我的webapp遇到org.apache.shiro.authc.usernamepasswordtoken错误。我的webapp使用shiro领域和hibernate作为api。我真的不知道它突然无法验证用户和运行无法解密的问题。
这是主要的身份验证方法
> > public class MyRealm extends AuthorizingRealm implements Serializable {
private static final long serialVersionUID = 1691441359349573797L;
private static final SysManager sysManager = BeanFactory.getBeanFactory().getSysManager(SysManager.class);
//1.Self Custom Authentication¼‰
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException
{
//UsernamePasswordToken token = new UsernamePasswordToken();
UsernamePasswordToken token = (UsernamePasswordToken)arg0;
token. setRememberMe(true); //remember me, newly added 2020-12-29, for Authc error
//get (Password using String type)
String username = token.getUsername();
//String username = token.getPrincipal().toString(); //newly added 2020-12-29
//String password = new String( token.getPassword() );
//Subject currentUser = SecurityUtils.getSubject(); //newly added 2020-12-29
//currentUser.login(token);
/*try //added on 2020-12-31
{
token. setRememberMe(true); //remember me, newly added 2020-12-29, for Authc error
Subject currentUser = SecurityUtils.getSubject(); //newly added 2020-12-29
currentUser.login(token);
}
catch (AuthenticationException ae)
{
if (null==username)
{
return null;
}
else
{
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo();
return info;
}
}*/
if ( "".equals(username) )
{
throw new UnknownAccountException("Account Not Found");
}
STFTBL stfTbl = sysManager.getStfTbl(username);
if ( stfTbl == null )
{
//return null;
throw new UnknownAccountException("Table Not Found");
}
return new SimpleAuthenticationInfo(stfTbl, stfTbl.getStfPwd() , getName() );
}
//2. fill permissions into AuthorizationInfo
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
List<CTLTBL> list = null;
//arg0.getPrimaryPrincipal(): SimpleAuthenticationInfo's first param!
Object principal = arg0.getPrimaryPrincipal();
STFTBL stfTbl = (STFTBL) principal;
//SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(user.getRoles());
try {
HibernateUtils.beginTransaction();
list = sysManager.getCtltbl();
HibernateUtils.commitSession();
} catch (Exception e) {
HibernateUtils.rollBack();
e.printStackTrace();
}
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.addRole( stfTbl.getStfDpt().getDptCde() );
info.addRole( stfTbl.getStfShf() );
for ( int i = 0; i < list.size(); i++ ) {
info.addStringPermission( list.get(i).getCtlCde()+list.get(i).getCtlSts() );
//System.out.println( list.get(i).getCtlCde()+list.get(i).getCtlSts() );
}
//info.addper
return info;
}
}这是重试限制
> > public class RetryLimitHashedCredentialsMatcher extends SimpleCredentialsMatcher {
//private static final Logger log = LoggerFactory.getLogger(RetryLimitHashedCredentialsMatcher.class);
//集群ä¸å�¯èƒ½ä¼šå¯¼è‡´å‡ºçŽ°éªŒè¯�多过5æ¬¡çš„çŽ°è±¡ï¼Œå› ä¸ºAtomicIntegerå�ªèƒ½ä¿�è¯�å�•èŠ‚点并å�‘
private Cache<String, AtomicInteger> lgoinRetryCache;
@SuppressWarnings("unused")
private int maxRetryCount = 5; //added 2020-12-31
private String lgoinRetryCacheName;
public void setMaxRetryCount(int maxRetryCount) {
this.maxRetryCount = maxRetryCount;
}
public RetryLimitHashedCredentialsMatcher() {
super();
}
public RetryLimitHashedCredentialsMatcher(CacheManager cacheManager) {
//passwordRetryCache = cacheManager.getCache("passwordRetryCache");
super();
lgoinRetryCache = cacheManager.getCache(lgoinRetryCacheName);
}
public RetryLimitHashedCredentialsMatcher(CacheManager cacheManager,String lgoinRetryCacheName) {
this.lgoinRetryCacheName = lgoinRetryCacheName;
lgoinRetryCache = cacheManager.getCache(lgoinRetryCacheName);
}
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
String username = (String) token.getPrincipal();
//retry count + 1
AtomicInteger retryCount = lgoinRetryCache.get(username);
if (null == retryCount) {
retryCount = new AtomicInteger(0);
lgoinRetryCache.put(username, retryCount);
}
if (retryCount.incrementAndGet() > 3) {
//log.warn("username: " + username + " tried to login more than 5 times in period");
throw new ExcessiveAttemptsException( "" + username + " had excessed the login limit (5 Attempts)"
);
}
boolean matches = super.doCredentialsMatch(token, info);
if (matches) {
//clear retry data
lgoinRetryCache.remove(username);
}
return matches;
}
}这是卡塔琳娜日志
> > INFO: Initializing Spring root WebApplicationContext
INFO XmlWebApplicationContext - Refreshing Root WebApplicationContext: startup date [Fri Jan 08 09:12:16 CST 2021]; root of context hierarchy
INFO XmlBeanDefinitionReader - Loading XML bean definitions from class path resource [applicationContext.xml]
INFO XmlBeanDefinitionReader - Loading XML bean definitions from class path resource [applicationContext_shiro.xml]
INFO XmlBeanDefinitionReader - Loading XML bean definitions from class path resource [applicationContext_quartz.xml]
INFO AutowiredAnnotationBeanPostProcessor - JSR-330 'javax.inject.Inject' annotation found and supported for autowiring
[localhost-startStop-1] WARN net.sf.ehcache.config.CacheConfiguration - Statistics can no longer be enabled via configuration.
INFO PostProcessorRegistrationDelegate$BeanPostProcessorChecker - Bean 'cacheManager' of type [org.apache.shiro.cache.ehcache.EhCacheManager] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
[localhost-startStop-1] INFO org.apache.shiro.cache.ehcache.EhCacheManager - Cache with name '5' does not yet exist. Creating now.
...
[localhost-startStop-1] INFO org.apache.shiro.cache.ehcache.EhCacheManager - Added EhCache named [authorizationCache]
...
...
INFO StrutsSpringObjectFactory - ... initialized Struts-Spring integration successfully
Jan 08, 2021 9:12:24 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-nio-8080"]
Jan 08, 2021 9:12:24 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 20363 ms
[http-nio-8080-exec-8] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
...
WARN cache - HHH90001006: Missing cache[com.ntnchina.hkg.sapporo.sys.domain.STFTYPMAS] was created on-the-fly. The created cache will use a provider-specific default configuration: make sure you defined one. You can disable this warning by setting 'hibernate.javax.cache.missing_cache_strategy' to 'create'.
WARN cache - HHH90001003: Read-only caching was requested for mutable entity >>>>>[NavigableRole[com.ntnchina.hkg.sapporo.sys.domain.STFTYPMAS]]
[http-nio-8080-exec-2] INFO org.ehcache.core.EhcacheManager - Cache 'com.ntnchina.hkg.sapporo.sys.domain.STFTYPMAS' created in Eh107InternalCacheManager.
[http-nio-8080-exec-2] WARN org.apache.shiro.authc.AbstractAuthenticator - Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - Calvin LAW, rememberMe=true]. Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).
javax.persistence.PersistenceException: org.hibernate.service.spi.ServiceException: Unable to create requested service [org.hibernate.hql.spi.QueryTranslatorFactory]
at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:154)
at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:181)我将得到身份验证令牌提交错误失败,我真的不知道如何解决这个问题。
有什么好心人能就这项决议向我提出建议吗?非常感谢你的帮助。
暂无答案!
目前还没有任何答案,快来回答吧!