Google Git
Sign in
apache / shiro-site / 01016f43374d9b054f3ea1e568b015d5d69428f9 / . / src / site / assets / static / 1.6.0 / apidocs / src-html / org / apache / shiro / authc / UsernamePasswordToken.html
blob: 6c0b278d65f837727e3ff7fb42dec2dd46fc7d5f [file] [log] [blame]
<!DOCTYPE HTML>
<html lang="en">
<head>
<title>Source code</title>
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style">
</head>
<body>
<main role="main">
<div class="sourceContainer">
<pre><span class="sourceLineNo">001</span><a id="line.1">/*</a>
<span class="sourceLineNo">002</span><a id="line.2"> * Licensed to the Apache Software Foundation (ASF) under one</a>
<span class="sourceLineNo">003</span><a id="line.3"> * or more contributor license agreements. See the NOTICE file</a>
<span class="sourceLineNo">004</span><a id="line.4"> * distributed with this work for additional information</a>
<span class="sourceLineNo">005</span><a id="line.5"> * regarding copyright ownership. The ASF licenses this file</a>
<span class="sourceLineNo">006</span><a id="line.6"> * to you under the Apache License, Version 2.0 (the</a>
<span class="sourceLineNo">007</span><a id="line.7"> * "License"); you may not use this file except in compliance</a>
<span class="sourceLineNo">008</span><a id="line.8"> * with the License. You may obtain a copy of the License at</a>
<span class="sourceLineNo">009</span><a id="line.9"> *</a>
<span class="sourceLineNo">010</span><a id="line.10"> * http://www.apache.org/licenses/LICENSE-2.0</a>
<span class="sourceLineNo">011</span><a id="line.11"> *</a>
<span class="sourceLineNo">012</span><a id="line.12"> * Unless required by applicable law or agreed to in writing,</a>
<span class="sourceLineNo">013</span><a id="line.13"> * software distributed under the License is distributed on an</a>
<span class="sourceLineNo">014</span><a id="line.14"> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</a>
<span class="sourceLineNo">015</span><a id="line.15"> * KIND, either express or implied. See the License for the</a>
<span class="sourceLineNo">016</span><a id="line.16"> * specific language governing permissions and limitations</a>
<span class="sourceLineNo">017</span><a id="line.17"> * under the License.</a>
<span class="sourceLineNo">018</span><a id="line.18"> */</a>
<span class="sourceLineNo">019</span><a id="line.19">package org.apache.shiro.authc;</a>
<span class="sourceLineNo">020</span><a id="line.20"></a>
<span class="sourceLineNo">021</span><a id="line.21">/**</a>
<span class="sourceLineNo">022</span><a id="line.22"> * &lt;p&gt;A simple username/password authentication token to support the most widely-used authentication mechanism. This</a>
<span class="sourceLineNo">023</span><a id="line.23"> * class also implements the {@link RememberMeAuthenticationToken RememberMeAuthenticationToken} interface to support</a>
<span class="sourceLineNo">024</span><a id="line.24"> * &amp;quot;Remember Me&amp;quot; services across user sessions as well as the</a>
<span class="sourceLineNo">025</span><a id="line.25"> * {@link org.apache.shiro.authc.HostAuthenticationToken HostAuthenticationToken} interface to retain the host name</a>
<span class="sourceLineNo">026</span><a id="line.26"> * or IP address location from where the authentication attempt is occurring.&lt;/p&gt;</a>
<span class="sourceLineNo">027</span><a id="line.27"> * &lt;p/&gt;</a>
<span class="sourceLineNo">028</span><a id="line.28"> * &lt;p&gt;&amp;quot;Remember Me&amp;quot; authentications are disabled by default, but if the application developer wishes to allow</a>
<span class="sourceLineNo">029</span><a id="line.29"> * it for a login attempt, all that is necessary is to call {@link #setRememberMe setRememberMe(true)}. If the underlying</a>
<span class="sourceLineNo">030</span><a id="line.30"> * &lt;tt&gt;SecurityManager&lt;/tt&gt; implementation also supports &lt;tt&gt;RememberMe&lt;/tt&gt; services, the user's identity will be</a>
<span class="sourceLineNo">031</span><a id="line.31"> * remembered across sessions.</a>
<span class="sourceLineNo">032</span><a id="line.32"> * &lt;p/&gt;</a>
<span class="sourceLineNo">033</span><a id="line.33"> * &lt;p&gt;Note that this class stores a password as a char[] instead of a String</a>
<span class="sourceLineNo">034</span><a id="line.34"> * (which may seem more logical). This is because Strings are immutable and their</a>
<span class="sourceLineNo">035</span><a id="line.35"> * internal value cannot be overwritten - meaning even a nulled String instance might be accessible in memory at a later</a>
