On Wed, Dec 28, 2011 at 11:01 PM, csckid <testnowsh...@gmail.com> wrote: > I am stuck with authenticating user from database table. > In this function doGetAuthenticationInfo() don't we need to set the Subject? > What is the purpose of SimpleAuthenticationInfo?
No better source for answers than [Shiro's javadoc][1]. doGetAuthenticationInfo() returns an AuthenticationInfo. A SimpleAuthenticationInfo is an implementation of AuthenticationInfo. [Subject][2] "represents state and security operations for a single application user" as the javadoc states, so no, we don't set the subject here, but the framework repeatedly sets it up for each request. The purpose of the (Simple)[AuthenticationInfo][3] is to represent "a Subject's (aka user's) stored account information relevant to the authentication/log-in process only". The realm's responsibility is to create an AuthenticationInfo (if the user is found) and the CredentialsMatcher then compares the AuthenticationToken to AuthenticationInfo to detemine whether the given credentials are valid or not. You don't explain how you "are stuck", but assuming your findByUsername() returns an appropriate UserAccount, you probably don't have the right CredentialsMatcher configured. Perhaps you need to [set a HashedCredentialsMatcher to your realm][4]. [1]: http://shiro.apache.org/static/current/apidocs/org/apache/shiro/realm/AuthenticatingRealm.html [2]: http://shiro.apache.org/static/current/apidocs/org/apache/shiro/subject/Subject.html [3]: http://shiro.apache.org/static/current/apidocs/org/apache/shiro/authc/AuthenticationInfo.html [4]: http://shiro.apache.org/static/current/apidocs/org/apache/shiro/realm/AuthenticatingRealm.html#setCredentialsMatcher%28org.apache.shiro.authc.credential.CredentialsMatcher%29 Kalle --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
