Uses of Interface
org.apache.shiro.authc.AuthenticationToken

Packages that use AuthenticationToken
org.apache.shiro.authc Core interfaces and exceptions concerning Authentication (the act of logging-in). 
org.apache.shiro.authc.credential Support for validating credentials (such as passwords or X509 certificates) during authentication via the CredentialsMatcher interface and its supporting implementations. 
org.apache.shiro.authc.pam Support for PAM, or Pluggable Authentication Modules, which is the capability to authenticate a user against multiple configurable (pluggable) modules (Shiro calls these Realms). 
org.apache.shiro.cas   
org.apache.shiro.mgt Provides the master SecurityManager interface and a default implementation hierarchy for managing all aspects of Shiro's functionality in an application. 
org.apache.shiro.realm Components and sub-packages used in supporting the core Realm interface. 
org.apache.shiro.realm.activedirectory Realms that acquire security data from a Microsoft Active Directory. 
org.apache.shiro.realm.jdbc Realms that acquire security data from an RDBMS (Relational Database Management System) using the JDBC API. 
org.apache.shiro.realm.ldap Realms that acquire security data from an LDAP (Lightweight Directory Access Protocol) server utilizing LDAP/Naming APIs. 
org.apache.shiro.subject Components supporting the Subject interface, the most important concept in Shiro's API. 
org.apache.shiro.subject.support Concrete support implementations of most of the org.apache.shiro.subject interfaces. 
org.apache.shiro.web.filter.authc Servlet Filter implementations specific to controlling access based on a subject's authentication status, or those that can execute authentications (log-ins) directly. 
 

Uses of AuthenticationToken in org.apache.shiro.authc
 

Subinterfaces of AuthenticationToken in org.apache.shiro.authc
 interface HostAuthenticationToken
          A HostAuthenticationToken retains the host information from where an authentication attempt originates.
 interface RememberMeAuthenticationToken
          An AuthenticationToken that indicates if the user wishes their identity to be remembered across sessions.
 

Classes in org.apache.shiro.authc that implement AuthenticationToken
 class UsernamePasswordToken
          A simple username/password authentication token to support the most widely-used authentication mechanism.
 

Methods in org.apache.shiro.authc with parameters of type AuthenticationToken
 AuthenticationInfo Authenticator.authenticate(AuthenticationToken authenticationToken)
          Authenticates a user based on the submitted AuthenticationToken.
 AuthenticationInfo AbstractAuthenticator.authenticate(AuthenticationToken token)
          Implementation of the Authenticator interface that functions in the following manner: Calls template doAuthenticate method for subclass execution of the actual authentication behavior. If an AuthenticationException is thrown during doAuthenticate, notify any registered AuthenticationListeners of the exception and then propogate the exception for the caller to handle. If no exception is thrown (indicating a successful login), notify any registered AuthenticationListeners of the successful attempt. Return the AuthenticationInfo
protected abstract  AuthenticationInfo AbstractAuthenticator.doAuthenticate(AuthenticationToken token)
          Template design pattern hook for subclasses to implement specific authentication behavior.
protected  void AbstractAuthenticator.notifyFailure(AuthenticationToken token, AuthenticationException ae)
          Notifies any registered AuthenticationListeners that authentication failed for the specified token which resulted in the specified ae exception.
protected  void AbstractAuthenticator.notifySuccess(AuthenticationToken token, AuthenticationInfo info)
          Notifies any registered AuthenticationListeners that authentication was successful for the specified token which resulted in the specified info.
 void AuthenticationListener.onFailure(AuthenticationToken token, AuthenticationException ae)
          Callback triggered when an authentication attempt for a Subject has failed.
 void AuthenticationListener.onSuccess(AuthenticationToken token, AuthenticationInfo info)
          Callback triggered when an authentication attempt for a Subject has succeeded.
 