<span class="sourceLineNo">036</span><a id="line.36"> * time (e.g. memory dump). This is not good for sensitive information such as passwords. For more information, see the</a>
<span class="sourceLineNo">037</span><a id="line.37"> * &lt;a href="http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide.html#PBEEx"&gt;</a>
<span class="sourceLineNo">038</span><a id="line.38"> * Java Cryptography Extension Reference Guide&lt;/a&gt;.&lt;/p&gt;</a>
<span class="sourceLineNo">039</span><a id="line.39"> * &lt;p/&gt;</a>
<span class="sourceLineNo">040</span><a id="line.40"> * &lt;p&gt;To avoid this possibility of later memory access, the application developer should always call</a>
<span class="sourceLineNo">041</span><a id="line.41"> * {@link #clear() clear()} after using the token to perform a login attempt.&lt;/p&gt;</a>
<span class="sourceLineNo">042</span><a id="line.42"> *</a>
<span class="sourceLineNo">043</span><a id="line.43"> * @since 0.1</a>
<span class="sourceLineNo">044</span><a id="line.44"> */</a>
<span class="sourceLineNo">045</span><a id="line.45">public class UsernamePasswordToken implements HostAuthenticationToken, RememberMeAuthenticationToken {</a>
<span class="sourceLineNo">046</span><a id="line.46"></a>
<span class="sourceLineNo">047</span><a id="line.47"> /*--------------------------------------------</a>
<span class="sourceLineNo">048</span><a id="line.48"> | C O N S T A N T S |</a>
<span class="sourceLineNo">049</span><a id="line.49"> ============================================*/</a>
<span class="sourceLineNo">050</span><a id="line.50"></a>
<span class="sourceLineNo">051</span><a id="line.51"> /*--------------------------------------------</a>
<span class="sourceLineNo">052</span><a id="line.52"> | I N S T A N C E V A R I A B L E S |</a>
<span class="sourceLineNo">053</span><a id="line.53"> ============================================*/</a>
<span class="sourceLineNo">054</span><a id="line.54"> /**</a>
<span class="sourceLineNo">055</span><a id="line.55"> * The username</a>
<span class="sourceLineNo">056</span><a id="line.56"> */</a>
<span class="sourceLineNo">057</span><a id="line.57"> private String username;</a>
<span class="sourceLineNo">058</span><a id="line.58"></a>
<span class="sourceLineNo">059</span><a id="line.59"> /**</a>
<span class="sourceLineNo">060</span><a id="line.60"> * The password, in char[] format</a>
<span class="sourceLineNo">061</span><a id="line.61"> */</a>
<span class="sourceLineNo">062</span><a id="line.62"> private char[] password;</a>
<span class="sourceLineNo">063</span><a id="line.63"></a>
<span class="sourceLineNo">064</span><a id="line.64"> /**</a>
<span class="sourceLineNo">065</span><a id="line.65"> * Whether or not 'rememberMe' should be enabled for the corresponding login attempt;</a>
<span class="sourceLineNo">066</span><a id="line.66"> * default is &lt;code&gt;false&lt;/code&gt;</a>
<span class="sourceLineNo">067</span><a id="line.67"> */</a>
<span class="sourceLineNo">068</span><a id="line.68"> private boolean rememberMe = false;</a>
<span class="sourceLineNo">069</span><a id="line.69"></a>
<span class="sourceLineNo">070</span><a id="line.70"> /**</a>
<span class="sourceLineNo">071</span><a id="line.71"> * The location from where the login attempt occurs, or &lt;code&gt;null&lt;/code&gt; if not known or explicitly</a>
<span class="sourceLineNo">072</span><a id="line.72"> * omitted.</a>
<span class="sourceLineNo">073</span><a id="line.73"> */</a>
<span class="sourceLineNo">074</span><a id="line.74"> private String host;</a>
<span class="sourceLineNo">075</span><a id="line.75"></a>
<span class="sourceLineNo">076</span><a id="line.76"> /*--------------------------------------------</a>
<span class="sourceLineNo">077</span><a id="line.77"> | C O N S T R U C T O R S |</a>
<span class="sourceLineNo">078</span><a id="line.78"> ============================================*/</a>
<span class="sourceLineNo">079</span><a id="line.79"></a>
<span class="sourceLineNo">080</span><a id="line.80"> /**</a>
<span class="sourceLineNo">081</span><a id="line.81"> * JavaBeans compatible no-arg constructor.</a>
<span class="sourceLineNo">082</span><a id="line.82"> */</a>
<span class="sourceLineNo">083</span><a id="line.83"> public UsernamePasswordToken() {</a>
<span class="sourceLineNo">084</span><a id="line.84"> }</a>
<span class="sourceLineNo">085</span><a id="line.85"></a>
<span class="sourceLineNo">086</span><a id="line.86"> /**</a>
<span class="sourceLineNo">087</span><a id="line.87"> * Constructs a new UsernamePasswordToken encapsulating the username and password submitted</a>
