import org.apache.shiro.authc.HostAuthenticationToken; //导入依赖的package包/类
public String resolveHost() {
    String host = getHost();

    if (host == null) {
        //check to see if there is an AuthenticationToken from which to retrieve it:
        AuthenticationToken token = getAuthenticationToken();
        if (token instanceof HostAuthenticationToken) {
            host = ((HostAuthenticationToken) token).getHost();
        }
    }

    if (host == null) {
        Session session = resolveSession();
        if (session != null) {
            host = session.getHost();
        }
    }

    return host;
}
 

import org.apache.shiro.authc.HostAuthenticationToken; //导入依赖的package包/类
public void login(AuthenticationToken token) throws AuthenticationException {
    clearRunAsIdentitiesInternal();
    Subject subject = securityManager.login(this, token);

    PrincipalCollection principals;

    String host = null;

    if (subject instanceof DelegatingSubject) {
        DelegatingSubject delegating = (DelegatingSubject) subject;
        //we have to do this in case there are assumed identities - we don't want to lose the 'real' principals:
        principals = delegating.principals;
        host = delegating.host;
    } else {
        principals = subject.getPrincipals();
    }

    if (principals == null || principals.isEmpty()) {
        String msg = "Principals returned from securityManager.login( token ) returned a null or " +
                "empty value.  This value must be non null and populated with one or more elements.";
        throw new IllegalStateException(msg);
    }
    this.principals = principals;
    this.authenticated = true;
    if (token instanceof HostAuthenticationToken) {
        host = ((HostAuthenticationToken) token).getHost();
    }
    if (host != null) {
        this.host = host;
    }
    Session session = subject.getSession(false);
    if (session != null) {
        this.session = decorate(session);
    } else {
        this.session = null;
    }
}
 

import org.apache.shiro.authc.HostAuthenticationToken; //导入依赖的package包/类
public void login(AuthenticationToken token) throws AuthenticationException {
    Subject subject = securityManager.login(this, token);

    PrincipalCollection principals;


        IOTSubject iotSubject = (IOTSubject) subject;
        //we have to do this in case there are assumed identities - we don't want to lose the 'real' principals:
        principals = iotSubject.principals;
    String    host = iotSubject.host;

    if (principals == null || principals.isEmpty()) {
        String msg = "Principals returned from securityManager.login( token ) returned a null or " +
                "empty value.  This value must be non null and populated with one or more elements.";
        throw new IllegalStateException(msg);
    }
    this.principals = principals;
    this.authenticated = true;
    if (token instanceof HostAuthenticationToken) {
        host = ((HostAuthenticationToken) token).getHost();
    }
    if (host != null) {
        this.host = host;
    }
    this.session = subject.getSession(false);

}
 

import org.apache.shiro.authc.HostAuthenticationToken; //导入依赖的package包/类
@Test(expectedExceptions={AuthenticationException.class})
public void noHostSupport() {
	realm.doGetAuthenticationInfo(new HostAuthenticationToken() {
		private static final long	serialVersionUID	= 1L;
		@Override public Object getPrincipal() {return null;}
		@Override	public Object getCredentials() {return null;}
		@Override	public String getHost() {	return null;}
	}); 
}