Package org.apache.shiro.authc

Class SimpleAuthenticationInfo

    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected Object credentials
      The credentials verifying the account principals.
      protected org.apache.shiro.util.ByteSource credentialsSalt
      Any salt used in hashing the credentials.
      protected PrincipalCollection principals
      The principals identifying the account associated with this AuthenticationInfo instance.

    • Constructor Summary

      Constructors 
      Constructor Description
      SimpleAuthenticationInfo()
      Default no-argument constructor.
      SimpleAuthenticationInfo(Object principal, Object credentials, String realmName)
      Constructor that takes in a single 'primary' principal of the account and its corresponding credentials, associated with the specified realm.
      SimpleAuthenticationInfo(Object principal, Object hashedCredentials, org.apache.shiro.util.ByteSource credentialsSalt, String realmName)
      Constructor that takes in a single 'primary' principal of the account, its corresponding hashed credentials, the salt used to hash the credentials, and the name of the realm to associate with the principals.
      SimpleAuthenticationInfo(PrincipalCollection principals, Object credentials)
      Constructor that takes in an account's identifying principal(s) and its corresponding credentials that verify the principals.
      SimpleAuthenticationInfo(PrincipalCollection principals, Object hashedCredentials, org.apache.shiro.util.ByteSource credentialsSalt)
      Constructor that takes in an account's identifying principal(s), hashed credentials used to verify the principals, and the salt used when hashing the credentials.

    • Field Detail

      • principals

        protected PrincipalCollection principals
        The principals identifying the account associated with this AuthenticationInfo instance.

      • credentials

        protected Object credentials
        The credentials verifying the account principals.

      • credentialsSalt

        protected org.apache.shiro.util.ByteSource credentialsSalt
        Any salt used in hashing the credentials.
        Since:
        1.1

    • Constructor Detail

      • SimpleAuthenticationInfo

        public SimpleAuthenticationInfo()
        Default no-argument constructor.

      • SimpleAuthenticationInfo

        public SimpleAuthenticationInfo(Object principal,
                                Object credentials,
                                String realmName)
        Constructor that takes in a single 'primary' principal of the account and its corresponding credentials, associated with the specified realm.

        This is a convenience constructor and will construct a PrincipalCollection based on the principal and realmName argument.
        Parameters:
        principal - the 'primary' principal associated with the specified realm.
        credentials - the credentials that verify the given principal.
        realmName - the realm from where the principal and credentials were acquired.

      • SimpleAuthenticationInfo

        public SimpleAuthenticationInfo(Object principal,
                                Object hashedCredentials,
                                org.apache.shiro.util.ByteSource credentialsSalt,
                                String realmName)
        Constructor that takes in a single 'primary' principal of the account, its corresponding hashed credentials, the salt used to hash the credentials, and the name of the realm to associate with the principals.

        This is a convenience constructor and will construct a PrincipalCollection based on the principal and realmName argument.
        Parameters:
        principal - the 'primary' principal associated with the specified realm.
        hashedCredentials - the hashed credentials that verify the given principal.
        credentialsSalt - the salt used when hashing the given hashedCredentials
        realmName - the realm from where the principal and credentials were acquired.
        Since:
        1.1
        See Also:
        HashedCredentialsMatcher

      • SimpleAuthenticationInfo

        public SimpleAuthenticationInfo(PrincipalCollection principals,
                                Object credentials)
        Constructor that takes in an account's identifying principal(s) and its corresponding credentials that verify the principals.
        Parameters:
        principals - a Realm's account's identifying principal(s)
        credentials - the accounts corresponding principals that verify the principals.

