在实际开发中,一般我们使用shiro进行用户密码登录,有时候面对一些常见的需求,不得不再已有的框架上进行修改,比如说,增加一种使用手机验证码登录的登录方式。这时候,我们可以根据已有的框架,对其稍微修改一下便可满足需求。
public class ShiroDBRealm extends AuthorizingRealm{
private static final String className = "ShiroDBRealm";
@Autowired
private SecurityService securityService;
public ShiroDBRealm(){
setAuthenticationTokenClass(UsernamePasswordLoginTypeToken.class);
}
@Override
public String getName() {
return "shiroDBRealm";
}
@Override
public boolean supports(AuthenticationToken token) {
return token instanceof UsernamePasswordToken;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken authenticationToken) throws AuthenticationException {
try {
UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken ;
User user = securityService.login(token.getUsername(),new String(token.getPassword()));
String pwd = new String(token.getPassword());
}