shiro自定义Realm+MD5加密、加盐
1.加载依赖
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
</dependency>
<!--shiro-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.4.0</version>
</dependency>
2.自定义realm代码
分别实现的是用户验证和角色权限验证两个方法
先是实例SimpleAuthenticationInfo,设置用户名,密码,真实名,这里使用的map模拟
再是Set模拟,角色和权限,
整体代码如下:
package com.lbl.shiro.realm;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
public class CustomRealm extends AuthorizingRealm {
Map<String,String> userMap = new HashMap<>();
{
userMap.put("admin","a66abb5684c45962d887564f08346e8d");
super.setName("customRealm");
}
@Override//角色权限认证
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
String userName = (String) principalCollection.getPrimaryPrincipal();
Set<String> roles = getRoleByUserName(userName);
Set<String> permissions = gerPerByUserName(userName);
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
simpleAuthorizationInfo.setStringPermissions(permissions);
simpleAuthorizationInfo.setRoles(roles);
return simpleAuthorizationInfo;
}
private Set<String> gerPerByUserName(String userName) {
Set<String> permissions = new HashSet<>();
permissions.add("user:delete");
permissions.add("user:update");
return permissions;
}
private Set<String> getRoleByUserName(String userName) {
Set<String> roles = new HashSet<>();
roles.add("admin");
roles.add("user");
return roles;
}
@Override//用户认证
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
//从主题传过来的认证信息获取用户名
String userName= (String) authenticationToken.getPrincipal();
//通过用户名,获取凭证
String password = getPwdByUserName(userName);
if(password == null){
return null;
}
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo("admin",password,"customReal");
//加盐
authenticationInfo.setCredentialsSalt(ByteSource.Util.bytes("admin"));
return authenticationInfo;
}
/**
* 模拟数据库获取
* @param userName
* @return
*/
private String getPwdByUserName(String userName) {
return userMap.get("admin");
}
}
3.测试文件;依旧还是那几步
import com.lbl.shiro.realm.CustomRealm;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
public class CustomRealmTest {
@Test
public void showPwd(){//初步显示md5加密后的字符串
/* Md5Hash md5Hash = new Md5Hash("123456");
System.out.println(md5Hash.toString());*/
Md5Hash md5Hash = new Md5Hash("123456","admin");
System.out.println(md5Hash.toString());
}
@Test
public void testCostomRealm(){
CustomRealm customRealm = new CustomRealm();
//1.构建管理器环境
DefaultSecurityManager securityManager = new DefaultSecurityManager();
//将用户加入进去
securityManager.setRealm(customRealm);
//直接md5加密
HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
hashedCredentialsMatcher.setHashIterations(1);
hashedCredentialsMatcher.setHashAlgorithmName("md5");
customRealm.setCredentialsMatcher(hashedCredentialsMatcher);
//2.提交认证请求
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
//认证
UsernamePasswordToken token = new UsernamePasswordToken("admin","123456");
subject.login(token);
System.out.println("isAuthenticated:"+subject.isAuthenticated());
System.out.println("checkeRoles:"+subject.hasRole("admin"));
System.out.println("hasPermission:"+subject.isPermitted("user:delete"));
}
}
4,差不多先就这样。