Shiro身份验证流转分析
【冯立雄】的身份验证流转分析,一步步debug下来的
1.ShiroHandler.login(token);
2.DelegatingSubject.login(token);
3.securityManager.login(this, token);
4.DefaultSecurityManager.login(subject,token);
5.AuthenticatingSecurityManager.authenticate(token);
6.AbstractAuthenticator.authenticate(token);
----------------------------------------------------
7.ModularRealmAuthenticator.doAuthenticate(token);
Collection<Realm> realms = getRealms();
if (realms.size() == 1) {
return doSingleRealmAuthentication(realms.iterator().next(), authenticationToken);
} else {
return doMultiRealmAuthentication(realms, authenticationToken);
}
8.ModularRealmAuthenticator.doMultiRealmAuthentication
for (Realm realm : realms) {
aggregate = strategy.beforeAttempt(realm, token, aggregate);
if (realm.supports(token)) {
AuthenticationInfo info = realm.getAuthenticationInfo(token);
}
}
9.AuthenticatingRealm.getAuthenticationInfo(token)
AuthenticationInfo info = getCachedAuthenticationInfo(token);
if (info == null) {
info = doGetAuthenticationInfo(token);
if (token != null && info != null) {
cacheAuthenticationInfoIfPossible(token, info);
}
}
if (info != null) {
assertCredentialsMatch(token, info);
} else {
log.debug("No AuthenticationInfo found for submitted AuthenticationToken [{}]. Returning null.", token);
}
10.ShiroRealm.doGetAuthenticationInfo(token)
11.AuthenticatingRealm.assertCredentialsMatch(token,info)
CredentialsMatcher cm = getCredentialsMatcher();
if (cm != null) {
if (!cm.doCredentialsMatch(token, info)) {
String msg = "Submitted credentials for token [" + token + "] did not match the expected credentials.";
throw new IncorrectCredentialsException(msg);
}
} else {
throw new AuthenticationException("A CredentialsMatcher must be configured in order to verify " +
"credentials during authentication. If you do not wish for credentials to be examined, you " +
"can configure an " + AllowAllCredentialsMatcher.class.getName() + " instance.");
}
12.HashedCredentialsMatcher.doCredentialsMatch(token,info)
Object tokenHashedCredentials = hashProvidedCredentials(token, info);
Object accountCredentials = getCredentials(info);
return equals(tokenHashedCredentials, accountCredentials);
13.AbstractAuthenticator.authenticate(token);--->6
-------------------------------------------------------------------------------
14.AbstractAuthenticator.notifySuccess(token, info);