实际开发中存在这样一种场景,同一个密码可能在MqSQL中存储,也可能在Oracle中存储,有可能MqSQL中使用的是MD5加密算法,而Oracle使用SHA1加密算法。这就需要有多个Realm以及认证策略的问题。
加入依赖
<dependencies>
<!-- https://mvnrepository.com/artifact/org.springframework/spring-context -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>4.3.21.RELEASE</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
<version>1.8.14</version>
</dependency>
<dependency>
<groupId>com.mchange</groupId>
<artifactId>c3p0</artifactId>
<version>0.9.5.3</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
<version>4.3.21.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
<version>4.3.21.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>4.3.21.RELEASE</version>
</dependency>
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis-spring</artifactId>
<version>1.3.2</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.47</version>
</dependency>
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis</artifactId>
<version>3.4.6</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
</dependency>
<dependency>
<groupId>jstl</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>taglibs</groupId>
<artifactId>standard</artifactId>
<version>1.1.2</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.7.25</version>
</dependency>
<!-- shiro相关的依赖 -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.2.3</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>1.2.3</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.47</version>
</dependency>
</dependencies>
spring配置
applicationContext-Base.xml
<context:component-scan base-package="com.hrm.service.impl"/>
<!-- 引入配置文件 -->
<context:property-placeholder location="classpath:resource/*.properties" />
<!-- 设置DataSource -->
<bean class="com.mchange.v2.c3p0.ComboPooledDataSource"
id="dataSource">
<property name="driverClass" value="${driver}"></property>
<property name="jdbcUrl" value="${url}"></property>
<property name="user" value="${user_name}"></property>
<property name="password" value="${password}"></property>
</bean>
<!-- 整合Mybatis -->
<bean class="org.mybatis.spring.SqlSessionFactoryBean">
<!-- 设置对应的配置文件 -->
<property name="configLocation"
value="classpath:mybatis/mybatis-cfg.xml" />
<!-- 设置别名 -->
<property name="typeAliasesPackage" value="com.hrm.pojo" />
<!-- 关联数据源 -->
<property name="dataSource" ref="dataSource"></property>
</bean>
<!-- 配置扫描的路径 -->
<bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
<property name="basePackage" value="com.hrm.mapper" />
</bean>
**在spring中配置shiro **
applicationContext-Shiro.xml
<!-- 定义凭证匹配器 -->
<bean
class="org.apache.shiro.authc.credential.HashedCredentialsMatcher"
id="credentialsMatcher">
<!-- 配置散列算法 -->
<property name="hashAlgorithmName" value="md5" />
<!-- 配置散列次数 -->
<property name="hashIterations" value="1024" />
</bean>
<!-- 定义凭证匹配器 -->
<bean
class="org.apache.shiro.authc.credential.HashedCredentialsMatcher"
id="credentialsMatcherS">
<!-- 配置散列算法 -->
<property name="hashAlgorithmName" value="sha1" />
<!-- 配置散列次数 -->
<property name="hashIterations" value="1024" />
</bean>
<!-- 注册自定义Realm -->
<bean class="com.hrm.realm.MyRealm" id="myRealm">
<!-- 配置凭证匹配器 -->
<property name="credentialsMatcher" ref="credentialsMatcher" />
</bean>
<!-- 注册自定义Realm -->
<bean class="com.hrm.realm.MyRealmS" id="myRealmS">
<!-- 配置凭证匹配器 -->
<property name="credentialsMatcher" ref="credentialsMatcherS" />
</bean>
<!-- 注册SecurityManager -->
<bean class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"
id="securityManager">
<!-- 配置自定义Realm -->
<property name="authenticator">
<bean
class="org.apache.shiro.authc.pam.ModularRealmAuthenticator">
<property name="authenticationStrategy"> <!-- 至少有一个Realm认证通过 -->
<bean
class="org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy" />
</property>
</bean>
</property>
<property name="realms">
<list>
<ref bean="myRealm" />
<ref bean="myRealmS" />
</list>
</property>
</bean>
<!-- 注册ShiroFilterFactoryBean 注意id必须和web.xml中注册的targetBeanName的值一致 -->
<bean class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"
id="shiro">
<!-- 注册SecurityManager -->
<property name="securityManager" ref="securityManager" />
<!-- 登录地址 如果用户请求的的地址是 login.do 那么会对该地址认证 -->
<property name="loginUrl" value="/login.do" />
<!-- 登录成功的跳转地址 -->
<property name="successUrl" value="jsp/success.jsp" />
<!-- 访问未授权的页面跳转的地址 -->
<property name="unauthorizedUrl" value="jsp/refuse.jsp" />
<!-- 设置 过滤器链 -->
<property name="filterChainDefinitions">
<value>
<!--加载顺序从上往下。 authc需要认证 anon可以匿名访问的资源 -->
/login.do=authc
/login.jsp=anon
/**=authc
/**=rememberMe,user <!-- 必须配置为 user级别,authc级别的rememberMe没有效果 -->
</value>
</property>
</bean>
springmvc配置文件
<context:component-scan
base-package="com.hrm.controller"></context:component-scan>
<!-- 开启SpringMVC注解的方式 -->
<mvc:annotation-driven>
<mvc:message-converters>
<bean