<span class="sourceLineNo">088</span><a id="line.88"> * during an authentication attempt, with a &lt;tt&gt;null&lt;/tt&gt; {@link #getHost() host} and a</a>
<span class="sourceLineNo">089</span><a id="line.89"> * &lt;tt&gt;rememberMe&lt;/tt&gt; default of &lt;tt&gt;false&lt;/tt&gt;.</a>
<span class="sourceLineNo">090</span><a id="line.90"> *</a>
<span class="sourceLineNo">091</span><a id="line.91"> * @param username the username submitted for authentication</a>
<span class="sourceLineNo">092</span><a id="line.92"> * @param password the password character array submitted for authentication</a>
<span class="sourceLineNo">093</span><a id="line.93"> */</a>
<span class="sourceLineNo">094</span><a id="line.94"> public UsernamePasswordToken(final String username, final char[] password) {</a>
<span class="sourceLineNo">095</span><a id="line.95"> this(username, password, false, null);</a>
<span class="sourceLineNo">096</span><a id="line.96"> }</a>
<span class="sourceLineNo">097</span><a id="line.97"></a>
<span class="sourceLineNo">098</span><a id="line.98"> /**</a>
<span class="sourceLineNo">099</span><a id="line.99"> * Constructs a new UsernamePasswordToken encapsulating the username and password submitted</a>
<span class="sourceLineNo">100</span><a id="line.100"> * during an authentication attempt, with a &lt;tt&gt;null&lt;/tt&gt; {@link #getHost() host} and</a>
<span class="sourceLineNo">101</span><a id="line.101"> * a &lt;tt&gt;rememberMe&lt;/tt&gt; default of &lt;tt&gt;false&lt;/tt&gt;</a>
<span class="sourceLineNo">102</span><a id="line.102"> * &lt;p/&gt;</a>
<span class="sourceLineNo">103</span><a id="line.103"> * &lt;p&gt;This is a convenience constructor and maintains the password internally via a character</a>
<span class="sourceLineNo">104</span><a id="line.104"> * array, i.e. &lt;tt&gt;password.toCharArray();&lt;/tt&gt;. Note that storing a password as a String</a>
<span class="sourceLineNo">105</span><a id="line.105"> * in your code could have possible security implications as noted in the class JavaDoc.&lt;/p&gt;</a>
<span class="sourceLineNo">106</span><a id="line.106"> *</a>
<span class="sourceLineNo">107</span><a id="line.107"> * @param username the username submitted for authentication</a>
<span class="sourceLineNo">108</span><a id="line.108"> * @param password the password string submitted for authentication</a>
<span class="sourceLineNo">109</span><a id="line.109"> */</a>
<span class="sourceLineNo">110</span><a id="line.110"> public UsernamePasswordToken(final String username, final String password) {</a>
<span class="sourceLineNo">111</span><a id="line.111"> this(username, password != null ? password.toCharArray() : null, false, null);</a>
<span class="sourceLineNo">112</span><a id="line.112"> }</a>
<span class="sourceLineNo">113</span><a id="line.113"></a>
<span class="sourceLineNo">114</span><a id="line.114"> /**</a>
<span class="sourceLineNo">115</span><a id="line.115"> * Constructs a new UsernamePasswordToken encapsulating the username and password submitted, the</a>
<span class="sourceLineNo">116</span><a id="line.116"> * inetAddress from where the attempt is occurring, and a default &lt;tt&gt;rememberMe&lt;/tt&gt; value of &lt;tt&gt;false&lt;/tt&gt;</a>
<span class="sourceLineNo">117</span><a id="line.117"> *</a>
<span class="sourceLineNo">118</span><a id="line.118"> * @param username the username submitted for authentication</a>
<span class="sourceLineNo">119</span><a id="line.119"> * @param password the password string submitted for authentication</a>
<span class="sourceLineNo">120</span><a id="line.120"> * @param host the host name or IP string from where the attempt is occurring</a>
<span class="sourceLineNo">121</span><a id="line.121"> * @since 0.2</a>
<span class="sourceLineNo">122</span><a id="line.122"> */</a>
<span class="sourceLineNo">123</span><a id="line.123"> public UsernamePasswordToken(final String username, final char[] password, final String host) {</a>
<span class="sourceLineNo">124</span><a id="line.124"> this(username, password, false, host);</a>
<span class="sourceLineNo">125</span><a id="line.125"> }</a>
<span class="sourceLineNo">126</span><a id="line.126"></a>
<span class="sourceLineNo">127</span><a id="line.127"> /**</a>
<span class="sourceLineNo">128</span><a id="line.128"> * Constructs a new UsernamePasswordToken encapsulating the username and password submitted, the</a>
<span class="sourceLineNo">129</span><a id="line.129"> * inetAddress from where the attempt is occurring, and a default &lt;tt&gt;rememberMe&lt;/tt&gt; value of &lt;tt&gt;false&lt;/tt&gt;</a>
<span class="sourceLineNo">130</span><a id="line.130"> * &lt;p/&gt;</a>
