一 添加枚举登录类型
public enum LoginType {
PASSWORD("password"),
NOPASSWD("nopassword");
private String code;
private LoginType(String code) {
this.code = code;
}
public String getCode() {
return code;
}
}
二 重写HashedCredentialsMatcher,增加免密登录
public class CostomCredentialsMatch extends HashedCredentialsMatcher {
private String hashAlgorithm;
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
UsernamePasswordToken unbroken = (UsernamePasswordToken) token;
if (LoginType.NOPASSWD.equals(unbroken.getLoginType())){
return true;
}
Object tokenHashedCredentials = hashProvidedCredentials(token, info);
Object accountCredentials = getCredentials(info);
return equals(tokenHashedCredentials, accountCredentials);
}
}
三 重写shiro中的UsernamePasswordToken
- 添加构造函数
- 自定义的realm中调用自定义的token,比如
@PostConstruct
public void initCredentialsMatcher() {
CostomCredentialsMatch matcher = new CostomCredentialsMatch();
matcher.setHashIterations(SystemService.HASH_INTERATIONS);
matcher.setHashAlgorithmName(SystemService.HASH_ALGORITHM);
setCredentialsMatcher(matcher);
}
四 注入上述相关bean
<bean id="credentialsMatcher" class="com.。。。.security.CostomCredentialsMatch"></bean>
<bean id="systemAuthorizingRealm" class="com.。。。。.security.SystemAuthorizingRealm">
<property name="credentialsMatcher" ref="credentialsMatcher"/>
</bean>