class="com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter" />
</mvc:message-converters>
</mvc:annotation-driven>
<!-- 防止资源文件被spring MVC拦截 -->
<mvc:resources mapping="/img/**" location="/img/"
cache-period="31556926" />
<mvc:resources mapping="/js/**" location="/js/"
cache-period="31556926" />
<mvc:resources mapping="/css/**" location="/css/"
cache-period="31556926" />
<!-- 配置视图解析器 -->
<bean
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<!-- 设置前后缀 -->
<property name="prefix" value="/jsp/" />
<property name="suffix" value=".jsp" />
</bean>
自定义realm多认证
自定义reaml需要继承AuthorizingRealm,重写doGetAuthenticationInfo认证方法
MyRealm extends AuthorizingRealm
/**
* 认证的方法
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// 获取登录的账号
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String username = upToken.getUsername();
System.out.println("登录提交的账号:" + username);
// 去数据库中查询
List<User> list = userService.login(username);
if (list == null || list.size() != 1) {
return null;
}
User user = list.get(0);
System.out.println("user:" + user);
return new SimpleAuthenticationInfo(user.getUsername(), user.getPwd(), new SimpleByteSource(user.getSalt()),
"myrealm");
}
MyRealmS extends AuthorizingRealm
/**
* 认证的方法
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// 获取登录的账号
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String username = upToken.getUsername();
System.out.println("登录提交的账号:"+username);
// 去数据库中查询
List<SUser> list = userService.loginS(username);
if(list == null || list.size() != 1){
return null;
}
SUser suser = list.get(0);
System.out.println("suser:"+suser);
return new SimpleAuthenticationInfo(suser.getUsername()
, suser.getPwd()
, new SimpleByteSource(suser.getSalt())
, "myrealmS");
}
Service
public interface IUserService {
public List<User> selUser();
public List<User> login(String username);
public List<SUser> loginS(String username);
}
@Service
public class UserService implements IUserService{
@Autowired
private UserMapper userMapper;
@Override
public List<User> selUser() {
// TODO Auto-generated method stub
UserExample example = new UserExample();
List<User> list = userMapper.selectByExample(example);
return list;
}
@Override
public List<User> login(String username) {
// TODO Auto-generated method stub
UserExample example = new UserExample();
Criteria criteria = example.createCriteria();
criteria.andUsernameEqualTo(username);
List<User> list = userMapper.selectByExample(example);
return list;
}
@Override
public List<SUser> loginS(String username) {
// TODO Auto-generated method stub
SUser sUser = new SUser();
sUser.setUsername(username);
List<SUser> list = userMapper.selSUser(sUser);
return list;
}
}
pojo
mapper
在映射文件里多加一条自定义的语句
<!-- 自定义 -->
<select id="selSUser" parameterType="com.hrm.pojo.SUser" resultType="com.hrm.pojo.SUser">
select * from suser where username = #{username}
</select>
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<!-- 加载spring容器 -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring/applicationContext-*.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>spring-mvc</servlet-name>
<!-- 中央处理器or前端控制器 -->
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<!-- 配置文件 -->
<param-value>classpath:spring/spring-mvc.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>spring-mvc</servlet-name>
<!-- 映射路径 -->
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- spring框架提供的字符集过滤器 -->
<!-- spring Web MVC框架提供了org.springframework.web.filter.CharacterEncodingFilter用于解决POST方式造成的中文乱码问题 -->
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<!-- 过滤器映射 -->
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<!--file的匹配规则 -->
<!--拦截url去除上下文后的映射路径/后的所有 -->
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- shiro过虑器,DelegatingFilterProxy通过代理模式将spring容器中的bean和filter关联起来 -->
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<!-- 设置true由servlet容器控制filter的生命周期 -->
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
<!-- 设置spring容器filter的bean id,如果不设置则找与filter-name一致的bean -->
<init-param>
<param-name>targetBeanName</param-name>
<param-value>shiro</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
MD5加密
/**
* 对123加密,
* 盐值(salt):zsl
* 迭代次数:1024
* 加密结果:70fc2a964652cf72d7f67022a7951e51
* a310123016665d638c4b2c0f2c11ca91
* @author Administrator
*
*/
public class MD5Test {
public static void main(String[] args) {
Md5Hash mdh = new Md5Hash("123", "zsl", 1024);
System.out.println(mdh);
//70fc2a964652cf72d7f67022a7951e51
}
}
SHA1加密
/**
* 对sha加密,
* 盐值(salt):zsl
* 迭代次数:1024
* 加密结果:400e8f0c7ab7c1b7de7e42342ded4d30f05ddf3c
*
* @author Administrator
*
*/
public class Sha1Test {
public static void main(String[] args) {
Sha1Hash sha1 = new Sha1Hash ("sha", "zsl", 1024);
System.out.println(sha1);
//400e8f0c7ab7c1b7de7e42342ded4d30f05ddf3c
}
}
数据表
user
suser