Uses of AuthenticationToken in org.apache.shiro.authc.credential
 

Methods in org.apache.shiro.authc.credential with parameters of type AuthenticationToken
 boolean SimpleCredentialsMatcher.doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
          This implementation acquires the token's credentials (via getCredentials(token)) and then the account's credentials (via getCredentials(account)) and then passes both of them to the equals(tokenCredentials, accountCredentials) method for equality comparison.
 boolean PasswordMatcher.doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
           
 boolean HashedCredentialsMatcher.doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
          This implementation first hashes the token's credentials, potentially using a salt if the info argument is a SaltedAuthenticationInfo.
 boolean CredentialsMatcher.doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
          Returns true if the provided token credentials match the stored account credentials, false otherwise.
 boolean AllowAllCredentialsMatcher.doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
          Returns true always no matter what the method arguments are.
protected  Object SimpleCredentialsMatcher.getCredentials(AuthenticationToken token)
          Returns the token's credentials.
protected  Object HashedCredentialsMatcher.getSalt(AuthenticationToken token)
          Deprecated. since Shiro 1.1. Hash salting is now expected to be based on if the AuthenticationInfo returned from the Realm is a SaltedAuthenticationInfo instance and its getCredentialsSalt() method returns a non-null value. This method and the 1.0 behavior still exists for backwards compatibility if the Realm does not return SaltedAuthenticationInfo instances, but it is highly recommended that Realm implementations that support hashed credentials start returning SaltedAuthenticationInfo instances as soon as possible.

This is because salts should always be obtained from the stored account information and never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user are almost impossible to break. This method will be removed in Shiro 2.0.

protected  Object PasswordMatcher.getSubmittedPassword(AuthenticationToken token)
           
protected  Object HashedCredentialsMatcher.hashProvidedCredentials(AuthenticationToken token, AuthenticationInfo info)
          Hash the provided token's credentials using the salt stored with the account if the info instance is an instanceof SaltedAuthenticationInfo (see the class-level JavaDoc for why this is the preferred approach).
 

Uses of AuthenticationToken in org.apache.shiro.authc.pam
 

Methods in org.apache.shiro.authc.pam with parameters of type AuthenticationToken
 AuthenticationInfo AuthenticationStrategy.afterAllAttempts(AuthenticationToken token, AuthenticationInfo aggregate)
          Method invoked by the ModularAuthenticator signifying that all of its configured Realms have been consulted for account data, allowing post-proccessing after all realms have completed.
 AuthenticationInfo AtLeastOneSuccessfulStrategy.afterAllAttempts(AuthenticationToken token, AuthenticationInfo aggregate)
          Ensures that the aggregate method argument is not null and aggregate.getPrincipals() is not null, and if either is null, throws an AuthenticationException to indicate that none of the realms authenticated successfully.
 AuthenticationInfo AbstractAuthenticationStrategy.afterAllAttempts(AuthenticationToken token, AuthenticationInfo aggregate)
          Simply returns the aggregate argument without modification.
 AuthenticationInfo AuthenticationStrategy.afterAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo singleRealmInfo, AuthenticationInfo aggregateInfo, Throwable t)
          Method invoked by the ModularAuthenticator just after the given realm has been consulted for authentication, allowing post-authentication-attempt logic for that realm only.
 AuthenticationInfo AllSuccessfulStrategy.afterAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo info, AuthenticationInfo aggregate, Throwable t)
          Merges the specified info into the aggregate argument and returns it (just as the parent implementation does), but additionally ensures the following: if the Throwable argument is not null, re-throws it to immediately cancel the authentication process, since this strategy requires all realms to authenticate successfully. neither the info or aggregate argument is null to ensure that each realm did in fact authenticate successfully
 AuthenticationInfo AbstractAuthenticationStrategy.afterAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo singleRealmInfo, AuthenticationInfo aggregateInfo, Throwable t)
          Base implementation that will aggregate the specified singleRealmInfo into the aggregateInfo and then returns the aggregate.
 AuthenticationInfo FirstSuccessfulStrategy.beforeAllAttempts(Collection<? extends Realm> realms, AuthenticationToken token)
          Returns null immediately, relying on this class's merge implementation to return only the first info object it encounters, ignoring all subsequent ones.
 AuthenticationInfo AuthenticationStrategy.beforeAllAttempts(Collection<? extends Realm> realms, AuthenticationToken token)
          Method invoked by the ModularAuthenticator signifying that the authentication process is about to begin for the specified token - called before any Realm is actually invoked.
 AuthenticationInfo AbstractAuthenticationStrategy.beforeAllAttempts(Collection<? extends Realm> realms, AuthenticationToken token)
          Simply returns new SimpleAuthenticationInfo();, which supports aggregating account data across realms.
 AuthenticationInfo AuthenticationStrategy.beforeAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo aggregate)
          Method invoked by the ModularAuthenticator just prior to the realm being consulted for account data, allowing pre-authentication-attempt logic for that realm only.
 AuthenticationInfo AllSuccessfulStrategy.beforeAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo info)
          Because all realms in this strategy must complete successfully, this implementation ensures that the given Realm supports the given token argument.
 AuthenticationInfo AbstractAuthenticationStrategy.beforeAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo aggregate)
          Simply returns the aggregate method argument, without modification.
protected  AuthenticationInfo ModularRealmAuthenticator.doAuthenticate(AuthenticationToken authenticationToken)
          Attempts to authenticate the given token by iterating over the internal collection of Realms.
protected  AuthenticationInfo ModularRealmAuthenticator.doMultiRealmAuthentication(Collection<Realm> realms, AuthenticationToken token)
          Performs the multi-realm authentication attempt by calling back to a AuthenticationStrategy object as each realm is consulted for AuthenticationInfo for the specified token.
protected  AuthenticationInfo ModularRealmAuthenticator.doSingleRealmAuthentication(Realm realm, AuthenticationToken token)
          Performs the authentication attempt by interacting with the single configured realm, which is significantly simpler than performing multi-realm logic.
 

