采用shiro实现登陆验证（二）

最新推荐文章于 2023-07-30 18:32:35 发布

子沐月

最新推荐文章于 2023-07-30 18:32:35 发布

阅读量230

点赞数

分类专栏： Shiro

本文链接：https://blog.csdn.net/weixin_40251199/article/details/84818971

版权

Shiro 专栏收录该内容

4 篇文章 0 订阅

订阅专栏

5.创建Realm安全数据桥, 通过继承AuthorizingRealm的方式实现

此处只重写了 doGetAuthenticationInfo 该方法进行登陆验证，后续再介绍授权方法

package com.weixin.shiro;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import com.weixin.mapper.AdminMapper;
import com.weixin.pojo.Admin;
import com.weixin.util.MD5Util;

public class MyRealm extends AuthorizingRealm {
	
	@Autowired
	private AdminMapper adminMapper;
	

	/**
	 * 授权
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();        
        Object principal = principalCollection.getPrimaryPrincipal();//获取登录的用户名    
        if("admin".equals(principal)){               //两个if根据判断赋予登录用户权限
            info.addRole("admin");
        }
        if("user".equals(principal)){
            info.addRole("list");
        }
        
        info.addRole("user");
        
        return info;
	}
        
        /**
	 * 登陆验证
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		 //1. token 中获取登录的 username! 注意不需要获取password.
        Object principal = token.getPrincipal();
        
        //2. 利用 username 查询数据库得到用户的信息.
        Admin admin = new Admin();
        admin.setUsername((String) principal);
        admin =adminMapper.selectByNameAndPwd(admin);
        String password = "";
        
        if(admin !=null){
        	password=admin.getPassword();
        }
        String credentials = password;
        //3.设置盐值 ，（加密的调料，让加密出来的东西更具安全性，一般是通过数据库查询出来的。 简单的说，就是把密码根据特定的东西而进行动态加密，如果别人不知道你的盐值，就解不出你的密码）
        ByteSource credentialsSalt = ByteSource.Util.bytes(MD5Util.PASSWORD_SALT);
//        ByteSource bytes = ByteSource.Util.bytes((String)principal);
        
        //当前 Realm 的name
        String realmName = getName();
        //返回值实例化
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(principal, credentials,credentialsSalt,realmName);
        
        return info;
	}
	
	
	//init-method 配置. 
    public void setCredentialMatcher(){
        HashedCredentialsMatcher  credentialsMatcher = new HashedCredentialsMatcher();    
        credentialsMatcher.setHashAlgorithmName("MD5");//MD5算法加密
        credentialsMatcher.setHashIterations(1024);//1024次循环加密      
        credentialsMatcher.setStoredCredentialsHexEncoded(true);//此处决定加密密码转化为16进制(与入库时保持一致)
        setCredentialsMatcher(credentialsMatcher);
    }
    
    
    //用来测试的算出密码password盐值加密后的结果，下面方法用于新增用户添加到数据库操作的，我这里就直接用main获得，直接数据库添加了，省时间
    public static void main(String[] args) {
        String saltSource = "abcdef";    
        String hashAlgorithmName = "MD5";
        String credentials = "passwor";
        Object salt = new Md5Hash(saltSource);
        int hashIterations = 1024;            
        Object result = new SimpleHash(hashAlgorithmName, credentials, salt, hashIterations);
        System.out.println(result);
    }

}

）