<span class="sourceLineNo">131</span><a id="line.131"> * &lt;p&gt;This is a convenience constructor and maintains the password internally via a character</a>
<span class="sourceLineNo">132</span><a id="line.132"> * array, i.e. &lt;tt&gt;password.toCharArray();&lt;/tt&gt;. Note that storing a password as a String</a>
<span class="sourceLineNo">133</span><a id="line.133"> * in your code could have possible security implications as noted in the class JavaDoc.&lt;/p&gt;</a>
<span class="sourceLineNo">134</span><a id="line.134"> *</a>
<span class="sourceLineNo">135</span><a id="line.135"> * @param username the username submitted for authentication</a>
<span class="sourceLineNo">136</span><a id="line.136"> * @param password the password string submitted for authentication</a>
<span class="sourceLineNo">137</span><a id="line.137"> * @param host the host name or IP string from where the attempt is occurring</a>
<span class="sourceLineNo">138</span><a id="line.138"> * @since 1.0</a>
<span class="sourceLineNo">139</span><a id="line.139"> */</a>
<span class="sourceLineNo">140</span><a id="line.140"> public UsernamePasswordToken(final String username, final String password, final String host) {</a>
<span class="sourceLineNo">141</span><a id="line.141"> this(username, password != null ? password.toCharArray() : null, false, host);</a>
<span class="sourceLineNo">142</span><a id="line.142"> }</a>
<span class="sourceLineNo">143</span><a id="line.143"></a>
<span class="sourceLineNo">144</span><a id="line.144"> /**</a>
<span class="sourceLineNo">145</span><a id="line.145"> * Constructs a new UsernamePasswordToken encapsulating the username and password submitted, as well as if the user</a>
<span class="sourceLineNo">146</span><a id="line.146"> * wishes their identity to be remembered across sessions.</a>
<span class="sourceLineNo">147</span><a id="line.147"> *</a>
<span class="sourceLineNo">148</span><a id="line.148"> * @param username the username submitted for authentication</a>
<span class="sourceLineNo">149</span><a id="line.149"> * @param password the password string submitted for authentication</a>
<span class="sourceLineNo">150</span><a id="line.150"> * @param rememberMe if the user wishes their identity to be remembered across sessions</a>
<span class="sourceLineNo">151</span><a id="line.151"> * @since 0.9</a>
<span class="sourceLineNo">152</span><a id="line.152"> */</a>
<span class="sourceLineNo">153</span><a id="line.153"> public UsernamePasswordToken(final String username, final char[] password, final boolean rememberMe) {</a>
<span class="sourceLineNo">154</span><a id="line.154"> this(username, password, rememberMe, null);</a>
<span class="sourceLineNo">155</span><a id="line.155"> }</a>
<span class="sourceLineNo">156</span><a id="line.156"></a>
<span class="sourceLineNo">157</span><a id="line.157"> /**</a>
<span class="sourceLineNo">158</span><a id="line.158"> * Constructs a new UsernamePasswordToken encapsulating the username and password submitted, as well as if the user</a>
<span class="sourceLineNo">159</span><a id="line.159"> * wishes their identity to be remembered across sessions.</a>
<span class="sourceLineNo">160</span><a id="line.160"> * &lt;p/&gt;</a>
<span class="sourceLineNo">161</span><a id="line.161"> * &lt;p&gt;This is a convenience constructor and maintains the password internally via a character</a>
<span class="sourceLineNo">162</span><a id="line.162"> * array, i.e. &lt;tt&gt;password.toCharArray();&lt;/tt&gt;. Note that storing a password as a String</a>
<span class="sourceLineNo">163</span><a id="line.163"> * in your code could have possible security implications as noted in the class JavaDoc.&lt;/p&gt;</a>
<span class="sourceLineNo">164</span><a id="line.164"> *</a>
<span class="sourceLineNo">165</span><a id="line.165"> * @param username the username submitted for authentication</a>
<span class="sourceLineNo">166</span><a id="line.166"> * @param password the password string submitted for authentication</a>
<span class="sourceLineNo">167</span><a id="line.167"> * @param rememberMe if the user wishes their identity to be remembered across sessions</a>
<span class="sourceLineNo">168</span><a id="line.168"> * @since 0.9</a>
<span class="sourceLineNo">169</span><a id="line.169"> */</a>
<span class="sourceLineNo">170</span><a id="line.170"> public UsernamePasswordToken(final String username, final String password, final boolean rememberMe) {</a>
<span class="sourceLineNo">171</span><a id="line.171"> this(username, password != null ? password.toCharArray() : null, rememberMe, null);</a>
