> > public class MyRealm extends AuthorizingRealm implements Serializable {

    private static final long serialVersionUID = 1691441359349573797L;

    private static final SysManager sysManager = BeanFactory.getBeanFactory().getSysManager(SysManager.class);

        //1.Self Custom Authentication¼‰  
        protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException 
            //UsernamePasswordToken token = new UsernamePasswordToken();

            UsernamePasswordToken token = (UsernamePasswordToken)arg0;  

            token. setRememberMe(true); //remember me, newly added 2020-12-29, for Authc error

            //get (Password using String type)  
            String username = token.getUsername();
            //String username = token.getPrincipal().toString(); //newly added 2020-12-29

            //String password = new String( token.getPassword() ); 

            //Subject currentUser = SecurityUtils.getSubject(); //newly added 2020-12-29
            /*try //added on 2020-12-31

                token. setRememberMe(true); //remember me, newly added 2020-12-29, for Authc error     
                Subject currentUser = SecurityUtils.getSubject(); //newly added 2020-12-29

            catch (AuthenticationException ae)
             if (null==username)

                 return null;

                 SimpleAuthenticationInfo info = new SimpleAuthenticationInfo();
                 return info;


            if ( "".equals(username) )
                throw new UnknownAccountException("Account Not Found");

            STFTBL stfTbl = sysManager.getStfTbl(username);

            if ( stfTbl == null )  
                //return null;
                throw new UnknownAccountException("Table Not Found");

            return new SimpleAuthenticationInfo(stfTbl, stfTbl.getStfPwd() , getName() );  


        //2. fill permissions into AuthorizationInfo
         protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) { 

                List<CTLTBL> list = null;

                //arg0.getPrimaryPrincipal():  SimpleAuthenticationInfo's first param!  
                Object principal = arg0.getPrimaryPrincipal(); 

                STFTBL stfTbl = (STFTBL) principal;  

                //SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(user.getRoles()); 
                try {


                     list =  sysManager.getCtltbl();


                } catch (Exception e) {

                SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

                info.addRole( stfTbl.getStfDpt().getDptCde() );
                info.addRole( stfTbl.getStfShf() );

                for ( int i = 0; i < list.size(); i++ ) {
                    info.addStringPermission( list.get(i).getCtlCde()+list.get(i).getCtlSts() );
                    //System.out.println( list.get(i).getCtlCde()+list.get(i).getCtlSts() );

                return info;  



> > public class RetryLimitHashedCredentialsMatcher extends SimpleCredentialsMatcher {
    //private static final Logger log = LoggerFactory.getLogger(RetryLimitHashedCredentialsMatcher.class);

    private Cache<String, AtomicInteger> lgoinRetryCache;

    private int maxRetryCount = 5; //added 2020-12-31

    private String lgoinRetryCacheName;

    public void setMaxRetryCount(int maxRetryCount) {
        this.maxRetryCount = maxRetryCount;

  public RetryLimitHashedCredentialsMatcher() { 

   public RetryLimitHashedCredentialsMatcher(CacheManager cacheManager) { 
       //passwordRetryCache = cacheManager.getCache("passwordRetryCache"); 

        lgoinRetryCache = cacheManager.getCache(lgoinRetryCacheName);

    public RetryLimitHashedCredentialsMatcher(CacheManager cacheManager,String lgoinRetryCacheName) {
        this.lgoinRetryCacheName = lgoinRetryCacheName;
        lgoinRetryCache = cacheManager.getCache(lgoinRetryCacheName);

    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {

        String username = (String) token.getPrincipal();
        //retry count + 1
        AtomicInteger retryCount = lgoinRetryCache.get(username);
        if (null == retryCount) {
            retryCount = new AtomicInteger(0);
            lgoinRetryCache.put(username, retryCount);
        if (retryCount.incrementAndGet() > 3) {
            //log.warn("username: " + username + " tried to login more than 5 times in period");
            throw new ExcessiveAttemptsException( "" + username + " had excessed the login limit (5 Attempts)"
        boolean matches = super.doCredentialsMatch(token, info);
        if (matches) {
            //clear retry data
        return matches;


> > INFO: Initializing Spring root WebApplicationContext
INFO  XmlWebApplicationContext - Refreshing Root WebApplicationContext: startup date [Fri Jan 08 09:12:16 CST 2021]; root of context hierarchy
INFO  XmlBeanDefinitionReader - Loading XML bean definitions from class path resource [applicationContext.xml]
INFO  XmlBeanDefinitionReader - Loading XML bean definitions from class path resource [applicationContext_shiro.xml]
INFO  XmlBeanDefinitionReader - Loading XML bean definitions from class path resource [applicationContext_quartz.xml]
INFO  AutowiredAnnotationBeanPostProcessor - JSR-330 'javax.inject.Inject' annotation found and supported for autowiring
[localhost-startStop-1] WARN net.sf.ehcache.config.CacheConfiguration - Statistics can no longer be enabled via configuration.
INFO  PostProcessorRegistrationDelegate$BeanPostProcessorChecker - Bean 'cacheManager' of type [org.apache.shiro.cache.ehcache.EhCacheManager] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
[localhost-startStop-1] INFO org.apache.shiro.cache.ehcache.EhCacheManager - Cache with name '5' does not yet exist.  Creating now.
[localhost-startStop-1] INFO org.apache.shiro.cache.ehcache.EhCacheManager - Added EhCache named [authorizationCache]
INFO  StrutsSpringObjectFactory - ... initialized Struts-Spring integration successfully
Jan 08, 2021 9:12:24 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-nio-8080"]
Jan 08, 2021 9:12:24 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 20363 ms
[http-nio-8080-exec-8] INFO org.apache.shiro.session.mgt.AbstractValidatingSessionManager - Enabling session validation scheduler...
WARN  cache - HHH90001006: Missing cache[com.ntnchina.hkg.sapporo.sys.domain.STFTYPMAS] was created on-the-fly. The created cache will use a provider-specific default configuration: make sure you defined one. You can disable this warning by setting 'hibernate.javax.cache.missing_cache_strategy' to 'create'.

 WARN  cache - HHH90001003: Read-only caching was requested for mutable entity >>>>>[NavigableRole[com.ntnchina.hkg.sapporo.sys.domain.STFTYPMAS]]
[http-nio-8080-exec-2] INFO org.ehcache.core.EhcacheManager - Cache 'com.ntnchina.hkg.sapporo.sys.domain.STFTYPMAS' created in Eh107InternalCacheManager.
[http-nio-8080-exec-2] WARN org.apache.shiro.authc.AbstractAuthenticator - Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - Calvin LAW, rememberMe=true].  Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).
javax.persistence.PersistenceException: org.hibernate.service.spi.ServiceException: Unable to create requested service [org.hibernate.hql.spi.QueryTranslatorFactory]
    at org.hibernate.internal.ExceptionConverterImpl.convert(
    at org.hibernate.internal.ExceptionConverterImpl.convert(



