md5工具
package com.utils;
import org.apache.shiro.crypto.hash.Md5Hash;
/**
* @author w
*/
public class MD5Utils {
public static void main(String[] args) {
String source="123456";
Md5Hash hash=new Md5Hash(source);
System.out.println("使用md5加密后的结果:+"+hash.toString());
Md5Hash hash2=new Md5Hash(source,"北京武汉");
System.out.println("使用md5加密并且加盐后的结果:+"+hash2.toString());
Md5Hash hash3=new Md5Hash(source,"北京武汉",2);
System.out.println("使用md5加密并且加盐并且散列2次后的结果:+"+hash3.toString());
}
/*
* source 需要加密的铭文
* salt 盐
* hashInterations 散列次数
* */
public static String md5(String source,Object salt,Integer hashInterations){
return new Md5Hash(source,salt,hashInterations).toString();
}
}
realm
package com.realm;
import com.domain.ActiveUser;
import com.domain.User;
import com.service.*;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
/**
* @author w
*/
public class UserRealm extends AuthorizingRealm
{
private UserService userService =new UserServiceImpl();
private RoleService roleService=new RoleServiceImpl();
private PermissionService permissionService=new PermissionServiceImpl();
public UserRealm(){
HashedCredentialsMatcher credentialsMatcher=new HashedCredentialsMatcher();
//指定加密 算法
credentialsMatcher.setHashAlgorithmName("md5");
//指定散列次数
credentialsMatcher.setHashIterations(2);
setCredentialsMatcher(credentialsMatcher);
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
//得到身份
String username = token.getPrincipal().toString();
Object credentials = token.getCredentials();
/*
以前登录逻辑是 把用户名和密码都去数据库 匹配
在shiro中是根据用户名把用户对象查询出来 在来坐密码匹配
* */
User user =userService.queryUserByUserName(username);
if (null!=user){
List<String> roles=roleService.queryRoleByUserName(user.getUsername());
List<String> permissions=permissionService.queryPermissionByUserName(user.getUsername());
ActiveUser activeUser=new ActiveUser(user,roles,permissions);
/*
参数说明
参数1 可以传入任意对象
参数2 数据库查出来的密码
参数3 当前类名
*/
// SimpleAuthenticationInfo info=new SimpleAuthenticationInfo(activeUser,user.getPwd(), this.getName());
/**
* 参数说明
* 参数1:可以传到任意对象
* 参数2:从数据库里面查询出来的散列之后的密码
* 参数3:盐
* 参数4:当前类名
*/
ByteSource credentialsSalt=ByteSource.Util.bytes("北京武汉");
SimpleAuthenticationInfo info=new SimpleAuthenticationInfo(activeUser, user.getPwd(),
credentialsSalt,this.getName());
return info;
}else {
return null;
}
}
/*做授权
*参数说明
* */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
ActiveUser activeUser = (ActiveUser) principalCollection.getPrimaryPrincipal();
SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
//添加角色
Collection<String> roles=activeUser.getRoles();
if (null!=roles&&roles.size()>0){
info.addRoles(roles);
}
//添加权限
Collection<String> permissions=activeUser.getPermissions();
if (null!=permissions&&permissions.size()>0){
info.addStringPermissions(permissions);
}
/*
给超级管理员添加权限
if (activeUser.getUser().getType()==0){
info.addStringPermissions("*:*");
}*/
return info;
}
}
扫一扫
3462
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