<span class="sourceLineNo">172</span><a id="line.172"> }</a>
<span class="sourceLineNo">173</span><a id="line.173"></a>
<span class="sourceLineNo">174</span><a id="line.174"> /**</a>
<span class="sourceLineNo">175</span><a id="line.175"> * Constructs a new UsernamePasswordToken encapsulating the username and password submitted, if the user</a>
<span class="sourceLineNo">176</span><a id="line.176"> * wishes their identity to be remembered across sessions, and the inetAddress from where the attempt is occurring.</a>
<span class="sourceLineNo">177</span><a id="line.177"> *</a>
<span class="sourceLineNo">178</span><a id="line.178"> * @param username the username submitted for authentication</a>
<span class="sourceLineNo">179</span><a id="line.179"> * @param password the password character array submitted for authentication</a>
<span class="sourceLineNo">180</span><a id="line.180"> * @param rememberMe if the user wishes their identity to be remembered across sessions</a>
<span class="sourceLineNo">181</span><a id="line.181"> * @param host the host name or IP string from where the attempt is occurring</a>
<span class="sourceLineNo">182</span><a id="line.182"> * @since 1.0</a>
<span class="sourceLineNo">183</span><a id="line.183"> */</a>
<span class="sourceLineNo">184</span><a id="line.184"> public UsernamePasswordToken(final String username, final char[] password,</a>
<span class="sourceLineNo">185</span><a id="line.185"> final boolean rememberMe, final String host) {</a>
<span class="sourceLineNo">186</span><a id="line.186"></a>
<span class="sourceLineNo">187</span><a id="line.187"> this.username = username;</a>
<span class="sourceLineNo">188</span><a id="line.188"> this.password = password;</a>
<span class="sourceLineNo">189</span><a id="line.189"> this.rememberMe = rememberMe;</a>
<span class="sourceLineNo">190</span><a id="line.190"> this.host = host;</a>
<span class="sourceLineNo">191</span><a id="line.191"> }</a>
<span class="sourceLineNo">192</span><a id="line.192"></a>
<span class="sourceLineNo">193</span><a id="line.193"></a>
<span class="sourceLineNo">194</span><a id="line.194"> /**</a>
<span class="sourceLineNo">195</span><a id="line.195"> * Constructs a new UsernamePasswordToken encapsulating the username and password submitted, if the user</a>
<span class="sourceLineNo">196</span><a id="line.196"> * wishes their identity to be remembered across sessions, and the inetAddress from where the attempt is occurring.</a>
<span class="sourceLineNo">197</span><a id="line.197"> * &lt;p/&gt;</a>
<span class="sourceLineNo">198</span><a id="line.198"> * &lt;p&gt;This is a convenience constructor and maintains the password internally via a character</a>
<span class="sourceLineNo">199</span><a id="line.199"> * array, i.e. &lt;tt&gt;password.toCharArray();&lt;/tt&gt;. Note that storing a password as a String</a>
<span class="sourceLineNo">200</span><a id="line.200"> * in your code could have possible security implications as noted in the class JavaDoc.&lt;/p&gt;</a>
<span class="sourceLineNo">201</span><a id="line.201"> *</a>
<span class="sourceLineNo">202</span><a id="line.202"> * @param username the username submitted for authentication</a>
<span class="sourceLineNo">203</span><a id="line.203"> * @param password the password string submitted for authentication</a>
<span class="sourceLineNo">204</span><a id="line.204"> * @param rememberMe if the user wishes their identity to be remembered across sessions</a>
<span class="sourceLineNo">205</span><a id="line.205"> * @param host the host name or IP string from where the attempt is occurring</a>
<span class="sourceLineNo">206</span><a id="line.206"> * @since 1.0</a>
<span class="sourceLineNo">207</span><a id="line.207"> */</a>
<span class="sourceLineNo">208</span><a id="line.208"> public UsernamePasswordToken(final String username, final String password,</a>
<span class="sourceLineNo">209</span><a id="line.209"> final boolean rememberMe, final String host) {</a>
<span class="sourceLineNo">210</span><a id="line.210"> this(username, password != null ? password.toCharArray() : null, rememberMe, host);</a>
<span class="sourceLineNo">211</span><a id="line.211"> }</a>
<span class="sourceLineNo">212</span><a id="line.212"></a>
<span class="sourceLineNo">213</span><a id="line.213"> /*--------------------------------------------</a>
<span class="sourceLineNo">214</span><a id="line.214"> | A C C E S S O R S / M O D I F I E R S |</a>
<span class="sourceLineNo">215</span><a id="line.215"> ============================================*/</a>
<span class="sourceLineNo">216</span><a id="line.216"></a>
