Shiro散列配置
- HashedCredentialsMatcher
- 自定义Relam中使用散列
- 盐的使用
自定义relam
package com.example.shiro2020.training;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
/**
* @author navy
* @version 1.0
* @date 2020-02-15 21:40
*/
public class CustomRelam extends AuthorizingRealm {
Map<String,String> userMap = new HashMap<>(16);
{
userMap.put("Mark","cce40107ab022be9efbd1954d8e3918a");
super.setName("customRealm");
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals)
{
String username = (String) principals.getPrimaryPrincipal();
Set<String> roles = getRolesByUserName(username);
Set<String> permissions = getPermissionsByUserName(username);
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
simpleAuthorizationInfo.setRoles(roles);
simpleAuthorizationInfo.addStringPermissions(permissions);
return simpleAuthorizationInfo;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
SimpleAuthenticationInfo authenticationInfo = null;
//1,从主体传过来的认证信息中,获得用户名
String username = (String) token.getPrincipal();
//2,通过用户名到数据库中获取凭证
String password = getPasswordByUserName(username);
if (password != null) {
authenticationInfo = new SimpleAuthenticationInfo("Mark", password, "customRealm");
}
//设置加盐
authenticationInfo.setCredentialsSalt(ByteSource.Util.bytes("navy"));
return authenticationInfo;
}
//模拟数据库
private String getPasswordByUserName(String username) {
return userMap.get(username);
}
private Set<String> getRolesByUserName(String username) {
Set<String> sets = new HashSet<>();
sets.add("admin");
sets.add("user");
return sets;
}
private Set<String> getPermissionsByUserName(String username) {
Set<String> sets = new HashSet<>();
sets.add("user:delete");
sets.add("user:add");
return sets;
}
//main快捷见pvsm
public static void main(String[] args) {
Md5Hash md5Hash = new Md5Hash("123456","navy");
System.out.println(md5Hash.toString());
}
}
测试relam
package com.example.shiro2020.training;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.SimpleAccountRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Before;
import org.junit.Test;
/**
* @author navy
* @version 1.0
* @date 2020-02-16 13:11
*/
public class CustomRealmTest {
SimpleAccountRealm simpleAccountRealm = new SimpleAccountRealm();
@Before
public void addUser(){
simpleAccountRealm.addAccount("Mark1","123456","admin");
}
@Test
public void testAuthentication() {
CustomRelam customRelam = new CustomRelam();
//1,构建SecurityManager环境
DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
defaultSecurityManager.setRealm(customRelam);
//***设置加密***
HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
hashedCredentialsMatcher.setHashAlgorithmName("md5");
hashedCredentialsMatcher.setHashIterations(1);
customRelam.setCredentialsMatcher(hashedCredentialsMatcher);
//2,主体提交认证请求
SecurityUtils.setSecurityManager(defaultSecurityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("Mark","123456");
subject.login(token);
System.out.println("1"+subject.isAuthenticated());
/* subject.checkRole("admin");
subject.checkPermissions("user:add","user:delete");*/
}
}
成功的特征是最后一行返回为true,如下图所示:
更多技术文章请关注公众号:架构师Plus,
扫码添加