先看一下我现在的controller:
@RequestMapping("/login")
public String login(String name,String password,Model model) {
Subject subject= SecurityUtils.getSubject();
AuthenticationToken token1=new UsernamePasswordToken(name,password);
UsernamePasswordToken token=new UsernamePasswordToken(name,password);
try {
subject.login(token1); //执行登录的方法
return "index";
}
catch (IncorrectCredentialsException e){ //密码错误的异常
model.addAttribute("msg","密码错误");
return "login";
}
catch (Exception e){ //用户不存在的异常
model.addAttribute("msg","用户名错误");
return "login";
}
}
这里我已经新建了Token,然后在subject,login(token)里也已经传入了,再看我的认证方法:
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
System.out.println("执行了认证->Authentication");
String username="root";
String password="root";
UsernamePasswordToken token=(UsernamePasswordToken)authenticationToken;
System.out.println(token);
System.out.println(token.getUsername());
if(!token.getUsername().equals(username)){
return null; //返回null值即为出错。 抛出UnknowUsernamePasswordException
}
return new SimpleAuthenticationInfo("",password,""); //密码认证,shiro自动帮我们做
}
上面打印的token是:
org.apache.shiro.authc.UsernamePasswordToken - null, rememberMe=false
就是这里的时候我报错了:
java.lang.NullPointerException: null
at com.example.springshiro.config.UserRealm.doGetAuthenticationInfo(UserRealm.java:18) ~[classes/:na]
at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:571) ~[shiro-core-1.5.3.jar:1.5.3]
这个报错说的是token参数为null,也就是login里面的实参没有传到这里。。
暂未解决
好了,我就只是发现了有这个问题,但是具体的解决办法我还没有发现,如果谁知道解决办法希望在评论区说一下
2020.11.23已解决:
解决代码:
@RequestMapping("/validate")
@ResponseBody
public String asign(String username, String password){
System.out.println("username:"+username+"\n"+"password:"+password);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
try {
subject.login(token); //执行登录方法,不通过有异常.
return "true";
}
catch (UnknownAccountException e){
e.printStackTrace();
return "false";
}
catch (IncorrectCredentialsException e){
e.printStackTrace();
return "false";
}
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
System.out.println("正在执行认证");
UsernamePasswordToken token1=(UsernamePasswordToken)token;
queryWrapper.select().eq("username",token1.getUsername());
return new SimpleAuthenticationInfo(xxxxx,xxxxx.getPassword(),""); //密码shiro自动帮我们做
}
可以看到差的其实就只有在controlller里面的token1 和token ,本应该使用token这个对象进入shiro的。
但是也有可能是shiro的版本导致的问题:
我已解决时的shiro依赖:
<!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-spring -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.5.3</version>
</dependency>