<span class="sourceLineNo">217</span><a id="line.217"> /**</a>
<span class="sourceLineNo">218</span><a id="line.218"> * Returns the username submitted during an authentication attempt.</a>
<span class="sourceLineNo">219</span><a id="line.219"> *</a>
<span class="sourceLineNo">220</span><a id="line.220"> * @return the username submitted during an authentication attempt.</a>
<span class="sourceLineNo">221</span><a id="line.221"> */</a>
<span class="sourceLineNo">222</span><a id="line.222"> public String getUsername() {</a>
<span class="sourceLineNo">223</span><a id="line.223"> return username;</a>
<span class="sourceLineNo">224</span><a id="line.224"> }</a>
<span class="sourceLineNo">225</span><a id="line.225"></a>
<span class="sourceLineNo">226</span><a id="line.226"> /**</a>
<span class="sourceLineNo">227</span><a id="line.227"> * Sets the username for submission during an authentication attempt.</a>
<span class="sourceLineNo">228</span><a id="line.228"> *</a>
<span class="sourceLineNo">229</span><a id="line.229"> * @param username the username to be used for submission during an authentication attempt.</a>
<span class="sourceLineNo">230</span><a id="line.230"> */</a>
<span class="sourceLineNo">231</span><a id="line.231"> public void setUsername(String username) {</a>
<span class="sourceLineNo">232</span><a id="line.232"> this.username = username;</a>
<span class="sourceLineNo">233</span><a id="line.233"> }</a>
<span class="sourceLineNo">234</span><a id="line.234"></a>
<span class="sourceLineNo">235</span><a id="line.235"></a>
<span class="sourceLineNo">236</span><a id="line.236"> /**</a>
<span class="sourceLineNo">237</span><a id="line.237"> * Returns the password submitted during an authentication attempt as a character array.</a>
<span class="sourceLineNo">238</span><a id="line.238"> *</a>
<span class="sourceLineNo">239</span><a id="line.239"> * @return the password submitted during an authentication attempt as a character array.</a>
<span class="sourceLineNo">240</span><a id="line.240"> */</a>
<span class="sourceLineNo">241</span><a id="line.241"> public char[] getPassword() {</a>
<span class="sourceLineNo">242</span><a id="line.242"> return password;</a>
<span class="sourceLineNo">243</span><a id="line.243"> }</a>
<span class="sourceLineNo">244</span><a id="line.244"></a>
<span class="sourceLineNo">245</span><a id="line.245"> /**</a>
<span class="sourceLineNo">246</span><a id="line.246"> * Sets the password for submission during an authentication attempt.</a>
<span class="sourceLineNo">247</span><a id="line.247"> *</a>
<span class="sourceLineNo">248</span><a id="line.248"> * @param password the password to be used for submission during an authentication attempt.</a>
<span class="sourceLineNo">249</span><a id="line.249"> */</a>
<span class="sourceLineNo">250</span><a id="line.250"> public void setPassword(char[] password) {</a>
<span class="sourceLineNo">251</span><a id="line.251"> this.password = password;</a>
<span class="sourceLineNo">252</span><a id="line.252"> }</a>
<span class="sourceLineNo">253</span><a id="line.253"></a>
<span class="sourceLineNo">254</span><a id="line.254"> /**</a>
<span class="sourceLineNo">255</span><a id="line.255"> * Simply returns {@link #getUsername() getUsername()}.</a>
<span class="sourceLineNo">256</span><a id="line.256"> *</a>
<span class="sourceLineNo">257</span><a id="line.257"> * @return the {@link #getUsername() username}.</a>
<span class="sourceLineNo">258</span><a id="line.258"> * @see org.apache.shiro.authc.AuthenticationToken#getPrincipal()</a>
<span class="sourceLineNo">259</span><a id="line.259"> */</a>
<span class="sourceLineNo">260</span><a id="line.260"> public Object getPrincipal() {</a>
<span class="sourceLineNo">261</span><a id="line.261"> return getUsername();</a>
<span class="sourceLineNo">262</span><a id="line.262"> }</a>
<span class="sourceLineNo">263</span><a id="line.263"></a>
<span class="sourceLineNo">264</span><a id="line.264"> /**</a>
<span class="sourceLineNo">265</span><a id="line.265"> * Returns the {@link #getPassword() password} char array.</a>
<span class="sourceLineNo">266</span><a id="line.266"> *</a>
<span class="sourceLineNo">267</span><a id="line.267"> * @return the {@link #getPassword() password} char array.</a>
<span class="sourceLineNo">268</span><a id="line.268"> * @see org.apache.shiro.authc.AuthenticationToken#getCredentials()</a>
<span class="sourceLineNo">269</span><a id="line.269"> */</a>
<span class="sourceLineNo">270</span><a id="line.270"> public Object getCredentials() {</a>
