I am trying to do relatively simple thing: log in user manually. I am using FacebookGraph plugin to connect to facebook. If user logs in via Facebook, i get his ID and I want to authenticate him in ShiroSecurity. Of course such trivial thing like
session.user = user
does not work. I have found the code in the wiki, which should do the trick:
Object userIdentity = user.email
String realmName = "username";
PrincipalCollection principals = new SimplePrincipalCollection(userIdentity, realmName);
Subject subject = new Subject.Builder().principals(principals).buildSubject();
However it does not work. I still get redirected to auth/login with log.debug message that ShiroSubject is null. Maybe it be because I invoke this code in a service. Any ideas how to make this work?
UPDATE:
def authenticate(authToken) {
log.info "Attempting to authenticate ${authToken.username} in DB realm..."+authToken.encodeAsJSON()
def username = authToken.username
// Null username is invalid
if (username == null) {
throw new AccountException("Null usernames are not allowed by this realm.")
}
// Get the user with the given username. If the user is not
// found, then they don't have an account and we throw an
// exception.
log.debug "reached this point2"
def user = ShiroUser.findByUsername(username)
log.debug "reached this point"
if (!user) {
throw new UnknownAccountException("No account found for user [${username}]")
}
log.info "Found user '${user.username}' in DB"
// Now check the user's password against the hashed value stored
// in the database.
def account = new SimpleAccount(username, user.passwordHash, "ShiroDbRealm")
if (!credentialMatcher.doCredentialsMatch(authToken, account)) {
log.info "Invalid password (DB realm)"
throw new IncorrectCredentialsException("Invalid password for user '${username}'")
}
return account
}