      • SimpleAuthenticationInfo

        public SimpleAuthenticationInfo(PrincipalCollection principals,
                                Object hashedCredentials,
                                org.apache.shiro.util.ByteSource credentialsSalt)
        Constructor that takes in an account's identifying principal(s), hashed credentials used to verify the principals, and the salt used when hashing the credentials.
        Parameters:
        principals - a Realm's account's identifying principal(s)
        hashedCredentials - the hashed credentials that verify the principals.
        credentialsSalt - the salt used when hashing the hashedCredentials.
        Since:
        1.1
        See Also:
        HashedCredentialsMatcher

    • Method Detail

      • getPrincipals

        public PrincipalCollection getPrincipals()
        Description copied from interface: AuthenticationInfo
        Returns all principals associated with the corresponding Subject. Each principal is an identifying piece of information useful to the application such as a username, or user id, a given name, etc - anything useful to the application to identify the current Subject.

        The returned PrincipalCollection should not contain any credentials used to verify principals, such as passwords, private keys, etc. Those should be instead returned by getCredentials().
        Specified by:
        getPrincipals in interface AuthenticationInfo
        Returns:
        all principals associated with the corresponding Subject.

      • setPrincipals

        public void setPrincipals(PrincipalCollection principals)
        Sets the identifying principal(s) represented by this instance.
        Parameters:
        principals - the indentifying attributes of the corresponding Realm account.

      • getCredentials

        public Object getCredentials()
        Description copied from interface: AuthenticationInfo
        Returns the credentials associated with the corresponding Subject. A credential verifies one or more of the principals associated with the Subject, such as a password or private key. Credentials are used by Shiro particularly during the authentication process to ensure that submitted credentials during a login attempt match exactly the credentials here in the AuthenticationInfo instance.
        Specified by:
        getCredentials in interface AuthenticationInfo
        Returns:
        the credentials associated with the corresponding Subject.

      • setCredentials

        public void setCredentials(Object credentials)
        Sets the credentials that verify the principals/identity of the associated Realm account.
        Parameters:
        credentials - attribute(s) that verify the account's identity/principals, such as a password or private key.

      • getCredentialsSalt

        public org.apache.shiro.util.ByteSource getCredentialsSalt()
        Returns the salt used to hash the credentials, or null if no salt was used or credentials were not hashed at all.

        Note that this attribute is NOT handled in the merge method - a hash salt is only useful within a single realm (as each realm will perform it's own Credentials Matching logic), and once finished in that realm, Shiro has no further use for salts. Therefore it doesn't make sense to 'merge' salts in a multi-realm scenario.
        Specified by:
        getCredentialsSalt in interface SaltedAuthenticationInfo
        Returns:
        the salt used to hash the credentials, or null if no salt was used or credentials were not hashed at all.
        Since:
        1.1

      • setCredentialsSalt

        public void setCredentialsSalt(org.apache.shiro.util.ByteSource salt)
        Sets the salt used to hash the credentials, or null if no salt was used or credentials were not hashed at all.

        Note that this attribute is NOT handled in the merge method - a hash salt is only useful within a single realm (as each realm will perform it's own Credentials Matching logic), and once finished in that realm, Shiro has no further use for salts. Therefore it doesn't make sense to 'merge' salts in a multi-realm scenario.
        Parameters:
        salt - the salt used to hash the credentials, or null if no salt was used or credentials were not hashed at all.
        Since:
        1.1

      • merge

        public void merge(AuthenticationInfo info)
        Takes the specified info argument and adds its principals and credentials into this instance.
        Specified by:
        merge in interface MergableAuthenticationInfo
        Parameters:
        info - the AuthenticationInfo to add into this instance.

      • equals

        public boolean equals(Object o)
        Returns true if the Object argument is an instanceof SimpleAuthenticationInfo and its principals are equal to this instance's principals, false otherwise.
        Overrides:
        equals in class Object
        Parameters:
        o - the object to compare for equality.
        Returns:
        true if the Object argument is an instanceof SimpleAuthenticationInfo and its principals are equal to this instance's principals, false otherwise.

      • hashCode

        public int hashCode()
        Returns the hashcode of the internal principals instance.
        Overrides:
        hashCode in class Object
        Returns:
        the hashcode of the internal principals instance.