<span class="sourceLineNo">271</span><a id="line.271"> return getPassword();</a>
<span class="sourceLineNo">272</span><a id="line.272"> }</a>
<span class="sourceLineNo">273</span><a id="line.273"></a>
<span class="sourceLineNo">274</span><a id="line.274"> /**</a>
<span class="sourceLineNo">275</span><a id="line.275"> * Returns the host name or IP string from where the authentication attempt occurs. May be &lt;tt&gt;null&lt;/tt&gt; if the</a>
<span class="sourceLineNo">276</span><a id="line.276"> * host name/IP is unknown or explicitly omitted. It is up to the Authenticator implementation processing this</a>
<span class="sourceLineNo">277</span><a id="line.277"> * token if an authentication attempt without a host is valid or not.</a>
<span class="sourceLineNo">278</span><a id="line.278"> * &lt;p/&gt;</a>
<span class="sourceLineNo">279</span><a id="line.279"> * &lt;p&gt;(Shiro's default Authenticator allows &lt;tt&gt;null&lt;/tt&gt; hosts to support localhost and proxy server environments).&lt;/p&gt;</a>
<span class="sourceLineNo">280</span><a id="line.280"> *</a>
<span class="sourceLineNo">281</span><a id="line.281"> * @return the host from where the authentication attempt occurs, or &lt;tt&gt;null&lt;/tt&gt; if it is unknown or</a>
<span class="sourceLineNo">282</span><a id="line.282"> * explicitly omitted.</a>
<span class="sourceLineNo">283</span><a id="line.283"> * @since 1.0</a>
<span class="sourceLineNo">284</span><a id="line.284"> */</a>
<span class="sourceLineNo">285</span><a id="line.285"> public String getHost() {</a>
<span class="sourceLineNo">286</span><a id="line.286"> return host;</a>
<span class="sourceLineNo">287</span><a id="line.287"> }</a>
<span class="sourceLineNo">288</span><a id="line.288"></a>
<span class="sourceLineNo">289</span><a id="line.289"> /**</a>
<span class="sourceLineNo">290</span><a id="line.290"> * Sets the host name or IP string from where the authentication attempt occurs. It is up to the Authenticator</a>
<span class="sourceLineNo">291</span><a id="line.291"> * implementation processing this token if an authentication attempt without a host is valid or not.</a>
<span class="sourceLineNo">292</span><a id="line.292"> * &lt;p/&gt;</a>
<span class="sourceLineNo">293</span><a id="line.293"> * &lt;p&gt;(Shiro's default Authenticator</a>
<span class="sourceLineNo">294</span><a id="line.294"> * allows &lt;tt&gt;null&lt;/tt&gt; hosts to allow localhost and proxy server environments).&lt;/p&gt;</a>
<span class="sourceLineNo">295</span><a id="line.295"> *</a>
<span class="sourceLineNo">296</span><a id="line.296"> * @param host the host name or IP string from where the attempt is occurring</a>
<span class="sourceLineNo">297</span><a id="line.297"> * @since 1.0</a>
<span class="sourceLineNo">298</span><a id="line.298"> */</a>
<span class="sourceLineNo">299</span><a id="line.299"> public void setHost(String host) {</a>
<span class="sourceLineNo">300</span><a id="line.300"> this.host = host;</a>
<span class="sourceLineNo">301</span><a id="line.301"> }</a>
<span class="sourceLineNo">302</span><a id="line.302"></a>
<span class="sourceLineNo">303</span><a id="line.303"> /**</a>
<span class="sourceLineNo">304</span><a id="line.304"> * Returns &lt;tt&gt;true&lt;/tt&gt; if the submitting user wishes their identity (principal(s)) to be remembered</a>
<span class="sourceLineNo">305</span><a id="line.305"> * across sessions, &lt;tt&gt;false&lt;/tt&gt; otherwise. Unless overridden, this value is &lt;tt&gt;false&lt;/tt&gt; by default.</a>
<span class="sourceLineNo">306</span><a id="line.306"> *</a>
<span class="sourceLineNo">307</span><a id="line.307"> * @return &lt;tt&gt;true&lt;/tt&gt; if the submitting user wishes their identity (principal(s)) to be remembered</a>
<span class="sourceLineNo">308</span><a id="line.308"> * across sessions, &lt;tt&gt;false&lt;/tt&gt; otherwise (&lt;tt&gt;false&lt;/tt&gt; by default).</a>
<span class="sourceLineNo">309</span><a id="line.309"> * @since 0.9</a>
<span class="sourceLineNo">310</span><a id="line.310"> */</a>
<span class="sourceLineNo">311</span><a id="line.311"> public boolean isRememberMe() {</a>
<span class="sourceLineNo">312</span><a id="line.312"> return rememberMe;</a>
<span class="sourceLineNo">313</span><a id="line.313"> }</a>
<span class="sourceLineNo">314</span><a id="line.314"></a>
<span class="sourceLineNo">315</span><a id="line.315"> /**</a>
<span class="sourceLineNo">316</span><a id="line.316"> * Sets if the submitting user wishes their identity (principal(s)) to be remembered across sessions. Unless</a>
