5

i am new in apache shiro.i am getting exception when i execute this statement.

currentUser.login(token);

exception is

 errororg.apache.shiro.authc.AuthenticationException: Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - abc@gmail.com, rememberMe=true].  Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).

i am invoking this method for login.the code is.

  public boolean authorize(String username,String password)
{
    Boolean status=false;
    log.debug("the user id "+username+"passwrodD::"+password);
    Realm realm = new JdbcRealm();
    DefaultSecurityManager securityManager = new DefaultSecurityManager(realm);
    UsernamePasswordToken token = new UsernamePasswordToken(username, password);
    token.setRememberMe(true);
    SecurityUtils.setSecurityManager(securityManager);
    Subject currentUser = SecurityUtils.getSubject();

    Response r = null;
    log.debug("before process for login");
    try
    {
        currentUser.login(token);   //This throws an error upon form submission

        r = Response.ok().entity(token).build();            

    }
    catch (UnknownAccountException uae ) {
        //username wasn't in the system, show them an error message?
        System.out.println("the user name is invalid");
    } catch ( IncorrectCredentialsException ice ) {
        //password didn't match, try again?
        System.out.println("the password name is invalid");
    } catch ( LockedAccountException lae ) {
        //account for that username is locked - can't login.  Show them a message?

    } catch ( AuthenticationException ae ) {
        //unexpected condition - error?
        System.out.println("unexpect error"+ae);
    }
    return status;
}

my shiro.ini file

 [main]
 jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
 jdbcRealm.permissionsLookupEnabled = true
 jdbcRealm.authenticationQuery =select User_Password FROM  user_master where User_id=?
 ds = com.mysql.jdbc.jdbc2.optional.MysqlDataSource
 ds.serverName = localhost
 ds.user = root
 ds.password = root
 ds.databaseName = test
 jdbcRealm.dataSource = $ds
 [users]
 [roles]
 [urls]

i include listener and filter in my web.xml file. i change the authenticationQuery to my query. and when i am executing i am getting this above error. and also i do know is it right way to modify or override query.

Developer Desk
  • 2,294
  • 8
  • 36
  • 77
user2549122
  • 203
  • 1
  • 5
  • 18
  • and i want to implement only user login. and i want to skip the roll and permission query..this is possible? – user2549122 Oct 29 '13 at 09:45
  • yes this is possible.. – Developer Desk Oct 30 '13 at 13:29
  • hi.any body have an idea that if user login is success then i need to return the other infomation. how to do? – user2549122 Oct 31 '13 at 07:03
  • Take a look at [line 338 of this code](https://github.com/stormpath/stormpath-shiro/blob/master/core/src/main/java/com/stormpath/shiro/realm/ApplicationRealm.java#L338) from [Stormpath](http://www.stormpath.com). Note that after the user is successfully authenticated a `PrincipalCollection` with all the information about the user is added to the `SimpleAuthenticationInfo`. Then, you can retrieve the user information this way: `Map userInfo = SecurityUtils.getSubject().getPrincipals().oneByType(java.util.Map.class);` – mario Jan 10 '15 at 19:00

2 Answers2

0

I think the problem is that you are missing securityManager.realm = $jdbcRealm in your shiro.ini

mario
  • 1,154
  • 8
  • 13
0

I just got this exception, and the problem was I was setting securityManager.realm incorrectly in shiro.ini. This is what I had:

[main]
fooRealm = com.company.foo.Realm
securityManager.realms = fooRealm

This is what fixed it (I was missing a $):

[main]
fooRealm = com.company.foo.Realm
securityManager.realms = $fooRealm
Abe Voelker
  • 30,124
  • 14
  • 81
  • 98