Shiro-----散列算法(加密算法)

散列算法

3.在自定义的Realm中使用散列算法

package com.kennosaur.realm;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

public class UserRealm extends AuthorizingRealm{
	@Override
	public String getName() {		
		return "userrealm";
	}

	/**
	 * 认证信息
	 * 完成身份认证并且返回认证信息
	 * 如果身份认证失败返回null
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		//获取身份信息
		String username = (String)token.getPrincipal();
		System.out.println("username======"+username);
		//根据用户名到数据库中查询密码信息----模拟
		//假定从数据库中获取的密码为123

		String password = "5dbf2d01bf694d7c218c1ea456c51241";
		String salt = "kennosaur";
		SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username, password,ByteSource.Util.bytes(salt), getName());
		return info;
	}

	/**
	 * 授权信息
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		// TODO Auto-generated method stub
		return null;
	}
}

配置文件

#自定义Realm
userRealm=com.kennosaur.realm.UserRealm
#配置散列算法
credentialsMatcher=org.apache.shiro.authc.credential.HashedCredentialsMatcher
credentialsMatcher.hashAlgorithmName=md5
credentialsMatcher.hashIterations=2
userRealm.credentialsMatcher=$credentialsMatcher
#配置验证器
securityManager.realms=$userRealm