1.继承一个ModularRealmAuthenticator类
创建一个类,继承ModularRealmAuthenticator
,然后重写 doMultiRealmAuthentication
方法
/**
* ,抛出realm中第一个遇到的异常
* @param realms 领域认证器
* @param token 认证凭证
* @return aggregate
*/
@Override
protected AuthenticationInfo doMultiRealmAuthentication(Collection<Realm> realms, AuthenticationToken token) {
AuthenticationStrategy strategy = getAuthenticationStrategy();
AuthenticationInfo aggregate = strategy.beforeAllAttempts(realms, token);
if (log.isTraceEnabled()) {
log.trace("Iterating through {} realms for PAM authentication", realms.size());
}
for (Realm realm : realms) {
aggregate = strategy.beforeAttempt(realm, token, aggregate);
if (realm.supports(token)) {
log.trace("Attempting to authenticate token [{}] using realm [{}]", token, realm);
AuthenticationInfo info = null;
//有异常从此处抛出
info = realm.getAuthenticationInfo(token);
aggregate = strategy.afterAttempt(realm, token, info, aggregate, null);
} else {
log.debug("Realm [{}] does not support token {}. Skipping realm.", realm, token);
}
}
aggregate = strategy.afterAllAttempts(token, aggregate);
return aggregate;
}
2.在shiroConfig中把自定义的 ModularRealmAuthenticator 加入到shiro中
/**
* shiro 安全管理器设置
* @return SecurityManager
*/
@Bean
public SecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setSessionManager(sessionManager());
//自定义的模块化领域认证(ModularRealmAuthenticator)
ModularRealmAuthenticator authenticator = new WxModularRealmAuthenticator();
securityManager.setAuthenticator( authenticator );
return securityManager;
}