背景:
shiro提供了几种常用的加密算法,例如:
MD5damo:
public class Md5Damo {
public static void main(String[] args) {
//Md5 加密算法加密
Md5Hash md5 = new Md5Hash("1111");
System.out.println("1111==="+md5.toString());
//加盐
md5 = new Md5Hash("1111", "sxt");
System.out.println("1111==="+md5.toString());
//迭代次数
md5 = new Md5Hash("1111", "sxt", 2);
System.out.println("1111==="+md5.toString());
//等效
SimpleHash simpleHash = new SimpleHash("md5", "1111", "siggy", 2);
System.out.println(simpleHash.toString());
}
}
结果:
自定义Reaml实现散列
1、导包
2、编写自定义reaml代码
package com.text.shiro;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
/*
* 自定义Realm实现,该Realm类提供了两个方法
* doGetAuthorizationInfo 获取认证信息
* doGetAuthenticationInfo 获取权限信息
*/
public class UserRealm extends AuthorizingRealm {
@Override
public String getName() {
return "userRealm";
}
//完成身份认证(从数据库中去数据)并且放回认证信息
//如果身份认证失败,返回null
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
//从token中获取认证信息
String principal = (String)token.getPrincipal();
System.out.print("username=======" +principal);
//这里要根据principal 到数据库中查询password
//假定查询到是password为 1111
String pwd = "1620d20433da92e2523928e351e90f97";
//返回认证信息
SimpleAuthenticationInfo Info = new SimpleAuthenticationInfo(principal,
pwd,ByteSource.Util.bytes("siggy"), getName());
return Info;
}
//获取授权信息
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
// TODO Auto-generated method stub
return null;
}
}
6、测试代码
package com.text.shiro;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
/*
* 自定义Realm实现,该Realm类提供了两个方法
* doGetAuthorizationInfo 获取认证信息
* doGetAuthenticationInfo 获取权限信息
*/
public class UserRealm extends AuthorizingRealm {
@Override
public String getName() {
return "userRealm";
}
//完成身份认证(从数据库中去数据)并且放回认证信息
//如果身份认证失败,返回null
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
//从token中获取认证信息
String principal = (String)token.getPrincipal();
System.out.print("username=======" +principal);
//这里要根据principal 到数据库中查询password
//假定查询到是password为 1111
String pwd = "1620d20433da92e2523928e351e90f97";
//返回认证信息
SimpleAuthenticationInfo Info = new SimpleAuthenticationInfo(principal,
pwd,ByteSource.Util.bytes("siggy"), getName());
return Info;
}
//获取授权信息
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
// TODO Auto-generated method stub
return null;
}
}
4、编写ini、log4j.properties
ini
[main]
#定义凭证匹配器
credentialsMatcher=org.apache.shiro.authc.credential.HashedCredentialsMatcher
#散列算法
credentialsMatcher.hashAlgorithmName=md5
#散列次数
credentialsMatcher.hashIterations=2
#将凭证匹配器设置到realm
userRealm=cn.siggy.realm.UserRealm
userRealm.credentialsMatcher=$credentialsMatcher
securityManager.realms=$userRealm
userRealm=com.text.shiro.UserRealm
securityManager.realm=$userRealm
log4j
log4j.rootCategory=INFO, CONSOLE ,LOGFILE
log4j.logger.com.bjsxt.mapper=DEBUG
log4j.logger.com.text.shiro=INFO
log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
log4j.appender.CONSOLE.layout.ConversionPattern=%C %d{YYYY-MM-dd hh:mm:ss} %m %n
log4j.appender.LOGFILE=org.apache.log4j.FileAppender
log4j.appender.LOGFILE.File=E:/my.log
log4j.appender.LOGFILE.Append=true
log4j.appender.LOGFILE.layout=org.apache.log4j.PatternLayout
log4j.appender.LOGFILE.layout.ConversionPattern=%m %n
7、项目结构
8、结果