Uses of AuthenticationToken in org.apache.shiro.cas
 

Classes in org.apache.shiro.cas that implement AuthenticationToken
 class CasToken
          This class represents a token for a CAS authentication (service ticket + user id + remember me).
 

Methods in org.apache.shiro.cas that return AuthenticationToken
protected  AuthenticationToken CasFilter.createToken(ServletRequest request, ServletResponse response)
          The token created for this authentication is a CasToken containing the CAS service ticket received on the CAS service url (on which the filter must be configured).
 

Methods in org.apache.shiro.cas with parameters of type AuthenticationToken
protected  AuthenticationInfo CasRealm.doGetAuthenticationInfo(AuthenticationToken token)
          Authenticates a user and retrieves its information.
protected  boolean CasFilter.onLoginFailure(AuthenticationToken token, AuthenticationException ae, ServletRequest request, ServletResponse response)
          If login has failed, redirect user to the CAS error page (no ticket or ticket validation failed) except if the user is already authenticated, in which case redirect to the default success url.
protected  boolean CasFilter.onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response)
          If login has been successful, redirect user to the original protected url.
 

Uses of AuthenticationToken in org.apache.shiro.mgt
 

Methods in org.apache.shiro.mgt with parameters of type AuthenticationToken
 AuthenticationInfo AuthenticatingSecurityManager.authenticate(AuthenticationToken token)
          Delegates to the wrapped Authenticator for authentication.
protected  Subject DefaultSecurityManager.createSubject(AuthenticationToken token, AuthenticationInfo info, Subject existing)
          Creates a Subject instance for the user represented by the given method arguments.
protected  boolean AbstractRememberMeManager.isRememberMe(AuthenticationToken token)
          Determines whether or not remember me services should be performed for the specified token.
 Subject SecurityManager.login(Subject subject, AuthenticationToken authenticationToken)
          Logs in the specified Subject using the given authenticationToken, returning an updated Subject instance reflecting the authenticated state if successful or throwing AuthenticationException if it is not.
 Subject DefaultSecurityManager.login(Subject subject, AuthenticationToken token)
          First authenticates the AuthenticationToken argument, and if successful, constructs a Subject instance representing the authenticated account's identity.
protected  void DefaultSecurityManager.onFailedLogin(AuthenticationToken token, AuthenticationException ae, Subject subject)
           