<span class="sourceLineNo">317</span><a id="line.317"> * overridden, the default value is &lt;tt&gt;false&lt;/tt&gt;, indicating &lt;em&gt;not&lt;/em&gt; to be remembered across sessions.</a>
<span class="sourceLineNo">318</span><a id="line.318"> *</a>
<span class="sourceLineNo">319</span><a id="line.319"> * @param rememberMe value indicating if the user wishes their identity (principal(s)) to be remembered across</a>
<span class="sourceLineNo">320</span><a id="line.320"> * sessions.</a>
<span class="sourceLineNo">321</span><a id="line.321"> * @since 0.9</a>
<span class="sourceLineNo">322</span><a id="line.322"> */</a>
<span class="sourceLineNo">323</span><a id="line.323"> public void setRememberMe(boolean rememberMe) {</a>
<span class="sourceLineNo">324</span><a id="line.324"> this.rememberMe = rememberMe;</a>
<span class="sourceLineNo">325</span><a id="line.325"> }</a>
<span class="sourceLineNo">326</span><a id="line.326"></a>
<span class="sourceLineNo">327</span><a id="line.327"> /*--------------------------------------------</a>
<span class="sourceLineNo">328</span><a id="line.328"> | M E T H O D S |</a>
<span class="sourceLineNo">329</span><a id="line.329"> ============================================*/</a>
<span class="sourceLineNo">330</span><a id="line.330"></a>
<span class="sourceLineNo">331</span><a id="line.331"> /**</a>
<span class="sourceLineNo">332</span><a id="line.332"> * Clears out (nulls) the username, password, rememberMe, and inetAddress. The password bytes are explicitly set to</a>
<span class="sourceLineNo">333</span><a id="line.333"> * &lt;tt&gt;0x00&lt;/tt&gt; before nulling to eliminate the possibility of memory access at a later time.</a>
<span class="sourceLineNo">334</span><a id="line.334"> */</a>
<span class="sourceLineNo">335</span><a id="line.335"> public void clear() {</a>
<span class="sourceLineNo">336</span><a id="line.336"> this.username = null;</a>
<span class="sourceLineNo">337</span><a id="line.337"> this.host = null;</a>
<span class="sourceLineNo">338</span><a id="line.338"> this.rememberMe = false;</a>
<span class="sourceLineNo">339</span><a id="line.339"></a>
<span class="sourceLineNo">340</span><a id="line.340"> if (this.password != null) {</a>
<span class="sourceLineNo">341</span><a id="line.341"> for (int i = 0; i &lt; password.length; i++) {</a>
<span class="sourceLineNo">342</span><a id="line.342"> this.password[i] = 0x00;</a>
<span class="sourceLineNo">343</span><a id="line.343"> }</a>
<span class="sourceLineNo">344</span><a id="line.344"> this.password = null;</a>
<span class="sourceLineNo">345</span><a id="line.345"> }</a>
<span class="sourceLineNo">346</span><a id="line.346"></a>
<span class="sourceLineNo">347</span><a id="line.347"> }</a>
<span class="sourceLineNo">348</span><a id="line.348"></a>
<span class="sourceLineNo">349</span><a id="line.349"> /**</a>
<span class="sourceLineNo">350</span><a id="line.350"> * Returns the String representation. It does not include the password in the resulting</a>
<span class="sourceLineNo">351</span><a id="line.351"> * string for security reasons to prevent accidentally printing out a password</a>
<span class="sourceLineNo">352</span><a id="line.352"> * that might be widely viewable).</a>
<span class="sourceLineNo">353</span><a id="line.353"> *</a>
<span class="sourceLineNo">354</span><a id="line.354"> * @return the String representation of the &lt;tt&gt;UsernamePasswordToken&lt;/tt&gt;, omitting</a>
<span class="sourceLineNo">355</span><a id="line.355"> * the password.</a>
<span class="sourceLineNo">356</span><a id="line.356"> */</a>
<span class="sourceLineNo">357</span><a id="line.357"> public String toString() {</a>
<span class="sourceLineNo">358</span><a id="line.358"> StringBuilder sb = new StringBuilder();</a>
<span class="sourceLineNo">359</span><a id="line.359"> sb.append(getClass().getName());</a>
<span class="sourceLineNo">360</span><a id="line.360"> sb.append(" - ");</a>
<span class="sourceLineNo">361</span><a id="line.361"> sb.append(username);</a>
<span class="sourceLineNo">362</span><a id="line.362"> sb.append(", rememberMe=").append(rememberMe);</a>
<span class="sourceLineNo">363</span><a id="line.363"> if (host != null) {</a>
<span class="sourceLineNo">364</span><a id="line.364"> sb.append(" (").append(host).append(")");</a>
<span class="sourceLineNo">365</span><a id="line.365"> }</a>
<span class="sourceLineNo">366</span><a id="line.366"> return sb.toString();</a>
<span class="sourceLineNo">367</span><a id="line.367"> }</a>
<span class="sourceLineNo">368</span><a id="line.368"></a>
<span class="sourceLineNo">369</span><a id="line.369">}</a>
</pre>
</div>
</main>
</body>
</html>