重写CredentialsMatcher
package com.uwo.shiro.config;
import com.uwo.shiro.beans.User;
import org.apache.log4j.Logger;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import java.security.MessageDigest;
/**
* Created by yanhao on 2017/6/16.
*/
public class UwoCredentialsMatcher implements CredentialsMatcher {
private final Logger log = Logger.getLogger(UwoCredentialsMatcher.class);
public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) {
UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
SimpleAuthenticationInfo simpleAuthenticationInfo = (SimpleAuthenticationInfo)authenticationInfo;
// 获取salt
String salt = new String(simpleAuthenticationInfo.getCredentialsSalt().getBytes());
// 给请求密码加密 加密格式 md5(md5($pass).$salt);
String password = Md5(Md5(new String(token.getPassword())).toLowerCase() + salt).toLowerCase();
// 验证密码是否正确
return (password.equalsIgnoreCase(authenticationInfo.getCredentials().toString()));
}
private String Md5(String s) {
char hexDigits[]={'0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'};
try {
byte[] btInput = s.getBytes();
// 获得MD5摘要算法的 MessageDigest 对象
MessageDigest mdInst = MessageDigest.getInstance("MD5");
// 使用指定的字节更新摘要
mdInst.update(btInput);
// 获得密文
byte[] md = mdInst.digest();
// 把密文转换成十六进制的字符串形式
int j = md.length;
char str[] = new char[j * 2];
int k = 0;
for (int i = 0; i < j; i++) {
byte byte0 = md[i];
str[k++] = hexDigits[byte0 >>> 4 & 0xf];
str[k++] = hexDigits[byte0 & 0xf];
}
return new String(str);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
}
spring.xml配置
<bean id="credentialsMatcher" class="com.uwo.shiro.config.UwoCredentialsMatcher"></bean>
<!-- Realm实现 -->
<bean id="userRealm" class="com.uwo.shiro.config.UserRealm">
<property name="credentialsMatcher" ref="credentialsMatcher"/>
</bean>