项目环境spring boot 2.1
首先实现自己的验证类
import com.glodon.security.MD5;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;
public class CustomCredentialsMatcher extends SimpleCredentialsMatcher {
@Override
public boolean doCredentialsMatch(AuthenticationToken authcToken, AuthenticationInfo info) {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
Object tokenCredentials = encrypt(String.valueOf(token.getPassword()));
Object accountCredentials = getCredentials(info);
//将密码加密与系统加密后的密码校验,内容一致就返回true,不一致就返回false
return equals(tokenCredentials, accountCredentials);
}
//将传进来密码加密方法
private String encrypt(String data) {
String encodePwd = MD5.toMD5(data);//这里可以选择自己的密码验证方式 比如 md5或者sha256等
return encodePwd;
}
}
然后在自定义的realm中引入:
public class FrontUserRealm extends AuthorizingRealm {
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
return authorizationInfo;
}
/**
* @Author Adam
* @Description 主要是用来进行身份认证的,也就是说验证用户输入的账号和密码是否正确
* @Date 14:06 2018/9/28
* @Param [token]
* @return org.apache.shiro.authc.AuthenticationInfo
**/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
FrontUserAuthService shiroFactory = FrontUserAuthServiceServiceImpl.me();
UsernamePasswordToken userToken = (UsernamePasswordToken)token;
FrontUser user = shiroFactory.user(userToken.getUsername());
ShiroUser shiroUser = shiroFactory.shiroUser(user);
return shiroFactory.info(shiroUser,user, super.getName());
}
/**
* 设置认证加密方式
*/
@Override
public void setCredentialsMatcher(CredentialsMatcher credentialsMatcher) {
CustomCredentialsMatcher customCredentialsMatcher = new
CustomCredentialsMatcher();
super.setCredentialsMatcher(customCredentialsMatcher);
}
}
,如此这般就可以用自己的验证方式了。