Class SimpleCredentialsMatcher
-
- org.apache.shiro.codec.CodecSupport
-
- org.apache.shiro.authc.credential.SimpleCredentialsMatcher
-
- All Implemented Interfaces:
CredentialsMatcher
- Direct Known Subclasses:
HashedCredentialsMatcher
public class SimpleCredentialsMatcher extends org.apache.shiro.codec.CodecSupport implements CredentialsMatcher
Simple CredentialsMatcher implementation. Supports direct (plain) comparison for credentials of type byte[], char[], and Strings, and if the arguments do not match these types, then reverts back to simpleObject.equals
comparison.Hashing comparisons (the most common technique used in secure applications) are not supported by this class, but instead by the
HashedCredentialsMatcher
.- Since:
- 0.9
- See Also:
HashedCredentialsMatcher
-
-
Constructor Summary
Constructors Constructor Description SimpleCredentialsMatcher()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
This implementation acquires thetoken
's credentials (viagetCredentials(token)
) and then theaccount
's credentials (viagetCredentials(account)
) and then passes both of them to theequals(tokenCredentials, accountCredentials)
method for equality comparison.protected boolean
tokenCredentials, accountCredentials)
Returnstrue
if thetokenCredentials
argument is logically equal to theaccountCredentials
argument.protected
getCredentials(AuthenticationInfo info)
Returns theaccount
's credentials.protected
getCredentials(AuthenticationToken token)
Returns thetoken
's credentials.
-
-
-
Method Detail
-
getCredentials
protected getCredentials(AuthenticationToken token)
Returns thetoken
's credentials.This default implementation merely returns
authenticationToken.getCredentials()
and exists as a template hook if subclasses wish to obtain the credentials in a different way or convert them to a different format before returning.- Parameters:
token
- theAuthenticationToken
submitted during the authentication attempt.- Returns:
- the
token
's associated credentials.
-
getCredentials
protected getCredentials(AuthenticationInfo info)
Returns theaccount
's credentials.This default implementation merely returns
account.getCredentials()
and exists as a template hook if subclasses wish to obtain the credentials in a different way or convert them to a different format before returning.- Parameters:
info
- theAuthenticationInfo
stored in the data store to be compared against the submitted authentication token's credentials.- Returns:
- the
account
's associated credentials.
-
equals
protected boolean equals( tokenCredentials, accountCredentials)
Returnstrue
if thetokenCredentials
argument is logically equal to theaccountCredentials
argument.If both arguments are either a byte array (byte[]), char array (char[]) or String, they will be both be converted to raw byte arrays via the
toBytes
method first, and then resulting byte arrays are compared via .If either argument cannot be converted to a byte array as described, a simple Object
equals
comparison is made.Subclasses should override this method for more explicit equality checks.
- Parameters:
tokenCredentials
- theAuthenticationToken
's associated credentials.accountCredentials
- theAuthenticationInfo
's stored credentials.- Returns:
true
if thetokenCredentials
are equal to theaccountCredentials
.
-
doCredentialsMatch
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
This implementation acquires thetoken
's credentials (viagetCredentials(token)
) and then theaccount
's credentials (viagetCredentials(account)
) and then passes both of them to theequals(tokenCredentials, accountCredentials)
method for equality comparison.- Specified by:
doCredentialsMatch
in interfaceCredentialsMatcher
- Parameters:
token
- theAuthenticationToken
submitted during the authentication attempt.info
- theAuthenticationInfo
stored in the system matching the token principal.- Returns:
true
if the provided token credentials are equal to the stored account credentials,false
otherwise
-
-