验证用户名与MD5 (+ salt)密码
模拟数据: md5加密:e10adc3949ba59abbe56e057f20f883e MD5 + salt:b42619cf9e4a1f5dad2aaa8a7a70b31e salt=“!@#$” MD5 + salt + hash:f57cf2d66c506567c49ad04bb58fa566 salt=“!@#$” hasd散列轮数=1024
realm设置
package com.catchadmin.shiro;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
public class Md5AuthRealm extends AuthorizingRealm {
/**
* 授权
* @param principalCollection
* @return
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}
/**
* 认证
* @param authenticationToken
* @retur
* @throws AuthenticationException
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
String username = authenticationToken.getPrincipal().toString();
System.out.println("authenticationToken:" + username);
if ("zhangfayuan".equals(username)){
return new SimpleAuthenticationInfo(username,"e10adc3949ba59abbe56e057f20f883e", this.getName());
}
//加盐验证
if ("zhangfayuan".equals(username)){
return new SimpleAuthenticationInfo(username,"b42619cf9e4a1f5dad2aaa8a7a70b31e",ByteSource.Util.bytes("!@#$"), this.getName());
}
return null;
}
}
请求验证设置
public String md5Checking() {
//创建安全管理器
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
//注入realm
Md5AuthRealm md5AuthRealm = new Md5AuthRealm();
//设置加密方式
HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
hashedCredentialsMatcher.setHashAlgorithmName("md5");//设置加密方式
hashedCredentialsMatcher.setHashIterations(1024); //设置hash散列轮数
md5AuthRealm.setCredentialsMatcher(hashedCredentialsMatcher);
defaultSecurityManager.setRealm(md5AuthRealm);
// 将安全管理器注入安全工具
SecurityUtils.setSecurityManager(defaultSecurityManager);
//获取 subject 主体
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("zhangfayuan", "123456");
try {
subject.login(token);
System.out.println("登录成功");
}catch (UnknownAccountException e){
System.out.println("用户名不存在");
}catch (IncorrectCredentialsException e){
System.out.println("密码错误");
}
return "Login Success!";
}
验证用户名与MD5 + salt密码
//设置加密方式
HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
hashedCredentialsMatcher.setHashAlgorithmName("md5");//设置加密方式
hashedCredentialsMatcher.setHashIterations(1024); //设置hash散列轮数
md5AuthRealm.setCredentialsMatcher(hashedCredentialsMatcher);
//Md5 + salt + hash
if ("zhangfayuan".equals(username)){
return new SimpleAuthenticationInfo(username,"b42619cf9e4a1f5dad2aaa8a7a70b31e",ByteSource.Util.bytes("!@#$"), this.getName());
}
文档更新时间: 2023-12-18 03:25 作者:JeffreyCheung