 void RememberMeManager.onFailedLogin(Subject subject, AuthenticationToken token, AuthenticationException ae)
          Reacts to a failed authentication attempt, typically by forgetting any previously remembered principals for the Subject.
 void AbstractRememberMeManager.onFailedLogin(Subject subject, AuthenticationToken token, AuthenticationException ae)
          Reacts to a failed login by immediately forgetting any previously remembered identity.
protected  void DefaultSecurityManager.onSuccessfulLogin(AuthenticationToken token, AuthenticationInfo info, Subject subject)
           
 void RememberMeManager.onSuccessfulLogin(Subject subject, AuthenticationToken token, AuthenticationInfo info)
          Reacts to a successful authentication attempt, typically saving the principals to be retrieved ('remembered') for future system access.
 void AbstractRememberMeManager.onSuccessfulLogin(Subject subject, AuthenticationToken token, AuthenticationInfo info)
          Reacts to the successful login attempt by first always forgetting any previously stored identity.
 void AbstractRememberMeManager.rememberIdentity(Subject subject, AuthenticationToken token, AuthenticationInfo authcInfo)
          Remembers a subject-unique identity for retrieval later.
protected  void DefaultSecurityManager.rememberMeFailedLogin(AuthenticationToken token, AuthenticationException ex, Subject subject)
           
protected  void DefaultSecurityManager.rememberMeSuccessfulLogin(AuthenticationToken token, AuthenticationInfo info, Subject subject)
           
 

Uses of AuthenticationToken in org.apache.shiro.realm
 

Methods in org.apache.shiro.realm with parameters of type AuthenticationToken
protected  void AuthenticatingRealm.assertCredentialsMatch(AuthenticationToken token, AuthenticationInfo info)
          Asserts that the submitted AuthenticationToken's credentials match the stored account AuthenticationInfo's credentials, and if not, throws an AuthenticationException.
protected  AuthenticationInfo SimpleAccountRealm.doGetAuthenticationInfo(AuthenticationToken token)
           
protected abstract  AuthenticationInfo AuthenticatingRealm.doGetAuthenticationInfo(AuthenticationToken token)
          Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given authentication token.
protected  Object AuthenticatingRealm.getAuthenticationCacheKey(AuthenticationToken token)
          Returns the key under which AuthenticationInfo instances are cached if authentication caching is enabled.
 AuthenticationInfo Realm.getAuthenticationInfo(AuthenticationToken token)
          Returns an account's authentication-specific information for the specified token, or null if no account could be found based on the token.
 AuthenticationInfo AuthenticatingRealm.getAuthenticationInfo(AuthenticationToken token)
          This implementation functions as follows: It attempts to acquire any cached AuthenticationInfo corresponding to the specified AuthenticationToken argument.
protected  boolean AuthenticatingRealm.isAuthenticationCachingEnabled(AuthenticationToken token, AuthenticationInfo info)
          Returns true if authentication caching should be utilized based on the specified AuthenticationToken and/or AuthenticationInfo, false otherwise.
 boolean Realm.supports(AuthenticationToken token)
          Returns true if this realm wishes to authenticate the Subject represented by the given AuthenticationToken instance, false otherwise.
 boolean AuthenticatingRealm.supports(AuthenticationToken token)
          Convenience implementation that returns getAuthenticationTokenClass().isAssignableFrom( token.getClass() );.
 

Method parameters in org.apache.shiro.realm with type arguments of type AuthenticationToken
 void AuthenticatingRealm.setAuthenticationTokenClass(Class<? extends AuthenticationToken> authenticationTokenClass)
          Sets the authenticationToken class supported by this realm.
 

Uses of AuthenticationToken in org.apache.shiro.realm.activedirectory
 

Methods in org.apache.shiro.realm.activedirectory with parameters of type AuthenticationToken
protected  AuthenticationInfo ActiveDirectoryRealm.queryForAuthenticationInfo(AuthenticationToken token, LdapContextFactory ldapContextFactory)
          Builds an AuthenticationInfo object by querying the active directory LDAP context for the specified username.
 

