Shiro realm自定义类MD5加密加盐加哈希散列

1、Shrio使用md5、随机salt、hash散列

导入shiro依赖

<dependency>
     <groupId>org.apache.shiro</groupId>
     <artifactId>shiro-core</artifactId>
     <version>1.5.3</version>
</dependency>

在shiro中有一个函数可以自动生成MD5+salt+hash=>Md5Hash
对应的包为：import org.apache.shiro.crypto.hash.Md5Hash;
相关写法如下：

//第一个参数：所需变换的源数据
//第二个参数：随机salt内容
//第三个参数：散列次数
Md5Hash md5Hash = new Md5Hash("123","X0**",1024);
System.out.println(md5Hash.toHex());
//返回结果为经过转换的加密值

2、shiro解码步骤（自定义权限授予类）

自定义用户登录权限验证类

自定义类需继承AuthorizingRealm，重写doGetAuthorizationInfo（登录用户授权方法）和doGetAuthenticationInfo（用户验证方法）。

doGetAuthorizationInfo：

（1）获取身份信息：principals.getPrimaryPrincipal()；
（2）SimpleAuthorizationInfo：可自定义添加不同的登录角色，判断Subject是否有相关认证角色，常用方法有：addRole（自定义角色字符串形式）、addStringPermission（自定义角色，用shiro的权限表达式）

doGetAuthenticationInfo：

（1）获取身份认证信息：token.getPrincipal();
（2）SimpleAuthenticationInfo：该类有一个构造方法
第一个参数：身份信息
第二个参数：转换加密值
第三个参数：随机盐
第四个参数：自定义类名

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

public class md5realm extends AuthorizingRealm {
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String primaryPrincipal = (String) principals.getPrimaryPrincipal();
        System.out.println("身份信息："+primaryPrincipal);
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.addRole("admin");
        simpleAuthorizationInfo.addRole("user");

        simpleAuthorizationInfo.addStringPermission("user:*:01");
        return simpleAuthorizationInfo;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        String principal = (String) token.getPrincipal();
        if ("zs".equals(principal)) {
            return new SimpleAuthenticationInfo(principal,
                    "143e1036b35f0de64a15c3dc74954430",
                    ByteSource.Util.bytes("X0**"),
                    this.getName());
        }
        return null;
    }
}

认证身份信息

		DefaultSecurityManager manager = new DefaultSecurityManager();
        md5realm realm = new md5realm();

		//加密信息需要给客户端认证
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        matcher.setHashAlgorithmName("md5");
        matcher.setHashIterations(1024);
        realm.setCredentialsMatcher(matcher);

        manager.setRealm(realm);
        SecurityUtils.setSecurityManager(manager);
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken("zs", "123");
        try {
            subject.login(token);
            System.out.println("登录成功");
        } catch (UnknownAccountException e) {
            e.printStackTrace();
            System.out.println("用户名错误");
        }catch (IncorrectCredentialsException e){
            e.printStackTrace();
            System.out.println("密码错误");
        }

        if (subject.isAuthenticated()) {
//            System.out.println(subject.hasRole("user"));
//            System.out.println(subject.hasAllRoles(Arrays.asList("admin", "super")));
            boolean[] booleans = subject.hasRoles(Arrays.asList("admin","super","user"));
            for (boolean b:booleans){
                System.out.println(b);
            }
            System.out.println("=================");
            System.out.println("权限:"+subject.isPermitted("user:*:01"));
        }
    }