = byteSource.getBytes();
        }
        return serialized;
    }
View Full Code Here
48
49
50
51
52
53
54
55
56
57
        byte[] key = blowfish.generateNewKey().getEncoded();

        for (String plain : PLAINTEXTS) {
            byte[] plaintext = CodecSupport.toBytes(plain);
            ByteSource ciphertext = blowfish.encrypt(plaintext, key);
            ByteSource decrypted = blowfish.decrypt(ciphertext.getBytes(), key);
            assertTrue(Arrays.equals(plaintext, decrypted.getBytes()));
        }
    }
View Full Code Here
48
49
50
51
52
53
54
55
56
57
        byte[] key = aes.generateNewKey().getEncoded();

        for (String plain : PLAINTEXTS) {
            byte[] plaintext = CodecSupport.toBytes(plain);
            ByteSource ciphertext = aes.encrypt(plaintext, key);
            ByteSource decrypted = aes.decrypt(ciphertext.getBytes(), key);
            assertTrue(Arrays.equals(plaintext, decrypted.getBytes()));
        }
    }
View Full Code Here
160
161
162
163
164
165
166
167
168
169
170
171
172
173
                applySecurityPolicy(exchange);              
                processor.process(exchange);
            }
           
            private void applySecurityPolicy(Exchange exchange) throws Exception {
                ByteSource encryptedToken = ExchangeHelper.getMandatoryHeader(exchange, "SHIRO_SECURITY_TOKEN", ByteSource.class);
                ByteSource decryptedToken = getCipherService().decrypt(encryptedToken.getBytes(), getPassPhrase());
               
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decryptedToken.getBytes());
                ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
                ShiroSecurityToken securityToken;
                try {
                    securityToken = (ShiroSecurityToken)objectInputStream.readObject();
                } finally {
View Full Code Here
159
160
161
162
163
164
165
166
167
168
169
170
171
172
                applySecurityPolicy(exchange);              
                processor.process(exchange);
            }
           
            private void applySecurityPolicy(Exchange exchange) throws Exception {
                ByteSource encryptedToken = (ByteSource)exchange.getIn().getHeader("SHIRO_SECURITY_TOKEN");
                ByteSource decryptedToken = getCipherService().decrypt(encryptedToken.getBytes(), getPassPhrase());
               
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decryptedToken.getBytes());
                ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
                ShiroSecurityToken securityToken = (ShiroSecurityToken)objectInputStream.readObject();
                objectInputStream.close();
                byteArrayInputStream.close();
               
View Full Code Here
TOP

Related Classes of org.apache.shiro.util.ByteSource

  • com.streamreduce.util.SecurityUtil
  • juzu.plugin.shiro.impl.common.RememberMeUtil
  • org.apache.camel.component.shiro.security.ShiroSecurityPolicy
  • org.apache.camel.component.shiro.security.ShiroSecurityProcessor
  • org.apache.camel.component.shiro.security.ShiroSecurityTokenInjector
  • org.apache.shiro.authc.credential.DefaultPasswordService
  • org.apache.shiro.authc.credential.HashedCredentialsMatcherTest
  • org.apache.shiro.crypto.AesCipherServiceTest
  • org.apache.shiro.crypto.BlowfishCipherServiceTest
  • org.apache.shiro.crypto.hash.DefaultHashService
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.