自定义校验:
package com.hzh.test;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.realm.AuthenticatingRealm;
public class MyRealm extends AuthenticatingRealm {
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
String username = authenticationToken.getPrincipal().toString();
if("admin".equals(username)){
String pwd = "123";
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(authenticationToken.getPrincipal(), pwd, "realname");
return info;
}
return null;
}
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(authenticationToken.getPrincipal(), pwd, "realname");
这里的info里面包含的相当于数据库中查询出来的账户和凭证
authenticationToken中包含的是用户自己输入的账户与凭证
最后在doCredentialsMatch函数中进行比较