in shiro-basic/src/main/java/org/apache/struts2/shiro/example/action/LoginAction.java [33:84]
public String execute()
{
String result = INPUT;
if (shiroUser != null)
{
// Do some stuff with a Session
Session session = shiroUser.getSession();
session.setAttribute("MyUsername", username);
log.info("Saving 'username' value to session [" + username + "]");
// let's login the current user so we can check against roles and permissions:
if (! shiroUser.isAuthenticated())
{
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
token.setRememberMe(true);
try
{
shiroUser.login(token);
result = SUCCESS;
}
catch (UnknownAccountException uae)
{
addActionError("There is no user with username of '" + token.getPrincipal() + "'");
log.error(uae.getMessage());
}
catch (IncorrectCredentialsException ice)
{
addActionError("Password for account '" + token.getPrincipal() + "' was incorrect!");
log.error(ice.getMessage());
}
catch (LockedAccountException lae)
{
addActionError("The account for username '" + token.getPrincipal() + "' is locked. " +
"Please contact your administrator to unlock it.");
log.error(lae.getMessage());
}
// ... catch more exceptions here (maybe custom ones specific to your application?
catch (AuthenticationException ae)
{
addActionError("An authentication exception has occurred trying to login user: " + token.getPrincipal());
log.error(ae.getMessage());
}
}
else if (shiroUser.isAuthenticated())
{
result = SUCCESS;
}
}
return result;
}