[users]# user 'root' with password 'secret' and the 'admin' roleroot = secret,

1. [users]
2. # user 'root' with password 'secret' and the 'admin' role
3. root = secret, admin
4.  
5. # user 'Employee1' with the 'CommonUser' role
6. Employee1=passwd, CommonUser
7.  
8. # user 'Employee2' with the 'Developer' and 'HR' role
9. Employee2=passwd, Developer, HR
10.  
11. # -----------------------------------------------------------------------------
12.  
13. [roles]
14. # 'admin' role has all permissions, indicated by the wildcard '*'
15. admin = *
16. # The 'hr' role can do anything (*) with any management:
17. HR = management:*
18. # The 'Developer' role is allowed to 'access system' (action) the added (type) with 'develop software'
19. Developer = added:SystemAccess:DevelopSoftware
20.  
21. # -----------------------------------------------------------------------------
22.  
23. [main]
24. #ds = com.mysql.jdbc.Driver
25. #ds = com.mysql.jdbc.jdbc2.optional.MysqlDataSource
26. ds = org.sqlite.JDBC
27. @property
28. @syntesize
29. ds.databaseName = jdbc:sqlite:getClass().getClassLoader().getResourceAsStream(usersRoles.db)
30.  
31. jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
32. jdbcRealm.dataSource = $ds
33. jdbcRealm.permissionsLookupEnabled = true
34. jdbcRealm.authenticationQuery = "SELECT upasswd FROM UsersList WHERE uname = ?"
35. jdbcRealm.userRolesQuery = "SELECT urole FROM UsersList WHERE uname = ?"
36. jdbcRealm.permissionsQuery = "SELECT upermission FROM RolesPermission WHERE urole = ?"
37. #securityManager.realms = $jdbcRealm
38.  
39. package com.ldapconsole;
40.  
41. import java.io.BufferedReader;
42. import java.io.IOException;
43. import java.io.InputStreamReader;
44. import org.apache.shiro.SecurityUtils;
45. import org.apache.shiro.authc.AuthenticationException;
46. import org.apache.shiro.authc.UsernamePasswordToken;
47. import org.apache.shiro.config.IniSecurityManagerFactory;
48. import org.apache.shiro.mgt.DefaultSecurityManager;
49. import org.apache.shiro.mgt.SecurityManager;
50. import org.apache.shiro.realm.jdbc.JdbcRealm;
51. import org.apache.shiro.subject.Subject;
52. import org.apache.shiro.util.Factory;
53. import org.apache.log4j.Logger;
54.  
55. public class ConsoleLdapLogin {
56.  
57. private static Logger log=Logger.getLogger(ConsoleLdapLogin.class);
58. static String username="";
59. static String passwd="";
60.  
61. public static void main(String[] args){
62.  
63. /* BufferedReader br=new BufferedReader(new InputStreamReader(System.in));
64. try {
65. System.out.println("Enter the username: ");
66. username=br.readLine();
67. System.out.println("Enter the Password: ");
68. passwd=br.readLine();
69. */
70. shiroIntegration(username,passwd);
71.  
72. /* } catch (IOException e) {
73. log.info("IOException : "+e);
74. }
75. finally{
76. if (br != null) {
77. try {
78. br.close();
79. } catch (IOException e) {
80. log.info("IOException : "+e);
81. }
82. }
83. }*/
84. }
85.  
86. public static void shiroIntegration(String uname,String passwd)
87. {
88. Factory<SecurityManager> factory= new IniSecurityManagerFactory("classpath:shiro.ini");
89. SecurityManager securitymanager=factory.getInstance();
90. SecurityUtils.setSecurityManager(securitymanager);
91. Subject currentUser = SecurityUtils.getSubject();
92. /*ArrayList<String> roleIdentifiers = new ArrayList<String>(Arrays.asList("admin","CommonUser"));*/
93. if ( !currentUser.isAuthenticated() ) {
94. UsernamePasswordToken token = new UsernamePasswordToken(uname, passwd);
95. token.setRememberMe(true);
96. try {
97. currentUser.login(token);
98. log.info( "User " + currentUser.getPrincipal() + " logged in successfully." );
99. //currentUser.getClass().get
100. /*currentUser.checkRoles(roleIdentifiers);*/
101. if (currentUser.hasRole("admin")) {
102. log.info( "Logged in User " + currentUser.getPrincipal() + " is admin." );
103.  
104. } else if(currentUser.hasRole("CommonUser")) {
105. log.info( "Logged in User " + currentUser.getPrincipal() + " is CommonUser" );
106. }else{
107.  
108. // the key "jdbcRealm" must be the same in the shiro.ini file.
109. JdbcRealm realm = (JdbcRealm) ((IniSecurityManagerFactory) factory).getBeans().get("jdbcRealm");
110. //realm.setPermissionsLookupEnabled(true);
111.  
112. DefaultSecurityManager security = new DefaultSecurityManager(realm);
113. SecurityUtils.setSecurityManager(securitymanager);
114. Subject loginUser = SecurityUtils.getSubject();
115. if(loginUser.isAuthenticated()){
116. UsernamePasswordToken logintoken = new UsernamePasswordToken("sroot", "sroot");
117. logintoken.setRememberMe(true);
118. loginUser.login(logintoken);
119. log.info("login into SQLite user successfully...");
120. }
121.  
122. //realm.getAuthorizationInfo(SecurityUtils.getSubject().getPrincipals()).getStringPermissions();
123. }
124. } catch (AuthenticationException e) {
125. log.info("AuthenticationException : "+e.getMessage());
126. }
127. }
128. }
129.  
130. /*** Autenticates a user **/
131. /*public static Subject authenticate(String username, String pass) {
132.  
133. final String ROLES_QUERY = "SELECT access_designation FROM access_level,users WHERE access_level.id=users.access_level_id and users.username = ?" ;
134. Subject currentUser = null;
135. try {
136.  
137. Factory<org.apache.shiro.mgt.SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
138. org.apache.shiro.mgt.SecurityManager securityManager = factory.getInstance();
139. // the key "jdbcRealm" must be the same in the shiro.ini file.
140.  
141. JdbcRealm realm = (JdbcRealm) ((IniSecurityManagerFactory) factory).getBeans().get("jdbcRealm");
142. realm.setAuthenticationQuery(AUTHENTICATION_QUERY);
143. realm.setUserRolesQuery(ROLES_QUERY);
144.  
145. SecurityUtils.setSecurityManager(securityManager);
146.  
147. currentUser = SecurityUtils.getSubject();
148.  
149. UsernamePasswordToken token = new UsernamePasswordToken(username, pass);
150.  
151. currentUser.login(token);
152.  
153. } catch (Exception e) {
154. e.printStackTrace();
155. }
156. return currentUser;
157.  
158. }*/
159.  
160.  
161. }