package com.shiro.shirorealm;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.apache.shiro.util.ByteSource;
public class ShiroRealm extends AuthenticatingRealm{
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
System.err.println("doGetAuthenticationInfo"+token);
/**
* 1.把AuthenticationToken 转换为 UsernamePasswordToken
* 2.从UsernamePasswordToken 中获取 username
* 3.调用数据库的方法,从数据库中查询username对于的记录
* 4.若用户不存在,则可以抛出 UnknownAccountException 异常
* 5.根据用户信息的情况决定其他的 AuthenticationException 异常
* 6.根据用户的情况来构建 AuthenticationInfo 对象并返回
*/
UsernamePasswordToken uptoken = (UsernamePasswordToken) token;
uptoken.getPassword();
String username = uptoken.getUsername();
if("java".equals(username)){
throw new UnknownAccountException("用户名不存在!");
}
if("javaScript".equals(username)){
throw new LockedAccountException("用户被锁定!");
}
/**
* principals 认证的实体信息,也可以是数据表对应的实体类对象
* credentials 从数据表中的密码
* realmName 当前realm对象的name,调用父类的getName()方法即可
*/
Object principals = username;
Object credentials = null; //"fc1709d0a95a6be30bc5926fdb7f22f4";//密码123456加密后的字符串
if("admin".equals(username)){
credentials = "038bdaf98f2037b31f1e75b5b4c9b26e";//通过盐值(使用用户名作为盐值)加密后的密码
}
if("python".equals(username)){
credentials = "94c5e78f0e979649980cae556b8dae0f";//通过盐值(使用用户名作为盐值)加密后的密码
}
String realmName = getName();
/**
* 当两个人的密码一样的时候,需要加一点盐值,提高更大的难度,增强其安全性 credentialsSalt
*/
ByteSource credentialsSalt = ByteSource.Util.bytes(username);
SimpleAuthenticationInfo info = null; //new SimpleAuthenticationInfo(principals, credentials, realmName);
info = new SimpleAuthenticationInfo(principals, credentials, credentialsSalt, realmName);
return info;
}
public static void main(String[] args) {
String algorithmName = "MD5";//加密的算法
Object source = "123456";//加密前的原密码
Object salt = ByteSource.Util.bytes("python");;//盐值 为 参数必须唯一
int hashIterations = 1024;//加密的次数
Object result = new SimpleHash(algorithmName, source, salt, hashIterations);
System.out.println(result);
}
}
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.apache.shiro.util.ByteSource;
public class ShiroRealm extends AuthenticatingRealm{
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
System.err.println("doGetAuthenticationInfo"+token);
/**
* 1.把AuthenticationToken 转换为 UsernamePasswordToken
* 2.从UsernamePasswordToken 中获取 username
* 3.调用数据库的方法,从数据库中查询username对于的记录
* 4.若用户不存在,则可以抛出 UnknownAccountException 异常
* 5.根据用户信息的情况决定其他的 AuthenticationException 异常
* 6.根据用户的情况来构建 AuthenticationInfo 对象并返回
*/
UsernamePasswordToken uptoken = (UsernamePasswordToken) token;
uptoken.getPassword();
String username = uptoken.getUsername();
if("java".equals(username)){
throw new UnknownAccountException("用户名不存在!");
}
if("javaScript".equals(username)){
throw new LockedAccountException("用户被锁定!");
}
/**
* principals 认证的实体信息,也可以是数据表对应的实体类对象
* credentials 从数据表中的密码
* realmName 当前realm对象的name,调用父类的getName()方法即可
*/
Object principals = username;
Object credentials = null; //"fc1709d0a95a6be30bc5926fdb7f22f4";//密码123456加密后的字符串
if("admin".equals(username)){
credentials = "038bdaf98f2037b31f1e75b5b4c9b26e";//通过盐值(使用用户名作为盐值)加密后的密码
}
if("python".equals(username)){
credentials = "94c5e78f0e979649980cae556b8dae0f";//通过盐值(使用用户名作为盐值)加密后的密码
}
String realmName = getName();
/**
* 当两个人的密码一样的时候,需要加一点盐值,提高更大的难度,增强其安全性 credentialsSalt
*/
ByteSource credentialsSalt = ByteSource.Util.bytes(username);
SimpleAuthenticationInfo info = null; //new SimpleAuthenticationInfo(principals, credentials, realmName);
info = new SimpleAuthenticationInfo(principals, credentials, credentialsSalt, realmName);
return info;
}
public static void main(String[] args) {
String algorithmName = "MD5";//加密的算法
Object source = "123456";//加密前的原密码
Object salt = ByteSource.Util.bytes("python");;//盐值 为 参数必须唯一
int hashIterations = 1024;//加密的次数
Object result = new SimpleHash(algorithmName, source, salt, hashIterations);
System.out.println(result);
}
}