shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Konrad Zuse <>
Subject RE: Configuring Shiro Programatically
Date Wed, 29 Oct 2014 18:33:21 GMT
I don't think we used HashedCredentialsMatcher anymore, 

Date: Wed, 29 Oct 2014 15:26:12 +0100
Subject: Re: Configuring Shiro Programatically

You're probably missing a LifecycleUtils.init(realm);

Log lines come from AuthenticatingRealm most probably because JdbcRealm inherits those methods
from AuthenticatingRealm. Typically loggers are initialized with the class declaring them.

On Wed, Oct 29, 2014 at 3:06 PM, Robert Middleton <> wrote:

I have set up shiro programatically using the following code:

SQLiteConfig config = new SQLiteConfig();
config.enforceForeignKeys( true );
HashedCredentialsMatcher cm = new HashedCredentialsMatcher( "SHA-256" );
cm.setHashIterations( 500000 );
JdbcRealm realm = new JdbcRealm();
org.sqlite.SQLiteDataSource ds = new org.sqlite.SQLiteDataSource( config );
ds.setUrl( "jdbc:sqlite:light.db" );
realm.setDataSource( ds );
realm.setCredentialsMatcher( cm );
realm.setSaltStyle( SaltStyle.COLUMN );
SecurityManager ss = new DefaultSecurityManager( realm );
SecurityUtils.setSecurityManager( ss );

However, when I try to authenticate a user, I can't log in.  This worked find before when
I used shiro.ini with no  encryption on the passwords.  The following debug information is
printed out:

18:18:28.835 [SSHThread] DEBUG org.apache.shiro.realm.AuthenticatingRealm - Looked up AuthenticationInfo
[robert] from doGetAuthenticationInfo
18:18:28.836 [SSHThread] DEBUG org.apache.shiro.realm.AuthenticatingRealm - AuthenticationInfo
caching is disabled for info [robert]. Submitted token: [org.apache.shiro.authc.UsernamePasswordToken
- robert, rememberMe=false].
18:18:29.275 [SSHThread] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher
- Performing credentials equality check for tokenCredentials of type [org.apache.shiro.crypto.hash.SimpleHash
and accountCredentials of type [org.apache.shiro.crypto.hash.SimpleHash]
18:18:29.276 [SSHThread] DEBUG org.apache.shiro.authc.credential.SimpleCredentialsMatcher
- Both credentials arguments can be easily converted to byte arrays. Performing array equals
18:18:29.277 [SSHThread] ERROR com.synexxus.gateway.connectors.SSHConnector - org.apache.shiro.authc.IncorrectCredentialsException:
Submitted credentials for token [org.apache.shiro.authc.UsernamePasswordToken - robert, rememberMe=false]
did not match the expected credentials.

Since I setup the realm for the SecurityManager to be a JdbcRealm, I would expect that the
log lines that come from org.apache.shiro.realm.AuthenticatingRealm would in fact come from
org.apache.shiro.realm.jdbc.JdbcRealm.  Why isn't this the case?

Alessio Stalla | Software Architect
M: +39 340 7824743 | T: +39 010 566441 | F: +39 010 8900455 |

Via G. D'Annunzio, 2/51 | 16121 Genova (GE) | Italy

View raw message