Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [users]
- # user 'root' with password 'secret' and the 'admin' role
- root = secret, admin
- # user 'Employee1' with the 'CommonUser' role
- Employee1=passwd, CommonUser
- # user 'Employee2' with the 'Developer' and 'HR' role
- Employee2=passwd, Developer, HR
- # -----------------------------------------------------------------------------
- [roles]
- # 'admin' role has all permissions, indicated by the wildcard '*'
- admin = *
- # The 'hr' role can do anything (*) with any management:
- HR = management:*
- # The 'Developer' role is allowed to 'access system' (action) the added (type) with 'develop software'
- Developer = added:SystemAccess:DevelopSoftware
- # -----------------------------------------------------------------------------
- [main]
- #ds = com.mysql.jdbc.Driver
- #ds = com.mysql.jdbc.jdbc2.optional.MysqlDataSource
- ds = org.sqlite.JDBC
- @property
- @syntesize
- ds.databaseName = jdbc:sqlite:getClass().getClassLoader().getResourceAsStream(usersRoles.db)
- jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
- jdbcRealm.dataSource = $ds
- jdbcRealm.permissionsLookupEnabled = true
- jdbcRealm.authenticationQuery = "SELECT upasswd FROM UsersList WHERE uname = ?"
- jdbcRealm.userRolesQuery = "SELECT urole FROM UsersList WHERE uname = ?"
- jdbcRealm.permissionsQuery = "SELECT upermission FROM RolesPermission WHERE urole = ?"
- #securityManager.realms = $jdbcRealm
- package com.ldapconsole;
- import java.io.BufferedReader;
- import java.io.IOException;
- import java.io.InputStreamReader;
- import org.apache.shiro.SecurityUtils;
- import org.apache.shiro.authc.AuthenticationException;
- import org.apache.shiro.authc.UsernamePasswordToken;
- import org.apache.shiro.config.IniSecurityManagerFactory;
- import org.apache.shiro.mgt.DefaultSecurityManager;
- import org.apache.shiro.mgt.SecurityManager;
- import org.apache.shiro.realm.jdbc.JdbcRealm;
- import org.apache.shiro.subject.Subject;
- import org.apache.shiro.util.Factory;
- import org.apache.log4j.Logger;
- public class ConsoleLdapLogin {
- private static Logger log=Logger.getLogger(ConsoleLdapLogin.class);
- static String username="";
- static String passwd="";
- public static void main(String[] args){
- /* BufferedReader br=new BufferedReader(new InputStreamReader(System.in));
- try {
- System.out.println("Enter the username: ");
- username=br.readLine();
- System.out.println("Enter the Password: ");
- passwd=br.readLine();
- */
- shiroIntegration(username,passwd);
- /* } catch (IOException e) {
- log.info("IOException : "+e);
- }
- finally{
- if (br != null) {
- try {
- br.close();
- } catch (IOException e) {
- log.info("IOException : "+e);
- }
- }
- }*/
- }
- public static void shiroIntegration(String uname,String passwd)
- {
- Factory<SecurityManager> factory= new IniSecurityManagerFactory("classpath:shiro.ini");
- SecurityManager securitymanager=factory.getInstance();
- SecurityUtils.setSecurityManager(securitymanager);
- Subject currentUser = SecurityUtils.getSubject();
- /*ArrayList<String> roleIdentifiers = new ArrayList<String>(Arrays.asList("admin","CommonUser"));*/
- if ( !currentUser.isAuthenticated() ) {
- UsernamePasswordToken token = new UsernamePasswordToken(uname, passwd);
- token.setRememberMe(true);
- try {
- currentUser.login(token);
- log.info( "User " + currentUser.getPrincipal() + " logged in successfully." );
- //currentUser.getClass().get
- /*currentUser.checkRoles(roleIdentifiers);*/
- if (currentUser.hasRole("admin")) {
- log.info( "Logged in User " + currentUser.getPrincipal() + " is admin." );
- } else if(currentUser.hasRole("CommonUser")) {
- log.info( "Logged in User " + currentUser.getPrincipal() + " is CommonUser" );
- }else{
- // the key "jdbcRealm" must be the same in the shiro.ini file.
- JdbcRealm realm = (JdbcRealm) ((IniSecurityManagerFactory) factory).getBeans().get("jdbcRealm");
- //realm.setPermissionsLookupEnabled(true);
- DefaultSecurityManager security = new DefaultSecurityManager(realm);
- SecurityUtils.setSecurityManager(securitymanager);
- Subject loginUser = SecurityUtils.getSubject();
- if(loginUser.isAuthenticated()){
- UsernamePasswordToken logintoken = new UsernamePasswordToken("sroot", "sroot");
- logintoken.setRememberMe(true);
- loginUser.login(logintoken);
- log.info("login into SQLite user successfully...");
- }
- //realm.getAuthorizationInfo(SecurityUtils.getSubject().getPrincipals()).getStringPermissions();
- }
- } catch (AuthenticationException e) {
- log.info("AuthenticationException : "+e.getMessage());
- }
- }
- }
- /*** Autenticates a user **/
- /*public static Subject authenticate(String username, String pass) {
- final String ROLES_QUERY = "SELECT access_designation FROM access_level,users WHERE access_level.id=users.access_level_id and users.username = ?" ;
- Subject currentUser = null;
- try {
- Factory<org.apache.shiro.mgt.SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
- org.apache.shiro.mgt.SecurityManager securityManager = factory.getInstance();
- // the key "jdbcRealm" must be the same in the shiro.ini file.
- JdbcRealm realm = (JdbcRealm) ((IniSecurityManagerFactory) factory).getBeans().get("jdbcRealm");
- realm.setAuthenticationQuery(AUTHENTICATION_QUERY);
- realm.setUserRolesQuery(ROLES_QUERY);
- SecurityUtils.setSecurityManager(securityManager);
- currentUser = SecurityUtils.getSubject();
- UsernamePasswordToken token = new UsernamePasswordToken(username, pass);
- currentUser.login(token);
- } catch (Exception e) {
- e.printStackTrace();
- }
- return currentUser;
- }*/
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement