标签:new info getpass 安全 pre hal byte 定义 source
1,安全管理器管理Realm
/** * 安全管理器 * @return */ @Bean public SecurityManager securityManager(){ DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager(); //设置realm defaultWebSecurityManager.setRealm(myShiroRealm()); //返回DefaultWebSecurityManager return defaultWebSecurityManager; }
2,Realm设置密码加密规则
/** * 自定义Realm * @return */ @Bean public MyShiroRealm myShiroRealm(){ MyShiroRealm myShiroRealm = new MyShiroRealm(); myShiroRealm.setCredentialsMatcher(hashedCredentialsMatcher()); return myShiroRealm; }
3,密码验证
@Bean public HashedCredentialsMatcher hashedCredentialsMatcher(){ HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher(); hashedCredentialsMatcher.setHashAlgorithmName("md5");//散列算法:这里使用MD5算法; hashedCredentialsMatcher.setHashIterations(2);//散列的次数,比如散列两次,相当于 md5(md5("")); return hashedCredentialsMatcher; }
4,Realm中进行密码匹配
AuthenticatingRealm使用CredentialsMatcher进行密码匹配,如果觉得人家的不好可以在此判断或自定义实现
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(shiroUser,shiroUser.getPassword(),
ByteSource.Util.bytes(username),getName());
标签:new info getpass 安全 pre hal byte 定义 source
原文地址:https://www.cnblogs.com/inspred/p/10792190.html