Uses of AuthenticationToken in org.apache.shiro.realm.jdbc
 

Methods in org.apache.shiro.realm.jdbc with parameters of type AuthenticationToken
protected  AuthenticationInfo JdbcRealm.doGetAuthenticationInfo(AuthenticationToken token)
           
 

Uses of AuthenticationToken in org.apache.shiro.realm.ldap
 

Methods in org.apache.shiro.realm.ldap with parameters of type AuthenticationToken
protected  AuthenticationInfo JndiLdapRealm.createAuthenticationInfo(AuthenticationToken token, Object ldapPrincipal, Object ldapCredentials, LdapContext ldapContext)
          Returns the AuthenticationInfo resulting from a Subject's successful LDAP authentication attempt.
protected  AuthenticationInfo JndiLdapRealm.doGetAuthenticationInfo(AuthenticationToken token)
          Delegates to JndiLdapRealm.queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, LdapContextFactory), wrapping any NamingExceptions in a Shiro AuthenticationException to satisfy the parent method signature.
protected  AuthenticationInfo AbstractLdapRealm.doGetAuthenticationInfo(AuthenticationToken token)
           
protected  Object JndiLdapRealm.getLdapPrincipal(AuthenticationToken token)
          Returns the principal to use when creating the LDAP connection for an authentication attempt.
protected  AuthenticationInfo JndiLdapRealm.queryForAuthenticationInfo(AuthenticationToken token, LdapContextFactory ldapContextFactory)
          This implementation opens an LDAP connection using the token's discovered principal and provided credentials.
protected abstract  AuthenticationInfo AbstractLdapRealm.queryForAuthenticationInfo(AuthenticationToken token, LdapContextFactory ldapContextFactory)
          Abstract method that should be implemented by subclasses to builds an AuthenticationInfo object by querying the LDAP context for the specified username.
 

Uses of AuthenticationToken in org.apache.shiro.subject
 

Methods in org.apache.shiro.subject that return AuthenticationToken
 AuthenticationToken SubjectContext.getAuthenticationToken()
           
 

Methods in org.apache.shiro.subject with parameters of type AuthenticationToken
 void Subject.login(AuthenticationToken token)
          Performs a login attempt for this Subject/user.
 void SubjectContext.setAuthenticationToken(AuthenticationToken token)
           
 

Uses of AuthenticationToken in org.apache.shiro.subject.support
 

Methods in org.apache.shiro.subject.support that return AuthenticationToken
 AuthenticationToken DefaultSubjectContext.getAuthenticationToken()
           
 

Methods in org.apache.shiro.subject.support with parameters of type AuthenticationToken
 void DelegatingSubject.login(AuthenticationToken token)
           
 void DefaultSubjectContext.setAuthenticationToken(AuthenticationToken token)
           
 

Uses of AuthenticationToken in org.apache.shiro.web.filter.authc
 

Methods in org.apache.shiro.web.filter.authc that return AuthenticationToken
protected  AuthenticationToken FormAuthenticationFilter.createToken(ServletRequest request, ServletResponse response)
           
protected  AuthenticationToken BasicHttpAuthenticationFilter.createToken(ServletRequest request, ServletResponse response)
          Creates an AuthenticationToken for use during login attempt with the provided credentials in the http header.
protected abstract  AuthenticationToken AuthenticatingFilter.createToken(ServletRequest request, ServletResponse response)
           
protected  AuthenticationToken AuthenticatingFilter.createToken(String username, String password, boolean rememberMe, String host)
           
protected  AuthenticationToken AuthenticatingFilter.createToken(String username, String password, ServletRequest request, ServletResponse response)
           
 

Methods in org.apache.shiro.web.filter.authc with parameters of type AuthenticationToken
protected  boolean FormAuthenticationFilter.onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response)
           
protected  boolean AuthenticatingFilter.onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response)
           
protected  boolean FormAuthenticationFilter.onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response)
           
protected  boolean AuthenticatingFilter.onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response)
           
 



Copyright © 2004-2014 The Apache Software Foundation. All Rights Reserved.