package test;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
public class Shiro_MD5Test {
public static void main(String[] args) {
IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro_Md5.ini");
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken("nd", "123456");
try {
subject.login(token);
if (subject.isAuthenticated()){
System.out.println("登陆成功");
}
}catch (Exception e){
System.out.println("登录失败");
}
}
}package realm;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
public class UserRealm extends AuthorizingRealm {
//授权方法
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}
//认证方法
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
try {
Class.forName("com.mysql.cj.jdbc.Driver");
Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/shiro?useUnicode=true&characterEncoding=utf8&useSSL=false","root","123456");
PreparedStatement preparedStatement = connection.prepareStatement("select userpassword from user where username = ?");
//获取用户输入的用户名,插入到语句中
preparedStatement.setString(1, (String) authenticationToken.getPrincipal());
ResultSet resultSet = preparedStatement.executeQuery();
while (resultSet.next()){
//根据用户输入的用户名去比较密码是否一致
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(authenticationToken.getPrincipal(), resultSet.getString("userpassword"), ByteSource.Util.bytes("lf"), "userRealm");
//如果有值则返回
return info;
}
}catch (Exception e){
System.out.println("认证方法异常");
}
return null;
}
}[main]
credentialsMatcher=org.apache.shiro.authc.credential.HashedCredentialsMatcher
#设置加密的类型
credentialsMatcher.hashAlgorithmName=md5
#设置迭代的次数
credentialsMatcher.hashIterations=2
#配置realm
userRealm=realm.UserRealm
userRealm.credentialsMatcher=$credentialsMatcher
securityManager.realms=$userRealm
这个加密是怎么执行的,他们各个语句之间执行顺序是什么,越学越蒙了,麻烦详细说一下
京公网安备 11011402011233号